SIP support
VoIP and SIP
FortiGate Version 4.0 Administration Guide
01-400-89802-20090424
427
•
SIP support
The Session Initiation Protocol (SIP) is a signaling protocol used for establishing and
conducting multiuser calls over TCP/IP networks using any media. Due to the complexity
of the call setup, not every firewall can handle SIP calls correctly, even if the firewall is
stateful. The FortiGate unit has a pre-defined SIP firewall service that tracks and scans
SIP calls and makes adjustments, to both the firewall state and call data, to ensure a
seamless call is established through the FortiGate unit regardless of its operation mode,
NAT, route, or transparent.
You can use protection profiles to control the SIP protocol and SIP call activity.
A statistical summary of SIP protocol activity is also available for managing SIP use.
This section includes some information about VoIP and SIP. It also describes how FortiOS
SIP support works and how to configure the key SIP features. For more configuration
information, see the
.
The FortiGate unit supports the following SIP features:
•
stateful SIP tracking
•
RTP Pinholing
•
request control
•
rate limiting
•
vents logging
•
communication archiving
•
NAT IP preservation
•
client connection control
•
register response acceptance
•
Application Layer Gateway (ALG) control
•
SIP stateful HA
This section describes:
•
•
The FortiGate unit and VoIP security
•
•
VoIP and SIP
SIP is an IETF protocol for establishing Voice over IP (VoIP) connections. Many VoIP
networks choose SIP to handle multimedia sessions between endpoints. This lightweight
text-based signaling protocol is transported over either Transmission Control Protocol
(TCP) or User Datagram Protocol (UDP). SIP uses invitations to create Session
Description Protocol (SDP) messages that allow participants to agree on a set of
compatible media types.
SIP applications are based on a client-server structure and support user mobility with two
operating modes: proxy and redirect.
Summary of Contents for Gate 60D
Page 705: ...www fortinet com...
Page 706: ...www fortinet com...