config voip profile
Configure VoIP profiles.
config voip profile
Description: Configure VoIP profiles.
edit <name>
set feature-set [flow|proxy]
set comment {var-string}
config sip
Description: SIP.
set status [disable|enable]
set rtp [disable|enable]
set nat-port-range {user}
set open-register-pinhole [disable|enable]
set open-contact-pinhole [disable|enable]
set strict-register [disable|enable]
set register-rate {integer}
set register-rate-track [none|src-ip|...]
set invite-rate {integer}
set invite-rate-track [none|src-ip|...]
set max-dialogs {integer}
set max-line-length {integer}
set block-long-lines [disable|enable]
set block-unknown [disable|enable]
set call-keepalive {integer}
set block-ack [disable|enable]
set block-bye [disable|enable]
set block-cancel [disable|enable]
set block-info [disable|enable]
set block-invite [disable|enable]
set block-message [disable|enable]
set block-notify [disable|enable]
set block-options [disable|enable]
set block-prack [disable|enable]
set block-publish [disable|enable]
set block-refer [disable|enable]
set block-register [disable|enable]
set block-subscribe [disable|enable]
set block-update [disable|enable]
set register-contact-trace [disable|enable]
set open-via-pinhole [disable|enable]
set open-record-route-pinhole [disable|enable]
set rfc2543-branch [disable|enable]
set log-violations [disable|enable]
set log-call-summary [disable|enable]
set nat-trace [disable|enable]
set subscribe-rate {integer}
set subscribe-rate-track [none|src-ip|...]
set message-rate {integer}
set message-rate-track [none|src-ip|...]
set notify-rate {integer}
set notify-rate-track [none|src-ip|...]
set refer-rate {integer}
set refer-rate-track [none|src-ip|...]
set update-rate {integer}
set update-rate-track [none|src-ip|...]
set options-rate {integer}
set options-rate-track [none|src-ip|...]
set ack-rate {integer}
set ack-rate-track [none|src-ip|...]
set prack-rate {integer}
set prack-rate-track [none|src-ip|...]
set info-rate {integer}
set info-rate-track [none|src-ip|...]
set publish-rate {integer}
set publish-rate-track [none|src-ip|...]
set bye-rate {integer}
set bye-rate-track [none|src-ip|...]
set cancel-rate {integer}
set cancel-rate-track [none|src-ip|...]
set preserve-override [disable|enable]
set no-sdp-fixup [disable|enable]
set contact-fixup [disable|enable]
set max-idle-dialogs {integer}
set block-geo-red-options [disable|enable]
set hosted-nat-traversal [disable|enable]
set hnt-restrict-source-ip [disable|enable]
set max-body-length {integer}
set unknown-header [discard|pass|...]
set malformed-request-line [discard|pass|...]
set malformed-header-via [discard|pass|...]
set malformed-header-from [discard|pass|...]
set malformed-header-to [discard|pass|...]
set malformed-header-call-id [discard|pass|...]
set malformed-header-cseq [discard|pass|...]
set malformed-header-rack [discard|pass|...]
set malformed-header-rseq [discard|pass|...]
set malformed-header-contact [discard|pass|...]
set malformed-header-record-route [discard|pass|...]
set malformed-header-route [discard|pass|...]
set malformed-header-expires [discard|pass|...]
set malformed-header-content-type [discard|pass|...]
set malformed-header-content-length [discard|pass|...]
set malformed-header-max-forwards [discard|pass|...]
set malformed-header-allow [discard|pass|...]
set malformed-header-p-asserted-identity [discard|pass|...]
set malformed-header-no-require [discard|pass|...]
set malformed-header-no-proxy-require [discard|pass|...]
set malformed-header-sdp-v [discard|pass|...]
set malformed-header-sdp-o [discard|pass|...]
set malformed-header-sdp-s [discard|pass|...]
set malformed-header-sdp-i [discard|pass|...]
set malformed-header-sdp-c [discard|pass|...]
set malformed-header-sdp-b [discard|pass|...]
set malformed-header-sdp-z [discard|pass|...]
set malformed-header-sdp-k [discard|pass|...]
set malformed-header-sdp-a [discard|pass|...]
set malformed-header-sdp-t [discard|pass|...]
set malformed-header-sdp-r [discard|pass|...]
set malformed-header-sdp-m [discard|pass|...]
