3Com Router 3000 Ethernet Family
Configuration Guide
You are recommended to use the application layer detection together with TCP/UDP
detection, for a configuration of TCP/UDP detection without application layer protocol
might cause packet return failures.
Note:
For Telnet applications, just configure generic TCP detection to implement ASPF
function.
6.3.4 Applying ASPF Policy on Specified Interface
The interface stream detection will take effect only after applying the pre-defined ASPF
policy on the external interface.
Perform the following configuration in interface view.
Table 6-14 Apply ASPF policy on specified interface
Configure ASPF detection policy in
specified interface
Delete
applied in the interface
As ASPF saves and maintains application layer protocol status based on interface, you
must ensure that the originating and response packets for a connection are sent out
and received on the same interface.
6.3.5 Configuring a Port Mapping Entry
Perform the following configuration in system view.
Table 6-15 Configure PAM
Configure the generic PAM function.
Delete the user-configured generic PAM.
Configure PAM for a host.
Operation
the
ASPF
detection
Operation
3Com Corporation
Chapter 6 Firewall Configuration
firewall
aspf
{ inbound | outbound }
policy
undo firewall aspf aspf-policy-number
{ inbound | outbound }
port-mapping application-name port
port-number
undo
application-name port port-number
port-mapping application-name port
port-number acl acl-number
6-14
Command
aspf-policy-number
Command
port-mapping