Define IP Fragmented Blocking

The IP Fragmented page enables blocking fragmented IP packets.

To configure fragmented IP blocking:

  1. Click Security > Denial of Service Prevention > IP Fragments Filtering. The IP Fragments Filtering page displays.
  2. Click Add. The Add IP Fragments Filtering page displays.
  3. Enter the parameters.
    • Interface--Select the interface on which the IP fragmentation is being defined.
    • IP Address--Enter an IP network from which the fragmented IP packets is filtered or select All Addresses to block IP fragmented packets from all addresses. If you enter the IP address, enter either the mask or prefix length.
    • Network Mask--Select the format for the subnet mask for the source IP address, and enter a value in one of the field:
      • Mask--Select the subnet to which the source IP address belongs and enter the subnet mask in dotted decimal format.
      • Prefix Length--Select the Prefix Length and enter the number of bits that comprise the source IP address prefix.
  4. Click Apply. The IP fragmentation is defined, and the Running Configuration file is updated.