Application Level Gateway Configuration on RV315W VPN Routers

Available Languages

Download Options

PDF (58.9 KB)
View with Adobe Reader on a variety of devices
ePub (100.5 KB)
View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
Mobi (Kindle) (78.6 KB)
View on Kindle device or Kindle app on multiple devices

Updated:December 11, 2018

Document ID:SMB4892

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Application Level Gateway Configuration on RV315W VPN Routers

Objective

When a device behind the router uses an application for which the router has Application-Level Gateway (ALG) service enabled, the router translates the private IP address of the device inside the data stream to a public IP address. It also records session port numbers and dynamically creates implicit NAT port forwarding for that application traffic to come in from the WAN to the LAN, Application Level Gateway (ALG) allows certain NAT incompatible applications to operate properly. A Denial of Service (DoS) atack is when an attacker floods a website with traffic, limiting the websites ability to function. This article explains how to configure DoS Protection on the RV315W VPN Router.

Applicable Device

• RV315W

Software Version

• 1.01.03

Application Level Gateway

Step 1. Log in to the web configuration utility and choose Security >Application Level Gateway . The Application Level Gateway (ALG) page opens:

Step 2. Check the Enable check box of the Protocol type that the RV315W uses to level the gateway. The possible protocols are:

• GRE — Generic Routing Encapsulation (GRE) is a protocol that encapsulates the information when the data uses a gateway connection (point to point) and is sent over IP networks.
• SIP — The Session Initiation Protocol (SIP) is an application layer control (signaling) protocol that handles the set up, modification, and tear down of voice and multimedia sessions over the Internet. Enable the SIP ALG when voice devices such as UC500, UC300, or SIP phones are connected to the network behind the router.
• H.323 — A standard teleconferencing protocol suite that provides audio, data, and video conferencing. It allows for real-time point-to-point and multipoint communication between client computers over a packet-based network that does not provide a guaranteed quality of service.
• IPsec — Internet Protocol Security (IPsec) is used to authenticate and encrypt IP packets. This protocol is very useful because it assures the protection of the data that is sent to a host.
• L2TP — Layer 2 Tunneling Protocol (L2TP) is a protocol used by service providers that allows a point to point connection, but with the application of layer 2 for security.
• RTSP — Real Time Streaming Protocol (RTSP) is a protocol that controls and manage the traffic of media in a gateway (point to point), this feature allows the user to control the media in real time.
• IPsec NAT-T — Is the combination of IPsec and NAT that implies that the packet is sent with the IPsec protocol but creates, at the same time, datagrams for the Network Address Translation (NAT) that are encrypted to enhance the security level.

Step 3. Click Save.

Was this Document Helpful?

Feedback

Contact Cisco

Open a Support Case
(Requires a Cisco Service Contract)