Netscreen: Troubleshooting Application Layer Gateway Feature – Issues with VOIP/SQL Protocols

Netscreen firewalls have certain protocol inspection features enabled by default.  These features are listed in the ALG section of the configuration.  To view current settings issue “get alg” .  These features have been known to cause connection issues with certain version/implementation by the applications.  A couple of these protocols which are known to have issues with ALG are VOIP and SQL.

To disable protocol inspection for these issue the following: (note that all required ports will need to be manually added to the policy )

unset alg sip enable
unset alg mgcp enable
unset alg sccp enable
unset alg sql enable
unset alg rtsp enable
unset alg h323 enable
unset alg sctp enable

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s