CLI Reference Guide

ManualsBrandsDell ManualsComputer equipmentPowerConnect W-6000

261

262

263

264

265

266

267

268

269

270

Parameter Description Range Default

gre-call-id-processing Creates a unique state for each PPTP tunnel. Do not

enable this option unless instructed to do so by a

technical support representative.

— disabled

imm-fb Immediately free buffers on W-7200 series

controllers. Do not enable this option unless

instructed to do so by a technical support rep-

resentative.

— —

local-valid-users Adds only IP addresses, which belong to a local

subnet, to the user-table.

— disabled

log-icmp-error Logs received ICMP errors. Do not enable this option

unless instructed to do so by a technical support

representative.

— disabled

prevent-dhcp-exhaustion Enable check for DHCP client hardware address

against the packet source MAC address. This com-

mand checks the frame's source-MAC against the

DHCPv4 client hardware address and drops the

packet if it does not match. Enabling this feature pre-

vents a client from submitting multiple DHCP

requests with different hardware addresses, thereby

preventing DHCP pool depletion.

— disabled

prohibit-arp-spoofing Detects and prohibits arp spoofing. When this option

is enabled, possible arp spoofing attacks are logged

and an SNMP trap is sent.

— disabled

prohibit-ip-spoofing Detects IP spoofing (where an intruder sends

messages using the IP address of a trusted client).

When this option is enabled, source and destination

IP and MAC addresses are checked; possible IP

spoofing attacks are logged and an SNMP trap is

sent.

— enabled in

IPv4

disabled in

IPv6

prohibit-rst-replay Closes a TCP connection in both directions if a TCP

RST is received from either direction. You should not

enable this option unless instructed to do so by an

Dell representative.

— disabled

public-access Enables a public access mode. — —

session-idle-timeout Time, in seconds, that a non-TCP session can be idle

before it is removed from the session table. You

should not modify this option unless instructed to do

so by an Dell representative.

16-259 15 seconds

session-mirror-destination Destination to which mirrored packets are sent. This

option is used only for troubleshooting or debugging.

Packets can be mirrored in multiple ACLs, so only a

single copy is mirrored if there is a match within

more than one ACL.

You can configure the following

l Ethertype to be mirrored with the Ethertype ACL

mirror option. See "ip access-list eth" on page

338.

l IP flows to be mirrored with the session ACL

— —

Dell PowerConnect W-Series ArubaOS 6.2 | Reference Guide firewall | 265