Manualshelf

3Com Switch 8800 Family IPsec Module Configuration and Command reference Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module
321322323324325326327328329330
NAT Configuration Commands 329
default ALG aging time depends on the specific application type. To effectively
prevent attacks, you can set the aging time of first packet to five seconds.
Example
# Set the valid connection time of TCP to 240 seconds.
[SecBlade_FW] nat aging-time tcp 240
nat alg Syntax
nat alg { dns | ftp | h323 | ils | msn | nbt | pptp }
undo nat alg { dns | ftp | h323 | ils | msn | nbt | pptp }
View
System view
Parameter
dns: Supports the DNS protocol.
ftp: Supports the FTP protocol.
h323: Supports the H.323 protocol.
ils: Supports the ILS protocol.
msn: Supports the MSN protocol.
nbt: Supports the NBT protocol.
pptp: Supports the PPTP protocol.
Description
Use the nat alg command to enable the application level gateway (ALG) function
of NAT.
Use the undo nat alg command to disable the ALG function of NAT.
By default, the ALG function of NAT is enabled.
Example
# Enable the ALG function of NAT, allowing it to support FTP.
[SecBlade_FW] nat alg ftp
nat dns-map Syntax
nat dns-map domain-name global-addr global-port [ tcp | udp ]
undo nat dns-map domain-name
View
System view