Configuration and Management
port forwarding allowing communication between certain Internet applications and the local network. When UPnP IGD is enabled, programs like MSN Messenger® and most network enabled games are allowed to pass the NAT service.
To disable UPnP IGD, clear the Enable UPnP IGD check box on the NAT page and click Apply .
2.7.2Application Level Gateways
From a security perspective, certain Internet applications, for example FTP applications that open additional ports upon transfer, are especially problematic to handle. An Application Level Gateway (ALG) provides a translation and transportation service for such a specific application. Incoming data packets are checked against existing NAT and packet filtering rules, IP addresses are evaluated and a detailed packet analysis is performed. If necessary, the contents of a packet are modified and if a secondary port is required, the ALG will open one. The Ericsson W20 includes ALG support for the following applications:
Table 3 | ALG Supported Applications |
| ||
|
|
|
|
|
| Application |
| Protocol | Port |
|
|
|
| number |
|
|
|
| |
| File Transfer Protocol (FTP) | TCP | 21 | |
|
|
|
| |
| Trivial File Transfer Protocol (TFTP) | UDP | 69 | |
|
|
|
|
|
The ALG for each application does not require additional configuration. The supported ALGs can be enabled and disabled individually. To disable an ALG, clear the corresponding check box on the NAT page and click Apply .
2.7.3Port Forwarding
Port forwarding is used to allow incoming access to a specific local network device, for example an internal web server.
Note: Port forwarding requires a public IP address of the Ericsson W20. The Ericsson W20 IP address is displayed on the Internet page. A private IP address usually begins with 10, 172, or 192. In this case, no incoming access from the Internet is allowed. For more information on public and private IP addresses, contact your service provider.
33 |