TMS zl Management and Configuration Guide ST.1.0.090213
4-76
Firewall
Application-Level Gateways
ALG Functions
The following section lists the ALGs in alphabetical order by CLI name and
explains how each ALG functions.
aim
The AOL IM ALG
■ supports the following functionalities of AOL IM 5.9:
• instant messaging (chat)
• file transfer (Send File and Get File)
•talk
• image transfer
■ interprets the following sequences that pass through the control-connec-
tion payloads (all values in hexadecimal):
• 00 04 00 06 07 — This sequence in the payload specifies that a
request has been sent.
• 00 09 4c — This sequence is followed by a single byte that describes
the type of application.
– 41 — Talk
– 43 — Send File
– 45 — Image
– 48 — Get File
• 04 00 05 27 11 — This sequence is followed by a four-byte IP address
being exchanged in the payload, followed by the sequence 05 02,
followed by a two-byte port number.
■ opens data associations to allow the data connections to pass through the
firewall in response to the above control-connection payloads.
■ supports ICQ (I Seek You) functionality.
■ translates the IP address and port information in the control-connection
payload according to NAT policies.
esp
IPsec traffic at the responder end of the tunnel is matched against a security
association (SA) with the same destination IP address, protocol, and security
parameters index (SPI) value.
If two tunnels go through a NAT device that translates the source IP address
and port, the only differentiating criteria for the response packets will be SPI
value, because the destination IP address will be the NAT device IP address.