The Sip Alg - D-Link DFL-1660 User Manual
Network security firewall
Hide thumbs
Also See for DFL-1660:
- User manual (483 pages) ,
- Installation manual (45 pages) ,
- Reference manual (948 pages)
Table of Contents
Advertisement
6.2.8. The SIP ALG
Setting up the PPTP ALG is similar to the set up of other ALG types. The ALG object must be
associated with the relevant service and the service is then associated with an IP rule. The full
sequence of steps for setup is as follows:
•
Define a new PPTP ALG object with an appropriate name, for example pptp_alg. The full list of
options for the ALG are listed towards the end of this section.
•
Associate the new ALG object with an appropriate Service object. The predefined service called
pptp-ctl can be used for this purpose.
Alternatively, a new custom service object can be defined, for example called pptp_service. The
service must have the following characteristics:
i.
Select the Type (the protocol) as TCP.
ii.
The Source port range can be the default of 0-65535.
iii. Set the Destination port to be 1723.
iv. Select the ALG to be the PPTP ALG object that was defined in the first step. In this case, it
was called pptp_alg.
•
Associate this service object with the NAT IP rule that permits the traffic to flow from clients to
the remote endpoint of the PPTP tunnel. This may be the rule that NATs the traffic out to the
Internet with a destination network of all-nets.
The single IP rule below shows how the custom service object called pptp_service is associated
with a typical NAT rule. The clients, which are the local end point of the PPTP tunnels, are
located behind the firewall on the network lannet which is connected to the lan interface. The
Internet is found on the wan interface which is the destination interface, with all-nets as the
destination network.
Action
NAT
PPTP ALG Settings
The following settings are available for the PPTP ALG:
Name
Echo timeout
Idle timeout
In most cases only the name needs to be defined and the other settings can be left at their defaults.
6.2.8. The SIP ALG
Overview
Session Initiation Protocol (SIP) is an ASCII (UTF-8) text based signalling protocol used to
establish sessions between clients in an IP network. It is a request-response protocol that resembles
HTTP and SMTP. The session which SIP sets up might consist of a Voice-Over-IP (VoIP)
telephone call or it could be a collaborative multi-media conference. Using SIP with VoIP means
that telephony can become another IP application which can integrate into other services.
Src Interface
Src Network
lan
lannet
A descriptive name for the ALG.
Idle timeout for Echo messages in the PPTP tunnel.
Idle timeout for user traffic messages in the PPTP tunnel.
297
Chapter 6. Security Mechanisms
Dest Interface
Dest Network
wan
all-nets
Service
pptp_service
- Quick Links:
- The Cli
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
