ZyXEL Communications USG 2000 User Manual
Chapter 21 ALG
ZyWALL USG 2000 User’s Guide
406
The following table describes the labels in this screen.
Table 101 Configuration > Network > ALG
LABEL
DESCRIPTION
Enable SIP ALG
Turn on the SIP ALG to detect SIP traffic and help build SIP sessions
through the ZyWALL’s NAT. Enabling the SIP ALG also allows you to
use the application patrol to detect SIP traffic and manage the SIP
traffic’s bandwidth (see
through the ZyWALL’s NAT. Enabling the SIP ALG also allows you to
use the application patrol to detect SIP traffic and manage the SIP
traffic’s bandwidth (see
).
Enable SIP
Transformations
Transformations
Select this to have the ZyWALL modify IP addresses and port numbers
embedded in the SIP data payload.
embedded in the SIP data payload.
You do not need to use this if you have a SIP device or server that will
modify IP addresses and port numbers embedded in the SIP data
payload.
modify IP addresses and port numbers embedded in the SIP data
payload.
Enable Configure
SIP Inactivity
Timeout
SIP Inactivity
Timeout
Select this option to have the ZyWALL apply SIP media and signaling
inactivity time out limits.
inactivity time out limits.
SIP Media
Inactivity
Timeout
Inactivity
Timeout
Use this field to set how many seconds (1~86400) the ZyWALL will
allow a SIP session to remain idle (without voice traffic) before
dropping it.
allow a SIP session to remain idle (without voice traffic) before
dropping it.
If no voice packets go through the SIP ALG before the timeout period
expires, the ZyWALL deletes the audio session. You cannot hear
anything and you will need to make a new call to continue your
conversation.
expires, the ZyWALL deletes the audio session. You cannot hear
anything and you will need to make a new call to continue your
conversation.
SIP Signaling
Inactivity
Timeout
Inactivity
Timeout
Most SIP clients have an “expire” mechanism indicating the lifetime of
signaling sessions. The SIP user agent sends registration packets to
the SIP server periodically and keeps the session alive in the ZyWALL.
signaling sessions. The SIP user agent sends registration packets to
the SIP server periodically and keeps the session alive in the ZyWALL.
If the SIP client does not have this mechanism and makes no calls
during the ZyWALL SIP timeout, the ZyWALL deletes the signaling
session after the timeout period. Enter the SIP signaling session
timeout value (1~86400).
during the ZyWALL SIP timeout, the ZyWALL deletes the signaling
session after the timeout period. Enter the SIP signaling session
timeout value (1~86400).
SIP Signaling
Port
Port
If you are using a custom UDP port number (not 5060) for SIP traffic,
enter it here. Use the Add icon to add fields if you are also using SIP
on additional UDP port numbers.
enter it here. Use the Add icon to add fields if you are also using SIP
on additional UDP port numbers.
Enable H.323
ALG
ALG
Turn on the H.323 ALG to detect H.323 traffic (used for audio
communications) and help build H.323 sessions through the ZyWALL’s
NAT. Enabling the H.323 ALG also allows you to use the application
patrol to detect H.323 traffic and manage the H.323 traffic’s
bandwidth (see
communications) and help build H.323 sessions through the ZyWALL’s
NAT. Enabling the H.323 ALG also allows you to use the application
patrol to detect H.323 traffic and manage the H.323 traffic’s
bandwidth (see
).
Enable H.323
Transformations
Transformations
Select this to have the ZyWALL modify IP addresses and port numbers
embedded in the H.323 data payload.
embedded in the H.323 data payload.
You do not need to use this if you have a H.323 device or server that
will modify IP addresses and port numbers embedded in the H.323
data payload.
will modify IP addresses and port numbers embedded in the H.323
data payload.
H.323 Signaling
Port
Port
If you are using a custom TCP port number (not 1720) for H.323
traffic, enter it here.
traffic, enter it here.
Additional H.323
Signaling Port
for
Transformations
Signaling Port
for
Transformations
If you are also using H.323 on an additional TCP port number, enter it
here.
here.