Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
vas
Contributor

SIP Protocol - IPS Inspection

Hi Experts,

I'm planning to migrate another vendor firewall to checkpoint (R81.10 Take 66) and have a query relating to IPS/Inspection settings  for SIP traffic.

Option1:-

Source: SIP Server

Destination: SIP Phone

Ports: sip_tls_authentication , sip, udp-high-ports (With Protocol defined)

Action: Allow

Option 2:-

Source: SIP Server

Destination: SIP Phone

Ports: sip_tls_not_inspected , TCP/5060 (with protocol NONE), udp-high-ports 

Action: Allow

Can someone please suggest the best option in configuring IPS inspection for SIP traffic to avoid drops or one-way calls?

Thanks in advance.

0 Kudos
3 Replies

R81.10 VoIP Administration Guide

CCSE CCTE CCSM SMB Specialist
0 Kudos
vas
Contributor

Hi Mate

Thanks for the reply . Yeah, I've gone through the mentioned article earlier and I'd like to seek expertise to understand the best practice in configuring IPS or Inspection settings relating to SIP traffic to avoid any issues.

I've been planning to configure firewall rules with protocol enabled in the service object. Should there be any issues, do we need to configure the exception in IPS? Also, should there be any exceptions on Inspection settings as well?

If the firewall rules are enabled without the protocol option, will it turn off only IPS inspection and/or Inspection  settings also..?

 

 

 

0 Kudos

The SIP service object should be used as it is, or dynamically opened RTP sessions may fail. To create exceptions for SIP traffic may save resources if necessary.

CCSE CCTE CCSM SMB Specialist
0 Kudos