 | ||
 SIP traffic | ||
| CPUG | |
| The Check Point User Group | |
| A Resource For The Check Point Community. Fast. Useful. Independent. | |
|
| |||||||
 |
| | LinkBack | Thread Tools | Display Modes |
 2007-11-20 | |||
| |||
 SIP traffic I am using NGX R60 HFA and I am trying to get Microsoft Office Communications Server 2007 working. It requires opening port 5061 for TLS sip traffic. I have used the builtin service of sip-tlstcp but it appears that smart defense is blocking it somewhere. If I create my own service of allowing 5061 it works fine. I cannot see any logging for sip to see where the packets are getting dropped. I have turned off all sip settings in smart defence under VOIP. Am I missing setting in another place?  |
| 2007-11-27 | |||
| |||
| Re: SIP traffic In addition to SmartDefense protections, there's additional protocol inspection based on the service type. If you edit your sip-tlstcp and look under "Advanced...", if you have Protocol Type defined it will do the additional check (even if SMDF is disabled). You can change that Protocol Type to be None which should remove the additional check. AFAIK checking "Match for Any" may also impact which sip-tls service is matched (ie if more then one service uses the same port). |
|
| Thread Tools | |
| Display Modes | |
| |
Linear Mode
