ADTRAN 5000 Series ip firewall alg [ftp | h323

Command Reference Guide Global Configuration Mode Command Set

ip firewall alg [ftp | h323 | pptp]

Use the ip firewall alg command to enable the application-level gateway (ALG) for a particular

application. Use the no form of this command to disable ALG for the application.

Syntax Description

ftp Enables the FTP ALG.

h323 Enables the H323 ALG.

pptp Enables the PPTP ALG.

Default Values

By default, the ALG for FTP, H323, and PPTP are enabled.

Applicable Platforms

This command applies to the NetVanta 300, 1000R, 3000, 4000, and 5000 and Total Access 900 Series

units.

Command History

Release 8.1 Command was introduced.

Release 10.1 H323 was added.

Functional Notes

Enabling the Application Layer Gate way (ALG) for a specific protocol gives the firewa ll addi tiona l

information about that complex protocol and causes the firewall to perform additional processing for

packets of that protocol. When the ALG is disabled, the firewall treats the complex protocol as any other

simple protocol. The firewall needs no special knowledge to work well with simple protocols.

Usage Examples

The following example disables ALG for FTP:

(config)#no ip firewall alg ftp

Disabling the IP firewall ALG may cause the firewall to block some of the traffic for

the specified protocol.