[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

Configuring Application Layer Gateways—Quick Configuration

You can use J-Web Quick Configuration to quickly enable or disable JUNOS software Application Layer Gateways (ALGs). All ALGs are enabled by default.

Before You Begin
For background information, read Understanding Application Layer Gateways

Figure 64: Quick Configuration Page for General ALGs

Image general_alg_all.gif

To enable or disable an ALG with Quick Configuration:

In the J-Web user interface, select Configuration > Quick Configuration > ALG > General ALG.
Figure 64 shows the General ALG page.
Select the check box next to an ALG, described in Table 72, then click one of the following buttons:

To apply the configuration and stay on the Quick Configuration page, click Apply.
To apply the configuration and return to the main Configuration page, click OK.
To cancel your entries and return to the main page, click Cancel.

Table 72: General Configuration Options

Field	Function	Action
Multimedia Application Protocols
REAL	Provides an ALG for the RealAudio and RealVideo Protocol. The REAL ALG processes Progressive Networks Audio (PNA) packets over the TCP connection and looks for the control commands in the packet where the port number is embedded. It performs NAT and opens gates for the UDP data connection.	Select the check box to enable the ALG.
RTSP	Provides an ALG for the Real-Time Streaming Protocol.	Select the check box to enable the ALG.
Basic Internet Protocols
DNS	Provides an ALG for the Domain Name System. The DNS ALG monitors DNS query and reply packets and closes session if the DNS flag indicates the packet is a reply message.	Select the check box to enable the ALG.
FTP	Provides an ALG for the File Transfer Protocol. The FTP ALG monitors PORT, PASV and 227 commands. It performs NAT of IP/port in the message and gate opening on the device as necessary. The FTP ALG supports FTP put and FTP get command blocking. When the FTP_NO_PUT or FTP_NO_GET is set in the policy, the FTP ALG sends back a blocking command and closes the associated opened gate when FTP STOR or FTP RETR command is observed.	Select the check box to enable the ALG.
TFTP	Provides an ALG for the Trivial File Transfer Protocol. The TFTP ALG processes TFTP packet that initiate the request and opens a gate to allow return packets from the reverse direction to the port that sends the request.	Select the check box to enable the ALG.
TALK	Provides an ALG for the TALK Protocol. The TALK protocol uses UDP port 517 and port 518 for control channel connections. The talk program consists of a server and a client. The server handles client notifications and helps to establish talk sessions. There are two types of talk servers: ntalk and talkd. The TALK ALG processes packets of both ntalk and talkd formats. It also performs NAT and gate opening as necessary.	Select the check box to enable the ALG.
RSH	Provides an ALG for the Provides an ALG for the Remote Shell. The RSH ALG handles TCP packets destined for port 514 and process the RSH port command. The RSH ALG performs NAT on the port in the port command and opens gates as necessary.	Select the check box to enable the ALG.
PPTP	Provides an ALG for the Point-to-Point Tunneling Protocol. The PPTP is a layer 2 protocol that tunnels PPP data across TCP/IP networks. The PPTP client is freely available on Windows systems and is widely deployed for building Virtual Private Networks (VPNs).	Select the check box to enable the ALG.
Database and Network Support Protocols
SQL	Provides an ALG for the Structured Query Language. The SQLNET ALG processes SQL TNS response frame from the server side. It parses the packet and looks for (HOST=ipaddress), (PORT=port) pattern and performs NAT and gate opening on the client side for the TCP data channel.	Select the check box to enable the ALG.

[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]