10-24 Firmware Version 4.6 Addendum
AA
AATT
TTMM
MMPP
PP ee
eexx
xxaa
aamm
mmpp
ppllllee
ee
To enable a firewall to allow ATMP traffic, you must provision the firewall to allow inbound and outbound UDP
packets specifically destined for port 5150. The source port may be dynamic, so often it is not useful to apply
a compare function on this portion of the control/negotiation packets. You must also set the firewall to allow
inbound and outbound GRE packets (Protocol 47, Internet Assigned Numbers Document, RFC 1700), enabling
transport of the tunnel payload.
From the Main Menu navigate to Display/Change IP Filter Set, and from the pop-up menu select Basic Firewall.
Select Display/Change Input Filter.
Display/Change Input Filter screen
For Input Filter 1 set the Destination Port information as shown below.
Main
Menu System Filter
Sets IP Filter
Sets Display/Change
IP Filter SetConfiguration Basic
Firewall
+-#----Source IP Addr----Dest IP Addr------Proto-Src.Port-D.Port--On?-Fwd-+
+-------------------------------------------------------------------------+
| 1 0.0.0.0 0.0.0.0 UDP NC =5150 Yes Yes |
| 2 0.0.0.0 0.0.0.0 GRE -- -- Yes Yes |
| |
Change Input Filter 1
Enabled: Yes
Forward: Yes
Source IP Address: 0.0.0.0
Source IP Address Mask: 0.0.0.0
Dest. IP Address: 0.0.0.0
Dest. IP Address Mask: 0.0.0.0
Protocol Type: TCP
Source Port Compare... No Compare
Source Port ID: 0
Dest. Port Compare... Equal
Dest. Port ID: 1723
Established TCP Conns. Only: No