How the SIP ALG translates IP addresses in the SIP body

How the SIP ALG translates IP addresses in the SIP body

The SDP session profile attributes in the SIP body include IP addresses and port numbers that the SIP ALG uses to create pinholes for the media stream.

The SIP ALG translates IP addresses and port numbers in the o=, c=, and m= SDP lines. For example, in the following lines the ALG could translate the IP addresses in the o= and c= lines and the port number (49170) in the m= line.

o=PhoneA 5462346 332134 IN IP4 10.31.101.20 c=IN IP4 10.31.101.20 m=audio 49170 RTP 0 3

If the SDP session profile includes multiple RTP media streams, the SIP ALG opens pinholes and performs the required address translation for each one.

The two most important SDP attributes for the SIP ALG are c= and m=. The c= attribute is the connection information attribute. This field can appear at the session or media level. The syntax of the connection attribute is:

c=IN {IPV4 | IPV6} <destination_ip_address> Where l IN is the network type. FortiGates support the IN or Internet network type.

  • {IPV4 | IPV6} is the address type. FortiGates support IPv4 or IPv6 addresses in SDP statements. However, FortiGates do not support all types of IPv6 address translation. See SIP over IPv6 on page 95.
  • <destination_IP_address> is the unicast numeric destination IP address or domain name of the connection in either IPv4 or IPv6 format.

 

source address translation (source NAT)

The syntax of the media attribute is:

m=audio <port_number> RTP <format_list> Where l audio is the media type. FortiGates support the audio media type. l <port_number> is the destination port number used by the media stream.

  • RTP is the application layer transport protocol used for the media stream. FortiGates support the Real Time Protocol (RTP) transport protocol. l <format_list> is the format list that provides information about the application layer protocol that the media uses.
This entry was posted in Administration Guides, FortiGate, Fortinet, FortiOS 6 on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.