Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

unknown-message (Security SIP ALG)

Syntax

Hierarchy Level

Description

Specify how SRX Series Firewall handles unidentified Session Initiation Protocol (SIP) messages. The default is to drop unknown (unsupported) messages. Permitting unknown messages can compromise security and is not recommended. However, in a secure test or production environment, this statement is useful for resolving interoperability issues with disparate vendor equipment. You can permit unknown SIP (unsupported) messages to get your network operational. Later, you can analyze your VoIP traffic to determine why some messages were dropped.

This statement applies only to received packets identified as supported VoIP packets. If a packet cannot be identified, it is always dropped. If a packet is identified as a supported protocol, the message is forwarded without processing.

Options

  • permit-nat-applied—Permits unknown messages to pass if the session is in NAT mode.

  • permit-routed—Permit unknown messages on routed packets. Sessions in Transparent mode are treated as Route mode.

Required Privilege Level

security—To view this statement in the configuration.

security-control—To add this statement to the configuration.

Release Information

Statement introduced in Junos OS Release 8.5.