Sip Inspection Engine; Configuring The Sip Inspection Engine - Cisco Catalyst 6500 Series Configuration Manual
Catalyst 6500 series switch and
cisco 7600 series router firewall services
Hide thumbs
Also See for Catalyst 6500 Series:
- Software configuration manual (570 pages) ,
- Configuration note (212 pages) ,
- Installation manual (194 pages)
Table of Contents
Advertisement
Detailed Information About Inspection Engines
•
•
•
•
•
•
•
SIP Inspection Engine
Enabled by default for TCP and UDP port 5060
Session Initiation Protocol (SIP), as defined by the Internet Engineering Task Force (IETF), enables call
handling sessions, particularly two-party audio conferences, or "calls."
This section includes the following topics:
•
•
•
Configuring the SIP Inspection Engine
To configure the SIP inspection engine, enter the following commands:
•
•
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide
13-16
The FWSM does not support RealNetworks multicast mode (x-real-rdt/mcast).
The FWSM does not support PAT and outside NAT for RTSP.
The FWSM does not have the ability to recognize HTTP cloaking where RTSP messages are hidden
in HTTP messages.
The FWSM cannot perform NAT on RTSP messages because the embedded IP addresses are
contained in the Session Description Protocol (SDP) files as part of HTTP or RTSP messages.
Packets could be fragmented, and the FWSM cannot perform NAT on fragmented packets.
With Cisco IP/TV, the number of translations the FWSM performs on the SDP part of the message
is proportional to the number of program listings in the Content Manager (each program listing can
have at least six embedded IP addresses).
You can configure NAT for Apple QuickTime 4 or RealPlayer. Cisco IP/TV only works with NAT
if the Viewer and Content Manager are on the outside network and the server is on the inside
network.
When using RealPlayer, it is important to properly configure transport mode. For the FWSM, add
an access-list command statement from the server to the client or vice versa. For RealPlayer, change
transport mode by clicking Options>Preferences>Transport>RTSP Settings.
If you use TCP mode on the RealPlayer, select the Use TCP to Connect to Server and Attempt to
use TCP for all content check boxes. On the FWSM, there is no need to configure the inspection
engine.
If you use UDP mode on the RealPlayer, select the Use TCP to Connect to Server and Attempt to
use UDP for static content check boxes. On the FWSM, configure the RTSP inspection engine.
Configuring the SIP Inspection Engine, page 13-16
SIP Overview, page 13-17
Technical Background, page 13-17
To configure the SIP TCP inspection engine, enter the following command:
FWSM/contexta(config)# fixup protocol sip [ port [- port ]]
The default port is 5060 (TCP).
To configure the SIP UDP inspection engine, enter the following command:
FWSM/contexta(config)# fixup protocol sip udp
The default port is 5060 (UDP), which is the only port allowed.
Chapter 13
Configuring Application Protocol Inspection
OL-6392-01
Advertisement
Table of Contents
Troubleshooting
