Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
JoeSt89
Explorer

Protocol Violation alerts

Hello All,

We are getting Protocol Violation alerts with our Remote access client users that are running Jabber SIP Clients -- Firewall - Protocol violation detected with protocol:(RTP), matched protocol sig_id:(1), violation sig_id:(9). (500). It looks to me like this is the RTP voice traffic. 

Why is this traffic not matching the protocol signature for RTP Voice and how do we fix issues like this? I have a few other protocol violation alerts too. 

The traffic is allowed so phone calls are working fine but we shouldn't be getting these alerts.

Thanks!

 

0 Kudos
Reply
1 Reply
PhoneBoy
Admin
Admin

To fix the underlying issue you'll probably need packet captures and a TAC case.
You can also not use the relevant services in the service column, thus not activate the relevant protocol parsers, but that's a less secure option.

0 Kudos
Reply