The Sip Alg - D-Link NetDefend DFL-210 User Manual

6.2.8. The SIP ALG

Action
NAT
PPTP ALG Settings
The following settings are available for the PPTP ALG:
Name
Echo timeout
Idle timeout
In most cases only the name needs to be defined and the other settings can be left at their defaults.
6.2.8. The SIP ALG
Session Initiation Protocol (SIP) is an ASCII (UTF-8) text based signalling protocol used to
establish sessions between clients in an IP network. It is a request-response protocol that resembles
HTTP and SMTP. The session which SIP sets up might consist of a Voice-Over-IP (VoIP)
telephone call or it could be a collaborative multi-media conference. Using SIP with VoIP means
that telephony can become another IP application which can integrate into other services.
SIP does not know about the details of a session's content and is only responsible for initiating,
terminating and modifying sessions. Sessions set up by SIP are typically used for the streaming of
audio and video over the Internet using the RTP/RTCP protocol (which is based on UDP) but they
might also involve traffic based on the TCP protocol. A RTP/RTCP based sessions might also
involve TCP or TLS based traffic in the same session.
SIP is defined by IETF RFC 3261 and is considered an important standard for VoIP communication.
It is comparable to H.323 but a design goal with SIP was to make it more scalable than H.323. (For
VoIP see also Section 6.2.9, "The H.323 ALG".)
SIP Components
The following components are the logical building blocks for SIP communication:
User Agents
Proxy Servers
Src Interface Src Network
lan
A descriptive name for the ALG.
Idle timeout for Echo messages in the PPTP tunnel.
Idle timeout for user traffic messages in the PPTP tunnel.
Note: Traffic shaping will not work with the SIP ALG
Any traffic connections that trigger an IP rule with a service object that uses the SIP
ALG cannot be also subject to traffic shaping.
These are the end points or clients that are involved in the client-to-client
communication. These would typically be the workstation or device used in an
IP telephony conversation. The term client will be used throughout this
section to describe a user agent.
These act as routers in the SIP protocol, performing both as client and server
when receiving client requests. They forward requests to a client's current
location as well as authenticating and authorizing access to services. They also
implement provider call-routing policies.
The proxy is often located on the external, unprotected side of the NetDefend
Firewall but can have other locations. All of these scenarios are supported by
NetDefendOS.
Dest Interface
lannet wan
229
Chapter 6. Security Mechanisms
Dest Network Service
all-nets pptp_service