TMS zl Management and Configuration Guide ST.1.1.100226
1-59
Overview
Firewall
Table 1-8. Supported ALGs
Port Triggers
The firewall in the TMS zl Module can handle some dynamic connections with
the ALGs. But for applications not supported by the ALGs, you must configure
port triggers. A port trigger policy is activated or “triggered” when the initial
control connection is made. The connection through the dynamically negoti-
ated port can be in the same direction or in the opposite direction of the initial
connection. You configure inbound and outbound ports separately because
some applications use different ports for each traffic direction.
See “Port Triggers” in Chapter 4: “Firewall.”
ALG Name ALG Description Control Ports ALG Type Default Setting
ftp File Transfer Protocol TCP 21
*§ firewall, NAT,
application
filtering
Enabled
ike Internet Key Exchange UDP 500* firewall Disabled
ils
ils2
Internet Locator Server (Microsoft
NetMeeting)
TCP 389*
TCP 1002
NAT Disabled
irc Internet Relay Chat, mIRC TCP 6667 firewall, NAT Disabled
l2tp Layer 2 Transport Protocol UDP 1701* firewall Disabled
netbios NetBIOS TCP 139*
UDP 17137—not a
control port, but this port
must be opened
between NetBIOS
clients and the module
(Self zone)
application
handling
Disabled
pptp Point-to-Point Tunneling Protocol TCP 1723* firewall, NAT Disabled
rtsp Real-Time Streaming Protocol TCP 554§
TCP 7070§
firewall, NAT Disabled
sql Oracle SQL *NET TCP 1521 firewall, NAT Disabled
tftp Trivial File Transfer Protocol UDP 69
* firewall, NAT Disabled
* port has a preconfigured service object
§ this port is associated with this service by a preconfigured port map