Allied-Telesis AT-iMG624A Router Manual PDF (Setup & Configuration Guide)

Page 376 / 998 Scroll up to view Page 371 - 375

Security

Security command reference

iMG/RG Software Reference Manual (IPNetwork Functions)

4-74

Example

--> security set blockinglog warning

See also

firewall set securitylevel

4.2.7.1.5 SECURITY ADD ALG

Syntax

security add alg <algname> <algtype> [transport] [port]

SECURITY ADD ALG <ALGNAME> <ALGTYPE> [PROT <PROTNO>]

Description

This command enables a specific ALG

Options

The following table gives the range of values for each option that can be specified with

this command and a Default Value (if applicable).

Example

--> security add alg algsip sip udp 5060

--> security add alg algrsvp rsvp prot 46

See also

firewall set securitylevel

level

The level of logging reported at the event log or

the console. You can choose from the following

levels:

emergency, alert, critical, error, warning, notice,

informational, debug. These levels directly corre-

spond to syslog levels.

Notice

Option

Description

Default Value

algname

A unique identifier specified by the user.

N/A

algtype

Application/Protocol ALG to be enabled. Example

– sip or rtsp.

N/A

transport

Transport protocol. Example – tcp, udp. If no

transport is specified, the default configured trans-

port for the algtype will be used.

N/A

port

If the transport is neither tcp nor udp, this field is

to be used to specify the transport. The actual

protocol number used by ALG is to be specified.

N/A

protno

Port used by ALG. If transport is neither tcp nor

udp, the port shall be 0. If no port is specified, the

default configured port for the algtype will be

used.

N/A

Option

Description

Default Value

Page 377 / 998

Security command reference

Security

4-75

iMG/RG Software Reference Manual (IPNetwork Functions)

4.2.7.1.6 SECURITY DELETE ALG

Syntax

security delete alg <algname>

Description

This command disables a specific ALG.

Options

The following table gives the range of values for each option that can be specified with

this command and a Default Value (if applicable).

Example

--> security delete alg alg_sipudp

4.2.7.1.7 SECURITY LIST ALG

Syntax

security LIST alg

Description

This command will display information of all the configured ALGs in tabular format.

Example

--> security list alg

ID | AlgType | Transport | Port |

--------------------------------------------

1

| ftp | 6 | 21

2

| ils | 6 | 389

3

| ils | 6 | 1002

4

| ike | 17 | 500

5

| aim | 6 | 5190

6

| msnmsgr | 6 | 1863

7

| pptp | 6 | 1723

8

| rsvp | 46 | 0

9

| l2tp | 17 | 1701

10 | rtsp | 6 | 554

11 |

sip | 17 |

5060

--------------------------------------------

4.2.7.1.8 SECURITY LIST LOGGING

Syntax

security LIST logging

Description

This command will display information of all the configured logging in tabular format. This com-

mand is not present on FIBER A,B,C devices

Example

--> security list logging

The logging module is: true

Option

Description

Default Value

algname

Unique identifier specified to delete the ALG.

N/A

Page 378 / 998

Security

Security command reference

iMG/RG Software Reference Manual (IPNetwork Functions)

4-76

Session event logging is: false

Blocking event logging is: false

Intrusion event logging is: false

4.2.7.1.9 SECURITY SHOW ALG

Syntax

security SHOW alg <algname>

Description

This command will display the following information about a specific ALG.

•

AlgType - Application/Protocol ALG to be enabled. Example – sip.

•

Transport - Transport protocol. Example – tcp, udp. If no transport is specified, the

default configured transport for the algtype will be used.

•

Port - If the transport is neither tcp nor udp, this field is to be used to specify the

transport. The actual protocol number used by ALG is to be specified.

Options

The following table gives the range of values for each option that can be specified with

this command and a Default Value (if applicable).

Example

--> security show alg alg_sipudp

Alg Type : sip

Transport: 17

Port :

5060

4.2.7.1.10 SECURITY STATUS

Syntax

security status

Description

This command displays the following information about the

Security

package:

•

Security status (enabled or disabled)

•

Firewall status (enabled or disabled)

•

Firewall security level setting (none, high, low, or medium)

•

Firewall session logging (enabled or disabled)

•

Firewall blocking logging (enabled or disabled)

•

Firewall intrusion logging (enabled or disabled)

•

NAT status (enabled or disabled)

Example

--> security status

Option

Description

Default Value

algname

Unique identifier specified to delete the ALG.

N/A

Page 379 / 998

Security command reference

Security

4-77

iMG/RG Software Reference Manual (IPNetwork Functions)

Security enabled.

Firewall disabled.

Firewall security level: none.

NAT disabled.

Intrusion detection is disabled.

Security logging is enabled.

Session logging disabled.

Blocking logginisabled.

Intrusion logging disabled.

Security AEM Logging Interval: 5 Sec(s).

See also

SECURITY ENABLE | DISABLE

FIREWALL SET SECURITYLEVEL

4.2.7.1.11 SECURITY ADD INTERFACE

Syntax

SECURITY ADD INTERFACE <name> {EXTERNAL | INTERNAL | DMZ}

Description

This command adds an existing IP interface to the

Security

package to create a security

interface, and specifies what type of interface it is depending on how it connects to the

network.

Once you have added security interfaces, you can use them in the

NAT

and/or

Firewall

configurations.

Options

The following table gives the range of values for each option that can be specified with

this command and a Default Value (if applicable).

Example

--> security add interface ip1 internal

See also

IP LIST INTERFACES

See also

Firewall command reference

NAT CLI commands

Option

Description

Default Value

name

An existing IP interface. To display interface names, use the ip

list interfaces command.

N/A

external

An interface that connects to the external network.

N/A

internal

An interface that connects to the internal network

N/A

dmz

An interface that connects to the de-militarized zone, DMZ

N/A

Page 380 / 998

Security

Security command reference

iMG/RG Software Reference Manual (IPNetwork Functions)

4-78

4.2.7.1.12 SECURITY CLEAR INTERFACES

Syntax

security clear interfaces

Description

This command removes all security interfaces that were added to the

Security

package

using the security add interface command.

Example

--> security clear interfaces

See also

SECURITY DELETE INTERFACE

4.2.7.1.13 SECURITY DELETE INTERFACE

Syntax

SECURITY DELETE INTERFACE <name>

Description

This command removes a single security interface that was added to the Security pack-

age using the security add interface command.

Options

The following table gives the range of values for each option that can be specified with

this command and a Default Value (if applicable).

Example

--> security delete interface f1

See also

SECURITY CLEAR INTERFACES

SECURITY LIST INTERFACES

4.2.7.1.14 SECURITY LIST INTERFACES

Syntax

security list interfaces

Description

This command lists the following information about security interfaces that were added

to the

Security

package using the security add interface command:

•

I

nterface ID number

•

Interface name

•

Interface type (external, internal or DMZ)

Example

--> security list interfaces

Security Interfaces:

ID

|

Name

| Type

-----|----------|----------

1 | i1

| internal

Option

Description

Default Value

name

An existing security interface. To display interface

names, use the SECURITY LIST INTERFACES

command.

N/A

Rate

Popular Allied-Telesis Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share