[Contents][Prev][Next][Index][Report an Error]

Configuring the Network Protocol

The protocol statement allows you to specify which of the supported network protocols to match in an application definition. To configure network protocols, include the protocol statement at the [edit applications application application-name] hierarchy level:




protocol type;

You specify the protocol type as a numeric value; for the more commonly used protocols, text names are also supported in the command-line interface (CLI). Table 10 shows the list of the supported protocols.

Table 10: Network Protocols Supported by Services Interfaces

Network Protocol Type	CLI Value	Comments
IP Security (IPSec) authentication header (AH)	ah	–
External Gateway Protocol (EGP)	egp	–
IPSec Encapsulating Security Payload (ESP)	esp	–
Generic routing encapsulation (GR)	gre	–
ICMP	icmp	Requires an application-protocol value of icmp.
Internet Group Management Protocol (IGMP)	igmp	–
IP in IP	ipip	–
Open Shortest Path First (OSPF)	ospf	–
Protocol Independent Multicast (PIM)	pim	–
Resource Reservation Protocol (RSVP)	rsvp	–
TCP	tcp	Requires a destination-port or source-port value unless you specify application-protocol rcp or dce-rcp.
UDP	udp	Requires a destination-port or source-port value unless you specify application-protocol rcp or dce-rcp.
Virtual Router Redundancy Protocol (VRRP)	vrrp	–

For a complete list of possible numeric values, see RFC 1700, Assigned Numbers (for the Internet Protocol Suite).

Note: Internet Protocol version 6 (IPv6) is not supported as a network protocol in application definitions.

By default, the twice NAT feature can affect IP, TCP, and UDP headers embedded in the payload of ICMP error messages. You can include the protocol tcp and protocol udp statements with the application statement for twice NAT configurations. For more information about configuring twice NAT, see Network Address Translation Services Configuration Guidelines.

[Contents][Prev][Next][Index][Report an Error]