Because customers can only use the tunnel created by the FEP, it is called compulsory tunnel. Once the initial connection is successful, all clients of the data flow will be automatically sent through the tunnel. Use of compulsory tunnel, the client computer to establish a single PPP connection, the time when customers dial-in NAS, a tunnel will be created, all of the data flow automatically routed through the tunnel. FEP can be configured for all dial-up customers to a specific tunnel server creates a tunnel, you can also configure a different user name on FEP or destination to create a different tunnel.
5. Realize the remote access user security audits and real-time monitoring and blocking; 6. Using asynchronous communication with the RADIUS way to ensure that multiple IKE negotiation can be conducted; 7. IKE configuration to increase the exchange, consultations for remote access users configure the internal network address. As technology advances, there will be a new authentication method, making the management more convenient for users to access more secure. To execute the corresponding instructions, the back door of the indicators used can be a specific IP address, a TCP flag, or even a no open ports. As Cd00r and SAdoor backdoor is like this. Sniffing-style rear door can work in promiscuous mode, you can also work in non-promiscuous mode. . Non-promiscuous mode sniffing-style back door, only to monitor the local traffic, only the threat of a vulnerable system to play the role. The promiscuous mode is set to the back door, you can monitor other hosts on the Ethernet communications data, this model will seriously troubled by the network security administrator. Consider the following situation: in the DMZ zone attacker web servers are located on one of sniffing-style back door, monitoring