Due to the protocols like SIP, RTSP and FTP are short of NAT-T, when the service server is behind NAT, the connection could fail. Application Layer Gateway (ALG) is the solution to this problem. With ALG enabled, the router will replace the private IP with public IP in the negotiation packet from the client and open dynamic TCP/UDP ports required for the connection.
Since firmware version 3.8.5, we have made a page for ALG feature. To enable, go to NAT >> ALG,
Vigor router will enable PPTP, IPsec, or FTP ALG if these local services are disabled and the service ports are set up to be forwarded the server on a LAN.
1. Disable local service. For PPTP/IPsec. go to VPN and Remote Access >> Remote Access Control, and un-check Enable PPTP/IPsec VPN Service
For FTP, go to System Maintenance >> Management and disable FTP server under Internet Access Control
2. Set up Open Ports for the service, go to NAT >> Open Ports and click any available index to edit
|Service||Service Port (Required manual configuration)||ALG (Opened by the router automatically)|
|PPTP||TCP 1723||GRE IP47|
|IPsec||UDP 500, 4500||ESP IP50|
|FTP||TCP 21||FTP data port|
Was this helpful?
Thank you for your feedback :)
Sorry about that. Contact Support if you need further assistance, or leave us some comments below to help us improve.