Alg Screen; Chapter 30 Alg Screen; Overview; What You Need To Know About Alg - ZyXEL Communications 5 Series User Manual

C
H A P T E R

30.1 Overview

This chapter covers how to use the ZyWALL's ALG feature to allow certain applications to
pass through the ZyWALL.
An Application Layer Gateway (ALG) manages a specific protocol (such as SIP, H.323 or
FTP) at the application layer. The ZyWALL can function as an ALG to allow certain NAT un-
friendly applications (such as SIP) to operate properly through the ZyWALL.
Some applications cannot operate through NAT (are NAT un-friendly) because they embed IP
addresses and port numbers in their packets' data payload. The ZyWALL examines and uses
IP address and port number information embedded in the data stream. When a device behind
the ZyWALL uses an application for which the ZyWALL has ALG service enabled, the
ZyWALL translates the device's private IP address inside the data stream to a public IP
address. It also records session port numbers and dynamically creates implicit NAT port
forwarding and firewall rules for the application's traffic to come in from the WAN to the
LAN.
To configure the ALG screen proceed to
See Section 29.2 on page 529
FTP traffic on custom ports.

30.1.1 What You Need to Know About ALG

ALG and NAT
The ZyWALL dynamically creates an implicit NAT session for the application's traffic from
the WAN to the LAN.
The ALG on the ZyWALL supports all NAT mapping types, including One to One, Many to
One, Many to Many Overload and Many One to One.
ZyWALL 5/35/70 Series User's Guide

ALG Screen

Section 30.2 on page 535.
if you need to use the ALG for SIP, H.323 or
30
531