set provisional-invite-expiry-time {integer}
set ips-rtp [disable|enable]
set ssl-mode [off|full]
set ssl-send-empty-frags [enable|disable]
set ssl-client-renegotiation [allow|deny|...]
set ssl-algorithm [high|medium|...]
set ssl-pfs [require|deny|...]
set ssl-min-version [ssl-3.0|tls-1.0|...]
set ssl-max-version [ssl-3.0|tls-1.0|...]
set ssl-client-certificate {string}
set ssl-server-certificate {string}
set ssl-auth-client {string}
set ssl-auth-server {string}
end
config sccp
Description: SCCP.
set status [disable|enable]
set block-mcast [disable|enable]
set verify-header [disable|enable]
set log-call-summary [disable|enable]
set log-violations [disable|enable]
set max-calls {integer}
end
config msrp
Description: MSRP.
set status [disable|enable]
set log-violations [disable|enable]
set max-msg-size {integer}
set max-msg-size-action [pass|block|...]
end
next
end
config voip profile
|
Parameter |
Description |
Type |
Size |
Default |
||||||
|---|---|---|---|---|---|---|---|---|---|---|
|
feature-set |
Flow or proxy inspection feature set. |
option |
- |
proxy |
||||||
|
|
|
|||||||||
|
comment |
Comment. |
var-string |
Maximum length: 255 |
|
||||||
config sip
|
Parameter |
Description |
Type |
Size |
Default |
||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
status |
Enable/disable SIP. |
option |
- |
enable |
||||||||
|
|
|
|||||||||||
|
rtp |
Enable/disable create pinholes for RTP traffic to traverse firewall. |
option |
- |
enable |
||||||||
|
|
|
|||||||||||
|
nat-port-range |
RTP NAT port range. |
user |
Not Specified |
5117-65533 |
||||||||
|
open-register-pinhole |
Enable/disable open pinhole for REGISTER Contact port. |
option |
- |
enable |
||||||||
|
|
|
|||||||||||
|
open-contact-pinhole |
Enable/disable open pinhole for non-REGISTER Contact port. |
option |
- |
enable |
||||||||
|
|
|
|||||||||||
|
strict-register |
Enable/disable only allow the registrar to connect. |
option |
- |
enable |
||||||||
|
|
|
|||||||||||
|
register-rate |
REGISTER request rate limit (per second, per policy). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
0 |
||||||||
|
register-rate-track |
Track the packet protocol field. |
option |
- |
none |
||||||||
|
|
|
|||||||||||
|
invite-rate |
INVITE request rate limit (per second, per policy). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
0 |
||||||||
|
invite-rate-track |
Track the packet protocol field. |
option |
- |
none |
||||||||
|
|
|
|||||||||||
|
max-dialogs |
Maximum number of concurrent calls/dialogs (per policy). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
0 |
||||||||
|
max-line-length |
Maximum SIP header line length . |
integer |
Minimum value: 78 Maximum value: 4096 |
998 |
||||||||
|
block-long-lines |
Enable/disable block requests with headers exceeding max-line-length. |
option |
- |
enable |
||||||||
|
|
|
|||||||||||
|
block-unknown |
Block unrecognized SIP requests . |
option |
- |
enable |
||||||||
|
|
|
|||||||||||
|
call-keepalive |
Continue tracking calls with no RTP for this many minutes. |
integer |
Minimum value: 0 Maximum value: 10080 |
0 |
||||||||
|
block-ack |
Enable/disable block ACK requests. |
option |
- |
disable |
||||||||
|
|
|
|||||||||||
|
block-bye |
Enable/disable block BYE requests. |
option |
- |
disable |
||||||||
|
|
|
|||||||||||
|
block-cancel |
Enable/disable block CANCEL requests. |
option |
- |
disable |
||||||||
|
|
|
|||||||||||
|
block-info |
Enable/disable block INFO requests. |
option |
- |
disable |
||||||||
|
|
|
|||||||||||
|
block-invite |
Enable/disable block INVITE requests. |
option |
- |
disable |
||||||||
|
|
|
|||||||||||
|
block-message |
Enable/disable block MESSAGE requests. |
option |
- |
disable |
||||||||
|
|
|
|||||||||||
|
block-notify |
Enable/disable block NOTIFY requests. |
option |
- |
disable |
||||||||
|
|
|
|||||||||||
|
block-options |
