Table of Contents
Advertisement
4.6.2.2
ALG
The SECURITY ALG command is used to manage the Application Level Gateway (ALG).
An ALG provides a mechanism to allow applications that use ephemeral ports to move their data
through the NAT in a fashion that is invisible to the application. The ALG decodes the network
packets, and intelligently re-assembles them using NAT appropriate data.
Use the START/STOP prefix and specify an "ALG Name" if you want to enable/disable a specific
application. The SHOW prefix displays the current settings as the following example:
HL950> show security alg
ALG Name
--------------------------
gatekeeper
msgudp
rpc
ike
n2p
pcanywhere
l2tp
sipalg
rtsp554
rtsp7070
h323
msgtcp
irc
aim
pptp
ftp
web
smtp
dummy
icq
msn
ils
cuseeme
mszone
EXECUTED [0]
For detailed information about prefixes and parameters for the SECURITY ALG command, see
section 6.6.2
4.6.3
IPSec Management
The HL950 supports creation of secure connections over shared or public networks using the IPSec
protocol. The IPSec protocol supports transport mode and tunnel mode operations and after
configuring IPSec, the HL950 acts as a security gateway (SG) of the corporate network. By using SG,
a VPN can be built over the Internet.
The following figures show some example scenarios when to use secure connections:
Page 77 (159)
Status
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Enabled
Multi Service Edge Device HL950
Administrator's Guide
EN/LZT 108 5995 R3
June 2003
Advertisement
Table of Contents
