Rtsp inspection, Rtsp inspection overview – Cisco ASA 5505 User Manual

Page 925

Advertising
background image

44-15

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 44 Configuring Inspection for Voice and Video Protocols

RTSP Inspection

The following is sample output from the show mgcp sessions detail command.

hostname# show mgcp sessions detail

1 in use, 1 most used

Session active 0:00:14

Gateway IP host-pc-2

Call ID 9876543210abcdef

Connection ID 6789af54c9

Endpoint name aaln/1

Media lcl port 6166

Media rmt IP 192.168.5.7

Media rmt port 6058

RTSP Inspection

This section describes RTSP application inspection. This section includes the following topics:

RTSP Inspection Overview, page 44-15

Using RealPlayer, page 44-16

Restrictions and Limitations, page 44-16

Configuring an RTSP Inspection Policy Map for Additional Inspection Control, page 44-16

RTSP Inspection Overview

The RTSP inspection engine lets the ASA pass RTSP packets. RTSP is used by RealAudio,
RealNetworks, Apple QuickTime 4, RealPlayer, and Cisco IP/TV connections.

Note

For Cisco IP/TV, use RTSP TCP port 554 and TCP 8554.

RTSP applications use the well-known port 554 with TCP (rarely UDP) as a control channel. The ASA
only supports TCP, in conformity with RFC 2326. This TCP control channel is used to negotiate the data
channels that is used to transmit audio/video traffic, depending on the transport mode that is configured
on the client.

The supported RDT transports are: rtp/avp, rtp/avp/udp, x-real-rdt, x-real-rdt/udp, and x-pn-tng/udp.

The ASA parses Setup response messages with a status code of 200. If the response message is travelling
inbound, the server is outside relative to the ASA and dynamic channels need to be opened for
connections coming inbound from the server. If the response message is outbound, then the ASA does
not need to open dynamic channels.

Because RFC 2326 does not require that the client and server ports must be in the SETUP response
message, the ASA keeps state and remembers the client ports in the SETUP message. QuickTime places
the client ports in the SETUP message and then the server responds with only the server ports.

RTSP inspection does not support PAT or dual-NAT. Also, the ASA cannot recognize HTTP cloaking
where RTSP messages are hidden in the HTTP messages.

Advertising
This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands
Popular manuals