Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
All inbound multicast and broadcast traffic at the Application Layer Enforcement (ALE) layers is mapped to one global ALE flow. Response traffic for inbound multicast and broadcast packets is classified at the FWPM_LAYER_ALE_AUTH_CONNECT_V{4|6} layer and separate ALE flows are created for each response.
Outbound multicast and broadcast traffic at the ALE layers creates a 4-second ALE flow. By default, the authorization of an outbound multicast or broadcast ALE packet will permit inbound traffic, whether unicast, multicast, or broadcast, from any remote address for up to 4 seconds. Such an ALE flow can only be refreshed or kept alive by subsequent outbound traffic that matches the ALE flow.
Note
The 4-second lifetime is specified by the built-in callout FWPM_CALLOUT_SET_OPTIONS_AUTH_CONNECT_LAYER_V{4|6}. To alter the 4-second default lifetime, add a filter that references the FWPM_CALLOUT_SET_OPTIONS_AUTH_CONNECT_LAYER_V{4|6} callout. See ALE Flow Customization for more information.
Related topics