Enable/disable block OPTIONS requests and no OPTIONS as notifying message for redundancy either. |
option |
- |
disable |
||||||||
|
|
|
|||||||||||
|
block-prack |
Enable/disable block prack requests. |
option |
- |
disable |
||||||||
|
|
|
|||||||||||
|
block-publish |
Enable/disable block PUBLISH requests. |
option |
- |
disable |
||||||||
|
|
|
|||||||||||
|
block-refer |
Enable/disable block REFER requests. |
option |
- |
disable |
||||||||
|
|
|
|||||||||||
|
block-register |
Enable/disable block REGISTER requests. |
option |
- |
disable |
||||||||
|
|
|
|||||||||||
|
block-subscribe |
Enable/disable block SUBSCRIBE requests. |
option |
- |
disable |
||||||||
|
|
|
|||||||||||
|
block-update |
Enable/disable block UPDATE requests. |
option |
- |
disable |
||||||||
|
|
|
|||||||||||
|
register-contact-trace |
Enable/disable trace original IP/port within the contact header of REGISTER requests. |
option |
- |
disable |
||||||||
|
|
|
|||||||||||
|
open-via-pinhole |
Enable/disable open pinhole for Via port. |
option |
- |
disable |
||||||||
|
|
|
|||||||||||
|
open-record-route-pinhole |
Enable/disable open pinhole for Record-Route port. |
option |
- |
enable |
||||||||
|
|
|
|||||||||||
|
rfc2543-branch |
Enable/disable support via branch compliant with RFC 2543. |
option |
- |
disable |
||||||||
|
|
|
|||||||||||
|
log-violations |
Enable/disable logging of SIP violations. |
option |
- |
disable |
||||||||
|
|
|
|||||||||||
|
log-call-summary |
Enable/disable logging of SIP call summary. |
option |
- |
enable |
||||||||
|
|
|
|||||||||||
|
nat-trace |
Enable/disable preservation of original IP in SDP i line. |
option |
- |
enable |
||||||||
|
|
|
|||||||||||
|
subscribe-rate |
SUBSCRIBE request rate limit (per second, per policy). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
0 |
||||||||
|
subscribe-rate-track |
Track the packet protocol field. |
option |
- |
none |
||||||||
|
|
|
|||||||||||
|
message-rate |
MESSAGE request rate limit (per second, per policy). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
0 |
||||||||
|
message-rate-track |
Track the packet protocol field. |
option |
- |
none |
||||||||
|
|
|
|||||||||||
|
notify-rate |
NOTIFY request rate limit (per second, per policy). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
0 |
||||||||
|
notify-rate-track |
Track the packet protocol field. |
option |
- |
none |
||||||||
|
|
|
|||||||||||
|
refer-rate |
REFER request rate limit (per second, per policy). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
0 |
||||||||
|
refer-rate-track |
Track the packet protocol field. |
option |
- |
none |
||||||||
|
|
|
|||||||||||
|
update-rate |
UPDATE request rate limit (per second, per policy). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
0 |
||||||||
|
update-rate-track |
Track the packet protocol field. |
option |
- |
none |
||||||||
|
|
|
|||||||||||
|
options-rate |
OPTIONS request rate limit (per second, per policy). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
0 |
||||||||
|
options-rate-track |
Track the packet protocol field. |
option |
- |
none |
||||||||
|
|
|
|||||||||||
|
ack-rate |
ACK request rate limit (per second, per policy). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
0 |
||||||||
|
ack-rate-track |
Track the packet protocol field. |
option |
- |
none |
||||||||
|
|
|
|||||||||||
|
prack-rate |
PRACK request rate limit (per second, per policy). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
0 |
||||||||
|
prack-rate-track |
Track the packet protocol field. |
option |
- |
none |
||||||||
|
|
|
|||||||||||
|
info-rate |
INFO request rate limit (per second, per policy). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
0 |
||||||||
|
info-rate-track |
Track the packet protocol field. |
option |
- |
none |
||||||||
|
|
|
|||||||||||
|
publish-rate |
PUBLISH request rate limit (per second, per policy). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
