Netscreen: Troubleshooting Application Layer Gateway Feature – Issues with VOIP/SQL Protocols

Netscreen firewalls have certain protocol inspection features enabled by default.  These features are listed in the ALG section of the configuration.  To view current settings issue “get alg” .  These features have been known to cause connection issues with certain version/implementation by the applications.  A couple of these protocols which are known to have issues with ALG are VOIP and SQL.

To disable protocol inspection for these issue the following: (note that all required ports will need to be manually added to the policy )

unset alg sip enable
unset alg mgcp enable
unset alg sccp enable
unset alg sql enable
unset alg rtsp enable
unset alg h323 enable
unset alg sctp enable
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s