Verifying and monitoring sccp inspection – Cisco ASA 5505 User Manual

Page 938

Advertising
background image

44-28

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 44 Configuring Inspection for Voice and Video Protocols

Skinny (SCCP) Inspection

b.

To enforce registration before calls can be placed, enter the following command:

hostname(config-pmap-p)# enforce-registration

c.

To set the maximum SCCP station message ID allowed, enter the following command:

hostname(config-pmap-p)# message-ID max hex_value

Where the hex_value argument is the station message ID in hex.

d.

To check RTP packets flowing on the pinholes for protocol conformance, enter the following
command:

hostname(config-pmap-p)# rtp-conformance [enforce-payloadtype]

Where the enforce-payloadtype keyword enforces the payload type to be audio or video based on
the signaling exchange.

e.

To set the maximum and minimum SCCP prefix length value allowed, enter the following command:

hostname(config-pmap-p)# sccp-prefix-len {max | min} value_length

Where the value_length argument is a maximum or minimum value.

f.

To configure the timeout value for signaling and media connections, enter the following command:

hostname(config-pmap-p)# timeout

The following example shows how to define an SCCP inspection policy map.

hostname(config)# policy-map type inspect skinny skinny-map

hostname(config-pmap)# parameters

hostname(config-pmap-p)# enforce-registration

hostname(config-pmap-p)# match message-id range 200 300

hostname(config-pmap-p)# drop log

hostname(config)# class-map inspection_default

hostname(config-cmap)# match default-inspection-traffic

hostname(config)# policy-map global_policy

hostname(config-pmap)# class inspection_default

hostname(config-pmap-c)# inspect skinny skinny-map

hostname(config)# service-policy global_policy global

Verifying and Monitoring SCCP Inspection

The show skinny command assists in troubleshooting SCCP (Skinny) inspection engine issues. The
following is sample output from the show skinny command under the following conditions. There are
two active Skinny sessions set up across the ASA. The first one is established between an internal Cisco
IP Phone at local address 10.0.0.11 and an external Cisco CallManager at 172.18.1.33. TCP port 2000
is the CallManager. The second one is established between another internal Cisco IP Phone at local
address 10.0.0.22 and the same Cisco CallManager.

hostname# show skinny

LOCAL FOREIGN STATE

---------------------------------------------------------------

1 10.0.0.11/52238 172.18.1.33/2000 1

MEDIA 10.0.0.11/22948 172.18.1.22/20798

2 10.0.0.22/52232 172.18.1.33/2000 1

MEDIA 10.0.0.22/20798 172.18.1.11/22948

Advertising
This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands
Popular manuals