Configuring alg in the command line interface, Enabling alg, Alg configuration examples – H3C Technologies H3C SecBlade FW Cards User Manual
Page 41: Ftp alg configuration example
34
•
Type 138 as the global port.
•
Type 192.168.1.2 as the internal IP address.
•
Type 138 as the internal port.
•
Click Apply.
•
In the Internal Server area, click Add.
•
Select GigabitEthernet1/2.
•
Select 6(TCP) as the protocol type,
•
Type 5.5.5.10 as the external IP address.
•
Type 139 as the global port.
•
Type 192.168.1.2 as the internal IP address.
•
Type 139 as the internal port.
•
Click Apply.
Configuring ALG in the command line interface
Enabling ALG
Follow these steps to enable ALG:
To do...
Use the command...
Remarks
Enter system view
system-view
—
Enable ALG
alg { all | dns | ftp | h323 | ils | msn | nbt |
pptp | qq | rtsp | sip | sqlnet | tftp }
Optional
Enabled for all protocols by default
ALG configuration examples
NOTE:
The following examples describe only ALG-related configurations, assuming that other required
configurations on the server and client have been done.
FTP ALG configuration example
1.
Network requirements
As shown in
, a company accesses the Internet through a device with NAT and ALG enabled.
The company provides FTP services to the outside. The inside network segment of the company is
192.168.1.0/24, and the IP address of the FTP server is 192.168.1.2. Configure NAT and ALG to meet the
following requirements:
•
The host in the outside network can access the FTP server in the inside network.
•
The company has four public network addresses: 5.5.5.1, 5.5.5.9, 5.5.5.10, and 5.5.5.11, and the
FTP server uses the public network address of 5.5.5.10 to provide services to the outside.