alg

Enables traffic filtering at the application layer using the ALG (Application Layer Gateway) feature

Supported on the following devices:

Access Points: AP5010, AP310i/e, AP410i/e, AP505i, AP510i, AP510e, AP560i, AP6522, AP6562, AP7161, AP7502, AP7522, AP7532, AP7562, AP7602, AP7612, AP7622, AP763, AP7662, AP8163, AP8543, AP8533.
Service Platforms: NX5500, NX7500, NX9500, NX9600
Virtual Platforms: CX9000, VX9000

Syntax

alg [dns|facetime|ftp|pptp|sccp|sip|tftp]

Parameters

alg [dns|facetime|ftp|pptp|sccp|sip|tftp]


alg	Enables traffic filtering at the application layer. The ALG provides filters for the following common protocols: DNS, Facetime, FTP, PPTP, SCCP, SIP, and TFTP.
dns	Allows DNS (Domain Name System) traffic through the firewall using its default ports. This option is enabled by default. When enabled, you can easily permit or deny traffic based on a packet‘s DNS name, instead of the IP address. Use this option when configuring ACLs allowing or denying traffic for Web sites that have a single domain name resolving to any one of multiple IP addresses.
facetime	Allows Apple‘s FaceTime video calling traffic through the firewall using its default ports. This option is disabled by default.
ftp	Allows FTP (File Transfer Protocol) traffic through the firewall using its default ports. This option is enabled by default.
pptp	Allows PPTP (Point-to-Point Tunneling Protocol) traffic through the firewall using its default ports. PPTP, a network protocol, enables secure transfer of data from a remote client to an enterprise server by encapsulating PPP packets into IP datagrams for transmission over the Internet or other public TCP/IP-based networks. This option is enabled by default.
sccp	Allows SCCP (Signalling Connection Control Part) traffic through the firewall using its default ports. This option is disabled by default. SCCP is a network protocol that provides routing, flow control and error correction in telecommunication networks.
sip	Allows SIP (Session Initiation Protocol) traffic through the firewall using its default ports. This option is disabled by default.
tftp	Enables the TFTP (Trivial File Transfer Protocol) algorithm. When enabled, allows TFTP traffic through the firewall using its default ports. This option is enabled by default.

Examples

nx9500-6C8809(config-fw-policy-testFW)#show context

nx9500-6C8809(config-fw-policy-testFW)#show context
firewall-policy testFW
 no ip dos tcp-sequence-past-window
 alg facetime
nx9500-6C8809(config-fw-policy-testFW)#

Related Commands


no	Removes or reverts ALG related settings