BT Versatility
Broadband Module/Broadband Module Plus Manual
68
Application Level Gateways
There are certain applications that NAT and Firewall configurations cannot manage. In many
cases, ALGs (Application Level Gateways) are needed to translate and transport packets
correctly. An ALG provides a service for a specific application such as FTP (File Transfer
Protocol). Incoming packets are checked against existing NAT rules or Firewall filters, IP
addresses are evaluated and detailed packet analysis is performed. If necessary, the content of a
packet is modified, and if a secondary port is required, the ALG will open one. The ALG for each
application does not require any configuration.
ALG support is provided for the following applications. If support is required for additional
applications, security triggers can be configured for these.
Application
TCP Port
UDP Port
AIM (AOL Instant Messenger)
5190
N/A
FTP (File Transfer Protocol)
21
N/A
IKE (Internet Key Exchange)
N/A
500
ILS (Internet Locator Service)
389 (+1002)
N/A
MSN (Microsoft Networks)
1863
N/A
PPTP (Point-to-Point Tunnelling
Protocol)
1723 N/A
RSVP (Resource Reservation Protocol)
N/A
N/A
L2TP (Layer 2 Tunnelling Protocol)
N/A
1701
SIP (Session Initiation Protocol)
5060
5060
Security Trigger
A security trigger can be defined for applications that are not supported by the ALGs listed
above. A security trigger allows the firewall to dynamically open and close secondary ports
associated with a particular application and to specify the maximum length of time the port
remains open.
•
Select “Security Trigger Configuration …”
The following screen is displayed