Screen OS

last person joined: 8 months ago 

This is a legacy community with limited Juniper monitoring.

  • 1.  SIP packets dropped in firewall

    Posted 08-05-2010 05:22

    Hi,

     

    One of our customer is using modified version of SIP. Those packets are getting dropped in the firewall.

     

     

    ## 2010-08-05 13:54:01 : sip_alg....  packet received (117.97.174.130 -> 208.49.139.169) len=295
    ## 2010-08-05 13:54:01 :              udp packet received (5060 -> 5060) len=267, cksum=0x0000f4dc
    ## 2010-08-05 13:54:01 : >>>>>>>>> RECV PACKET begin 267 bytes >>>>>>>>>
    ## 2010-08-05 13:54:01 :              REGISTER tel:404450011709184 SIP/3.C
    ## 2010-08-05 13:54:01 :              t: 
    ## 2010-08-05 13:54:01 :              i: 562011461:1280996464.716000@117.97.174.130
    ## 2010-08-05 13:54:01 :              CSeq: 1
    ## 2010-08-05 13:54:01 :              7
    ## 2010-08-05 13:54:01 :              v: 117.97.174.130
    ## 2010-08-05 13:54:01 :              x: min=404450011709184;sid=0002;bv=1;gv=1;hsbi=1;ps=1;ua=MOTODESK1.0;dtx=0;bls=500-100-50
    ## 2010-08-05 13:54:01 :              o=Winphoria 2300 0 IN IP4 117.97.174.130:97,ptime=200
    ## 2010-08-05 13:54:01 :              
    ## 2010-08-05 13:54:01 : <<<<<<<<< RECV PACKET end <<<<<<<<<
    ## 2010-08-05 13:54:01 : >>>>>>>>> SEND PACKET begin 267 bytes >>>>>>>>>
    ## 2010-08-05 13:54:01 :              REGISTER tel:404450011709184 SIP/3.C
    ## 2010-08-05 13:54:01 :              t: 
    ## 2010-08-05 13:54:01 :              i: 562011461:1280996464.716000@117.97.174.130
    ## 2010-08-05 13:54:01 :              CSeq: 1
    ## 2010-08-05 13:54:01 :              7
    ## 2010-08-05 13:54:01 :              v: 117.97.174.130
    ## 2010-08-05 13:54:01 :              x: min=404450011709184;sid=0002;bv=1;gv=1;hsbi=1;ps=1;ua=MOTODESK1.0;dtx=0;bls=500-100-50
    ## 2010-08-05 13:54:01 :              o=Winphoria 2300 0 IN IP4 117.97.174.130:97,ptime=200
    ## 2010-08-05 13:54:01 :              
    ## 2010-08-05 13:54:01 : <<<<<<<<< SEND PACKET end <<<<<<<<<
    ## 2010-08-05 13:54:01 :              ERROR packet not processed by stack

    ## 2010-08-05 13:54:01 : sip_alg....  packet received (117.97.174.130 -> 208.49.139.169) len=295## 2010-08-05 13:54:01 :              udp packet received (5060 -> 5060) len=267, cksum=0x0000f4dc## 2010-08-05 13:54:01 : >>>>>>>>> RECV PACKET begin 267 bytes >>>>>>>>>## 2010-08-05 13:54:01 :              REGISTER tel:404450011709184 SIP/3.C## 2010-08-05 13:54:01 :              t: ## 2010-08-05 13:54:01 :              i: 562011461:1280996464.716000@117.97.174.130## 2010-08-05 13:54:01 :              CSeq: 1## 2010-08-05 13:54:01 :              7## 2010-08-05 13:54:01 :              v: 117.97.174.130## 2010-08-05 13:54:01 :              x: min=404450011709184;sid=0002;bv=1;gv=1;hsbi=1;ps=1;ua=MOTODESK1.0;dtx=0;bls=500-100-50## 2010-08-05 13:54:01 :              o=Winphoria 2300 0 IN IP4 117.97.174.130:97,ptime=200## 2010-08-05 13:54:01 :              ## 2010-08-05 13:54:01 : <<<<<<<<< RECV PACKET end <<<<<<<<<## 2010-08-05 13:54:01 : >>>>>>>>> SEND PACKET begin 267 bytes >>>>>>>>>## 2010-08-05 13:54:01 :              REGISTER tel:404450011709184 SIP/3.C## 2010-08-05 13:54:01 :              t: ## 2010-08-05 13:54:01 :              i: 562011461:1280996464.716000@117.97.174.130## 2010-08-05 13:54:01 :              CSeq: 1## 2010-08-05 13:54:01 :              7## 2010-08-05 13:54:01 :              v: 117.97.174.130## 2010-08-05 13:54:01 :              x: min=404450011709184;sid=0002;bv=1;gv=1;hsbi=1;ps=1;ua=MOTODESK1.0;dtx=0;bls=500-100-50## 2010-08-05 13:54:01 :              o=Winphoria 2300 0 IN IP4 117.97.174.130:97,ptime=200## 2010-08-05 13:54:01 :              ## 2010-08-05 13:54:01 : <<<<<<<<< SEND PACKET end <<<<<<<<<## 2010-08-05 13:54:01 :              ERROR packet not processed by stack

     



  • 2.  RE: SIP packets dropped in firewall
    Best Answer

    Posted 08-05-2010 12:59

     

     

    If you are not doing Natting , disable the SIP ALG  &allow any at the policy 

     

    To disbale SIP ALG ,   use the command :  "unset alg sip enable  "



  • 3.  RE: SIP packets dropped in firewall

    Posted 08-06-2010 11:59

    Thank you so much. It worked.



  • 4.  RE: SIP packets dropped in firewall

    Posted 01-10-2012 06:02

    I have the same situation but this suggestion solved the problem half way. The messages can traverse one way but fail in the opposit direction. Any ideas?

     

    Thanks for the help.