What you do with the CPE "firewall" settings depends on what sort of
ISP you are. Do you cater to geeks or aunts/grand mothers?
Whatever you do, I would suggest that you document in a place that is
easy for customers to find exactlyt what apps/protocols are open/closed
with the settings you've
On 09/23/2017 07:47 AM, Ca By wrote:
> On Sat, Sep 23, 2017 at 7:13 AM Colton Conor wrote:
>> Just not sure why big vendors like Alcatel and Comtrend would have them
>> enabled by default if they do more harm than good?
> Turns out vendors focus on building and selling
>>
>>> On the Acatel-Lucent (Nokia) ONT, the following came enabled by default
>>> from the factory:
>>>
>>> FTP
>>> H323
>>> IPSEC
>>> L2TP
>>> PPTP
>>> RTSP
>>> SIP
>>> TFTP
>>>
&
gt;
>> The only difference between these two is the Comtrend has an IRC as a ALG,
>> and Acatel has L2TP as a protocol type. The other seven ALG protocols as
>> the same.
>>
>> My question is in general, is it a good idea to disable all Application
>> Layer Ga
> and Acatel has L2TP as a protocol type. The other seven ALG protocols as
> the same.
>
> My question is in general, is it a good idea to disable all Application
> Layer Gateways?
>
Yes. ALG are frequently too smart for their own good.
> The only ALG I have had experience with was
between these two is the Comtrend has an IRC as a ALG,
and Acatel has L2TP as a protocol type. The other seven ALG protocols as
the same.
My question is in general, is it a good idea to disable all Application
Layer Gateways?
The only ALG I have had experience with was a SIP ALG. Almost all SIP
6 matches
Mail list logo