How to enable ALG (Application Layer Gateway)?

Due to the protocols like SIP, RTSP and FTP are short of NAT-T, when the service server is behind NAT, the connection could fail. ALG is able to resolve this issue. With ALG enabled, Vigor router will replace the private IP with public IP in the negotiation packet from the client and open dynamic TCP/UDP ports required in the connection.

 

For SIP ALG and RTSP ALG

Since 3.8.5 version firmware, we have made a page for ALG feature, please go to NAT >> ALG,

  1. Enable ALG
  2. Enable SIP/RTSP ALG, then SIP/RTSP listen port, TCP and UDP are configurable
   

 

 

For PPTP, IPSec, and FTP ALG

Vigor router will enable PPTP, IPsec, or FTP ALG if these local service are disabled and the service ports are set up to be forwarded to the local hosts. 

1. Disable local service. For PPTP/IPsec. go to VPN and Remote Access >> Remote Access Control, and disable PPTP/IPsec VPN service

   

   For FTP, go to System Maintenance >> Management and disable Internet Access Control >> FTP server

   

2. Set Open Ports for PPTP/IPSec/FTP service, go to NAT  >> Open Ports and click any available index

  1. Enable Open Ports
  2. Choose WAN interface
  3. Enter local PPTP/IPSec/FTP server IP in Private IP
  4. Set Protocol, Start and End port for PPTP/IPSec/FTP service (please find the relative information in the table below)
   

 

  Service Port ALG
PPTP 1723/TCP Protocol 47(GRE)
IPsec 500, 4500/UDP   Protocol 50(ESP)
FTP 21/TCP  FTP data port

 

Was this article helpful?
109How to enable ALG (Application Layer Gateway)? has been viewed------ 109 ------times.