Manualshelf

TMS zl Management and Configuration Guide ST.1.0.090213

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
331332333334335336337338339340
4-83
Firewall
Port Triggers
smtp
The SMTP ALG allows you to restrict access to some SMTP commands and
checks the SMTP command to see if the command is allowed or not. If the
command is not allowed, it drops the packet.
sql
The SQL ALG interprets and translates the redirect messages coming from the
network listener. This message contains the IP address and the listen port of
the SQL server that client needs to contact for data transfer. It also translates
the IP address and port information according to NAT policies.
tftp
The TFTP ALG creates a dynamic association to allow the data transfer from
server to client when it sees a write/read request from the client on the control
connection. This association allows the server to connect to the client. It
translates the IP address and port information in the control-connection
payload according to NAT policies.
Port Triggers
The firewall in the TMS zl Module can handle some dynamic connections with
the ALGs, but for applications not supported by the ALGs, you must configure
port triggers. A port trigger policy is activated or “triggered” when the initial,
control connection is formed. The connection through the dynamically nego-
tiated port can be in the same direction or in the opposite direction of the
initial connection. You configure inbound and outbound ports separately
because some applications use different ports for each traffic direction.
To configure port trigger policies, follow these steps:
1. Select Firewall > Port Triggers > Policies.