0 |
||||||||
|
publish-rate-track |
Track the packet protocol field. |
option |
- |
none |
||||||||
|
|
|
|||||||||||
|
bye-rate |
BYE request rate limit (per second, per policy). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
0 |
||||||||
|
bye-rate-track |
Track the packet protocol field. |
option |
- |
none |
||||||||
|
|
|
|||||||||||
|
cancel-rate |
CANCEL request rate limit (per second, per policy). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
0 |
||||||||
|
cancel-rate-track |
Track the packet protocol field. |
option |
- |
none |
||||||||
|
|
|
|||||||||||
|
preserve-override |
Override i line to preserve original IPS . |
option |
- |
disable |
||||||||
|
|
|
|||||||||||
|
no-sdp-fixup |
Enable/disable no SDP fix-up. |
option |
- |
disable |
||||||||
|
|
|
|||||||||||
|
contact-fixup |
Fixup contact anyway even if contact's IP:port doesn't match session's IP:port. |
option |
- |
enable |
||||||||
|
|
|
|||||||||||
|
max-idle-dialogs |
Maximum number established but idle dialogs to retain (per policy). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
0 |
||||||||
|
block-geo-red-options |
Enable/disable block OPTIONS requests, but OPTIONS requests still notify for redundancy. |
option |
- |
disable |
||||||||
|
|
|
|||||||||||
|
hosted-nat-traversal |
Hosted NAT Traversal (HNT). |
option |
- |
disable |
||||||||
|
|
|
|||||||||||
|
hnt-restrict-source-ip |
Enable/disable restrict RTP source IP to be the same as SIP source IP when HNT is enabled. |
option |
- |
disable |
||||||||
|
|
|
|||||||||||
|
max-body-length |
Maximum SIP message body length (0 meaning no limit). |
integer |
Minimum value: 0 Maximum value: 4294967295 |
0 |
||||||||
|
unknown-header |
Action for unknown SIP header. |
option |
- |
pass |
||||||||
|
|
|
|||||||||||
|
malformed-request-line |
Action for malformed request line. |
option |
- |
pass |
||||||||
|
|
|
|||||||||||
|
malformed-header-via |
Action for malformed VIA header. |
option |
- |
pass |
||||||||
|
|
|
|||||||||||
|
malformed-header-from |
Action for malformed From header. |
option |
- |
pass |
||||||||
|
|
|
|||||||||||
|
malformed-header-to |
Action for malformed To header. |
option |
- |
pass |
||||||||
|
|
|
|||||||||||
|
malformed-header-call-id |
Action for malformed Call-ID header. |
option |
- |
pass |
||||||||
|
|
|
|||||||||||
|
malformed-header-cseq |
Action for malformed CSeq header. |
option |
- |
pass |
||||||||
|
|
|
|||||||||||
|
malformed-header-rack |
Action for malformed RAck header. |
option |
- |
pass |
||||||||
|
|
|
|||||||||||
|
malformed-header-rseq |
Action for malformed RSeq header. |
option |
- |
pass |
||||||||
|
|
|
|||||||||||
|
malformed-header-contact |
Action for malformed Contact header. |
option |
- |
pass |
||||||||
|
|
|
|||||||||||
|
malformed-header-record-route |
Action for malformed Record-Route header. |
option |
- |
pass |
||||||||
|
|
|
|||||||||||
|
malformed-header-route |
Action for malformed Route header. |
option |
- |
pass |
||||||||
|
|
|
|||||||||||
|
malformed-header-expires |
Action for malformed Expires header. |
option |
- |
pass |
||||||||
|
|
|
|||||||||||
|
malformed-header-content-type |
Action for malformed Content-Type header. |
option |
- |
pass |
||||||||
|
|
|
|||||||||||
|
malformed-header-content-length |
Action for malformed Content-Length header. |
option |
- |
pass |
||||||||
|
|
|
|||||||||||
|
malformed-header-max-forwards |
Action for malformed Max-Forwards header. |
option |
- |
pass |
||||||||
|
|
|
|||||||||||
|
malformed-header-allow |
Action for malformed Allow header. |
option |
- |
pass |
||||||||
|
|
|
|||||||||||
|
malformed-header-p-asserted-identity |
Action for malformed P-Asserted-Identity header. |
option |
- |
pass |
||||||||
|
|
|
|||||||||||
|
malformed-header-no-require |
Action for malformed SIP messages without Require header. |
option |
- |
pass |
||||||||
|
|
||||||||||||