38-33
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 38 Configuring Inspection for Voice and Video Protocols
SIP Inspection
–
Check RTP packets for protocol conformance—Checks RTP/RTCP packets flowing on the
pinholes for protocol conformance.
Limit payload to audio or video, based on the signaling exchange—Enforces payload type to be
audio/video based on the signaling exchange.
• SIP Conformance—Tab that lets you configure the SIP conformance settings for SIP.
–
Enable state transition checking—Enables SIP state checking.
Action—Drop packet, Drop Connection, Reset, Log.
Log—Enable or Disable.
–
Enable strict validation of header fields—Enables validation of SIP header fields.
Action—Drop packet, Drop Connection, Reset, Log.
Log—Enable or Disable.
• Field Masking—Tab that lets you configure the field masking settings for SIP.
–
Inspect non-SIP URIs—Enables non-SIP URI inspection in Alert-Info and Call-Info headers.
Action—Mask or Log.
Log—Enable or Disable.
–
Inspect server’s and endpoint’s software version—Inspects SIP endpoint software version in
User-Agent and Server headers.
Action—Mask or Log.
Log—Enable or Disable.
• Inspections—Tab that shows you the SIP inspection configuration and lets you add or edit.
–
Match Type—Shows the match type, which can be a positive or negative match.
–
Criterion—Shows the criterion of the SIP inspection.
–
Value—Shows the value to match in the SIP inspection.
–
Action—Shows the action if the match condition is met.
–
Log—Shows the log state.
–
Add—Opens the Add SIP Inspect dialog box to add a SIP inspection.
–
Edit—Opens the Edit SIP Inspect dialog box to edit a SIP inspection.
–
Delete—Deletes a SIP inspection.
–
Move Up—Moves an inspection up in the list.
–
Move Down—Moves an inspection down in the list.
Modes
The following table shows the modes in which this feature is available:
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
••••—
To Next Page
Loading...
Need help?
General
