Juniper Junos SIP – SIP ALG on Juniper SRX100H2 Configuration Guide

juniper-junossip

I'm not sure how the SIP alg on juniper works, but I guess its reading traffic on port 5060 to read sip signaling.

We have just changed to an other operator who dont use the standard sip port (5060) on their proxy. The problem is we get only one way audio (audio from outside cant reach us) I guess this is because the juniper box doesn't recognize the sip signaling messages and therefor it doesn't open the port needed for audio to go through the firewall.

So is there someway I can change the port or add one extra port for the sip alg service to monitor?

Best Answer

First, ALGs are technically independent entities. If we are looking at JUST the ALG, it cares only about the SIP signaling packets, not which ports are used.

You define the ports by application and bind the ALG to that application. Below is an example:

jhead@SRX# show applications application sip | display set
set applications application sip term t1 alg sip
set applications application sip term t1 protocol udp
set applications application sip term t1 destination-port 5061
set applications application sip term t2 alg sip
set applications application sip term t2 protocol udp
set applications application sip term t2 destination-port 5060
set applications application sip term t3 alg sip
set applications application sip term t3 protocol tcp
set applications application sip term t3 destination-port 5060

You can build as many terms as you need for each port you need to service.

Be sure to also adjust your security policies with the new application and anything else that might be required.

Best Answer

Related Solutions

Router – Double-NAT’s Effects on SIP and RTP

Cisco ASA – Configuring SIP Ports Other Than 5060

Related Topic