Which protocols does the ASPF firewall of an AR router support

0

The ASPF firewall of an AR router supports the following protocols:
- File Transfer Protocol (FTP)
- Hyper Text Transport Protocol (HTTP)
- Internet Control Message Protocol (ICMP)
- Session Initiation Protocol (SIP)
- Real Time Streaming Protocol (RTSP)
- Transmission Control Protocol (TCP)
- Trivial File Transfer Protocol (TFTP)
- User Datagram Protocol (UDP)

Other related questions:
Which STP protocols does an AR router support
An AR router supports STP/RSTP/MSTP, but does not support VBST.

Configure the ASPF firewall on an AR router
The application specific packet filter (ASPF) firewall can detect and filter FTP, HTTP, SIP, and RTSP packets on the application layer. The ASPF firewall filters packets on the application layer based on status. This firewall can detect application layer session information that attempts to pass the firewall, and prevent packets that do not match rules from passing the firewall. After the ActiveX Blocking is configured, the ASPF will block the ActiveX that is transmitted over HTTP, preventing users from installing insecure or malicious controls. After the Java Blocking is configured, the ASPF will block requests that are sent in order to obtain programs containing the Java Applet from web pages. In the system view: 1. Run the firewall interzone zone-name1 zone-name2 command to access the interzone view. 2. In V200R006 and earlier versions, run the detect aspf { all | ftp | http [ activex-blocking | java-blocking ] | rtsp | sip } command to configure the ASPF firewall. In V200R007, run the detect aspf { ftp | rtsp | sip } command to configure the ASPF firewall. Most of the application layer protocols have bidirectional interaction processes. Therefore, during ASPF configuration, ignore directions, and the router automatically checks the status of inbound and outbound packets. By default, the ASPF firewall is not configured for the interzone. 3. Check the configuration result. Run the display firewall interzone [ zone-name1 zone-name2 ] command to query ASPF information about the interzone.

Which multicast protocols do Huawei AR series enterprise routers support
In versions earlier than V200R005C00, the Huawei AR Series Enterprise Routers support the following multicast protocols: -Multicast Source Discovery Protocol (MSDP) -Protocol independent multicast sparse mode (PIM-SM) -Protocol independent multicast dense mode (PIM-DM) -Internet Group Management Protocol (IGMP) -IGMP Snooping and MLD Snooping NOTE: AR150&AR200 series routers and AR1200 series routers do not support IGMP Snooping and MLD Snooping. In V200R005C00 and later versions, the Huawei AR Series Enterprise Routers support the following multicast protocols: -Multicast Source Discovery Protocol (MSDP) -Protocol independent multicast sparse mode (PIM-SM) -Protocol independent multicast sparse mode (PIM-SM) for IPv6 -Protocol independent multicast dense mode (PIM-DM) -Protocol independent multicast dense mode (PIM-DM) for IPv6 -Internet Group Management Protocol (IGMP) -Multicast Listener Discovery (MLD) -IGMP Snooping and MLD Snooping NOTE: AR120&AR150&AR160&AR200&AR500 series routers, AR510 series routers and AR1200 series routers do not support IGMP Snooping and MLD Snooping.

Which encryption protocols does the AR support
The AR supports Authentication Header (AH) and Encapsulating Security Payload (ESP) protocols. Their differences are as follows: -AH: provides data origin authentication, data integrity check, and anti-replay. The sender performs the hash algorithm on the IP payload and all header fields of an IP packet except for variable fields to generate a message digest. The receiver recalculates the message digest according to the received IP packet and compares the two message digests to determine whether the IP packet has been modified during transmission. AH does not encrypt the IP payload. AH applies to non-confidential data transmission. -ESP: provides data encryption in addition to the functions provided by the AH protocol. ESP can encrypt and authenticate the IP payload but does not protect the IP packet header. ESP applies to confidential data transmission. AH and ESP can be used independently or together. When AH and ESP are used together, ESP and AH headers are encapsulated in sequence, enhancing security.

Which encryption protocols does an AR support
AR routers support the Authentication Header (AH) and Encapsulating Security Payload (ESP) protocols. Their differences are as follows: - AH: provides data origin authentication, data integrity check, and anti-replay services. The sender performs the hash algorithm on the IP payload and all header fields of an IP packet except for variable fields to generate a message digest. The receiver recalculates the message digest according to the received IP packet and compares the two message digests to determine whether the IP packet has been modified during transmission. AH does not encrypt the IP payload. It applies to non-confidential data transmission. - ESP: encrypts the IP payload in addition to providing all the functions of AH. ESP can encrypt and authenticate the IP payload but does not protect the IP packet header. It applies to non-confidential data transmission. AH and ESP can be used independently or together. When AH and ESP are used together, ESP encapsulation and then AH encapsulation are performed on an IP packet to be sent, providing higher security.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top