Firewall > Advanced

The Firewall > Advanced page provides information on configuring advanced access rule options.

Detection Prevention

Dynamic Ports

Source Routed Packets

Drop source routed IP packets - Selected by default. Clear this checkbox if you are testing traffic between two specific hosts and you are using source routing.


Check Disable Gateway AV and IPS Engine (increases maximum SPI connections) if you want to enable more connections at the expense of the Gateway Anti-Virus and Intrusion Prevention services.

TCP Connection Inactivity Timeout

If a connection to a remote server remains idle for more than five minutes, the SonicWALL closes the connection. Without this timeout, Internet connections could stay open indefinitely, creating potential security holes. You can increase the inactivity timeout if applications, such as Telnet and FTP, are frequently disconnected. Enter the new timeout value in the Default Connection Timeout (minutes) field.

Access Rule Service Options

Force inbound and outbound FTP data connections to use the default port 20 - The default SonicWALL configuration allows FTP connections from port 20 but remaps outbound traffic to a port such as 1024. If the check box is selected, any FTP data connection through the SonicWALL must come from port 20 or the connection is dropped. The event is then logged as an event on the SonicWALL.

Help Table of Contents