Overview
This article provides information about advanced Security features such as Anti-spoofing and DHCP scopes blocking and the steps to configure them.
Preconditions
Information
Anti-Spoofing
Anti-spoofing comes into play when a packet is seen at an interface where it should not be. If this occurs, the following entries might be reported in the Security logs:
[27/Oct/2019 00:41:20] {pktdrop} packet dropped:
Anti-spoofing (from Cable, proto:UDP, len:334, XX.XX.XX.XXX:XXXX
-> XX.XX.XX.XXX:XXXX, udplen:306)
[27/Oct/2019 00:41:20] {pktdrop} packet dropped:
Anti-spoofing (from Fiber, proto:UDP, len:96, XX.XX.XX.XXX:XXX ->
XX.XX.XX.XXX:XXX, udplen:68)
Anti-spoofing has the potential to block legitimate Network traffic. It can be configured through the Kerio Control Webadmin.
- Open Configuration -> Security Settings -> Miscellaneous tab.
- Modify the Enable Anti-spoofing checkbox (by checking or unchecking the options).
Occasionally, when the Network traffic is not correctly routed (missing route definitions), it is recommended to configure the Static Routes in the Kerio Control Routing Table.
DHCP Scopes Security
DHCP Scopes Blocking is coming as a Security feature to protect the built-in DHCP server. It allows blocking unassigned IP addresses that are not configured in the DHCP server settings. It can also be applied for a specific Network Interface.
These settings can be changed in Configuration -> Security Settings -> Miscellaneous tab under the DHCP scopes section.
Related Articles