Options

From Edge Threat Management Wiki - Arista
Revision as of 21:37, 1 September 2017 by Dmorris (talk | contribs)
Jump to navigationJump to search

Options

Options contains some global networking options.

  • Enable SIP NAT Helper
    • This enables the kernel SIP NAT fixup. Most SIP solutions handle NAT on their own, but sometimes rewriting of address inside SIP by the NAT device is necessary. Enabling this will enable bypassed SIP sessions to be rewritten in the kernel. Default is off.
  • Send ICMP Redirects
    • ICMP Redirects are used to alert machines if a shorter route is available. Default is on.
  • DHCP Authoritative
    • If enabled, all DHCP serving is authoritative. Default is on. DHCP Authoritative is documented here.
  • Block new sessions during network configuration
    • If enabled, all sessions will be blocked (dropped) when network settings changes are applied. This will provide increased security for router mode deployments and is not recommended for bridged mode deployments. The default setting is disabled.
  • Log bypassed sessions
    • If enabled, bypassed sessions will be logged to the sessions table
  • Log outbound local sessions
    • If enabled, bypassed sessions created by the Untangle server itself will be logged to the sessions table
  • Log inbound local sessions
    • If enabled, bypassed sessions to the Untangle server itself will be logged to the sessions table
  • Log blocked sessions
    • If enabled, all sessions blocked by filter rules or NAT or the shield will be logged to the sessions table.