

In this case, ALG translates the IP address and port in the PORT message. Otherwise, if the subscriber uses the active FTP mode, ALG needs to be enabled.

When using NAT44, the subscriber can use the passive FTP mode to work through the NAT with ALG disabled. NAT supports ALG for FTP, TFTP, PPTP, SIP, RTSP, and DNS. This translation is necessary so that the application server can send a response to a correct public IP address and port. Simply put, ALG does the same thing with application messages as NAT does with the regular IP header. When an application client sends a private IP address and port in its message, ALG allocates a public IP address and port and translates them in the message. Application Layer Gateway ¶ĪLG is a feature that allows several applications to work correctly when they pass through the NAT. Set Protocol, Start and End port to the Service Port of the service.Toggle table of contents sidebar 8.14.Set up Open Ports for the service, go to NAT > Open Ports and click any available index to edit go to VPN and Remote Access > Remote Access Control, and un-check Enable PPTP/IPsec VPN Serviceįor FTP, go to System Maintenance > Management and disable FTP server under Internet Access ControlĢ.

Vigor router will enable PPTP, IPsec, or FTP ALG if these local services are disabled and the service ports are set up to be forwarded the server on a LAN.ġ. Check Enable SIP/RTSP ALG, and input SIP/RTSP Listen Port per server settings, TCP and UDP are configurable.Since firmware version 3.8.5, we have made a page for ALG feature. With ALG enabled, the router will replace the private IP with public IP in the negotiation packet from the client and open dynamic TCP/UDP ports required for the connection. Application Layer Gateway (ALG) is the solution to this problem. Due to the protocols like SIP, RTSP and FTP are short of NAT-T, when the service server is behind NAT, the connection could fail.
