alg

Syntax

alg {dns {disable;maximum-message-length number;traceoptions {flag {all <extensive>;}}}ftp {disable;traceoptions {flag {all <extensive>;}}}h323 {application-screen {message-flood {gatekeeper threshold rate ;}unknown-message {permit-nat-applied;permit-routed;}}disable;endpoint-registration-timeout seconds ;media-source-port-any;traceoptions {flag {all <detail | extensive | terse>;cc <detail | extensive | terse>;h225-asn1 <detail | extensive | terse>;h245 <detail | extensive | terse>;h245-asn1 <detail | extensive | terse>;q931 <detail | extensive | terse>;ras <detail | extensive | terse>;ras-asn1 <detail | extensive | terse>;}}}ike-esp-nat { enable;state-timeout timeout-in-seconds;esp-gate-timeout timeout-in-seconds;esp-session-timeout timeout-in-seconds; }mgcp {application-screen {connection-flood threshold rate ;message-flood threshold rate ;unknown-message {permit-nat-applied;permit-routed;}}disable;inactive-media-timeout seconds ;maximum-call-duration minutes ; traceoptions {flag {all <extensive>;call <extensive>;cc <extensive>;decode <extensive>;error <extensive>;nat <extensive>;packet <extensive>;rm <extensive>;}}transaction-timeout seconds ; }msrpc {disable;traceoptions {flag {all <extensive>;}}}pptp {disable;traceoptions {flag {all <extensive>;}}}real {disable;traceoptions {flag {all <extensive>;}}}rsh {disable;traceoptions {flag {all <extensive>;}}}rtsp {disable;traceoptions {flag {all <extensive>;}}}sccp {application-screen {call-flood threshold rate ;unknown-message {permit-nat-applied;permit-routed;}}disable;inactive-media-timeout seconds ;traceoptions {flag {all <extensive>;call <extensive>;cc <extensive>;cli <extensive>;decode <extensive>;error <extensive>;init <extensive>;nat <extensive>;rm <extensive>;}}}sip {application-screen {protect {deny {all | destination-ip address ;timeout seconds ;}}unknown-message {permit-nat-applied;permit-routed;}}c-timeout minutes ;disable;disable-call-id-hiding;inactive-media-timeout seconds ;maximum-call-duration minutes ;retain-hold-resource;t1-interval milliseconds ;t4-interval seconds ;traceoptions {flag {all <detail | extensive | terse>;call <detail | extensive | terse>;cc <detail | extensive | terse>;nat <detail | extensive | terse>;parser <detail | extensive | terse>;rm <detail | extensive | terse>;}}}sql {disable;traceoptions {flag {all <extensive>;}}}sunrpc {disable;traceoptions {flag {all <extensive>;}}}talk {disable;traceoptions {flag {all <extensive>;}}}tftp {disable;traceoptions {flag {all <extensive>;}}}}

Hierarchy Level

[edit security]

Release Information

Statement introduced in Release 8.5 of Junos OS.

Description

Configure an Application Layer Gateway (ALG) on the device. An ALG runs as a service and can be associated in policies with specified types of traffic. ALGs are enabled by default.

Options

The remaining statements are explained separately.

Usage Guidelines

For configuration instructions and examples, see the Junos OS Security Configuration Guide.

Required Privilege Level

security—To view this statement in the configuration.

security-control—To add this statement to the configuration.

Copyright© 1999-2010 Juniper Networks, Inc. All rights reserved.