How to enable ALG (Application Layer Gateway)?

Support Model :
  • Tags :

Due to the protocols like SIP, RTSP and FTP are short of NAT-T, so when the service server is behind NAT, the connection could fail. ALG is able to resolve this issue. With ALG enabled, Vigor router will replace the private IP with public IP in the negotiation packet from the client and open dynamic TCP/UDP ports required in the connection.



1. Since 3.8.5 version firmware, we have made a page for ALG feature, please go to NAT >> ALG,

a. Enable ALG

b. Enable SIP/RTSP ALG, then SIP/RTSP listen port, TCP and UDP are configurable





Vigor router will enable PPTP/IPSec/FTP ALG once these service ports are forwarded to local hosts. Then router will open corresponding port to the local hosts.

2. Disable local PPTP/IPSec/FTP service, for PPTP/IPSec:

a. Go to VPN and Remote Access >> Remote Access Control

b. Disable PPTP/IPSec VPN service


For FTP:

a. Go to System Maintenance >> Management

b. Disable Internet Access Control >> FTP server


3. Set Open Ports for PPTP/IPSec/FTP service, go to NAT  >> Open Ports and click any available index

a. Enable Open Ports

b. Choose WAN interfacec

c. Enter local PPTP/IPSec/FTP server IP in Private IP

d. Set Protocol, Start and End port for PPTP/IPSec/FTP service (please find the relative information in the table below)



  Service Port ALG
PPTP 1723/TCP Protocol 47(GRE)
IPsec 500, 4500/UDP   Protocol 50(ESP)
FTP 21/TCP  FTP data port
Was this article helpful ?
77How to enable ALG (Application Layer Gateway)? has been viewed------ 77 ------times.