KR.2N
Wireless-N Broadband Router 300Mbps / 2T2R
36 www.kraun.it
Add: After edit the rule, click the “Add” button to add the current entry to port triggering list.
Apply: Click “Apply” to activate the current rule.
Cancel: Click “Cancel” to drop all setting saved last time.
Note: The special application can be only used on one PC. If there is more than one
PC to open the same triggering port, the external port will be connected to the
last device requesting the application.
8.4 ALG Service Setting
ALG (Application Layer Gateway), in the context of computer networking, consists of a
security component that augments a firewall or NAT employed in a computer network. It
allows customized NAT traversal filters to be plugged into the gateway to support address and
port translation for certain application layer "control/data" protocols such as FTP, Bit Torrent,
SIP, RTSP, file transfer applications etc.
In order for these protocols to work through NAT or a firewall, either the application has to
know about an address/port number combination that allows incoming packets, or the NAT
has to monitor the control traffic and open up port mappings (firewall pinhole) dynamically as
required. Legitimate application data can thus be passed through the security checks of the
firewall or NAT that would have otherwise restricted the traffic for not meeting its limited filter
criteria.
Usually allowing client applications to use dynamic ephemeral TCP/ UDP ports to
communicate with the known ports used by the server applications, even though a firewall-
configuration may allow only a limited number of known ports. In the absence of an ALG,
either the ports would get blocked or the network administrator would need to explicitly open
up a large number of ports in the firewall; rendering the network vulnerable to attacks on those
ports.
In the default ALG settings, the following protocols have enabled. It is recommended to keep
the settings unchanged.
1, FTP
2, TFTP
3, PPTP
4, IPSec
5, L2TP