Chapter 4: Web Configuration
95
NAT ALG Configuration
The need for IP address translation arises when a network's internal IP addresses
cannot be used outside the network either for security reasons or because they are
invalid for use outside the network. Use of NAT (Network Address Translation)
devices allows local hosts on such private networks to transparently access the
external global Internet and enables access to selective local hosts from the outside.
ALG (Application Level Gateway) is a security component that augments a firewall or
NAT employed in a computer network. ALG allows legitimate application data to pass
through the security checks of the firewall that would have otherwise restricted the
traffic for not meeting its filter criteria. ALG application specific translation agents
allow an application on a host in one address realm to connect to its counterpart
running on a host in different realm transparently. An ALG may interact with NAT to
set up state, use NAT state information, modify application specific payload and
perform whatever else is necessary to get the application running across disparate
address realms.
Enable VPN ALG:
VPN ALG allows two or more
simultaneous VPN connections
through this IAD. The default setting
for VPN ALG is enabled.
Enable SIP ALG:
SIP ALG allows two or more
simultaneous VoIP phone calls made
by VoIP clients through this IAD. The
default setting for SIP ALG is enabled.
Transparent use of SIP-based devices in a
NAT scenario requires that modifications
be made to the SIP messages. These
modifications are performed by the ALG.
A SIP ALG provides functionality to allow
VoIP traffic to pass both from the private to
public and public to private side of the
firewall when using Network Address
Translation (NAT). The SIP-ALG inspects
and modifies SIP traffic to allow SIP traffic
to pass through the firewall so that
person-to-person SIP sessions may be
established.
Click Apply to upload your setting.