unknown-message (Security H323 ALG)
Statement introduced in Junos OS Release 8.5.
Specify how the SRX Series device handles the unidentified H.323 messages. By default, SRX Series device drops unknown messages. Permitting unknown messages can compromise security and is not recommended. However, in a secure test or production environment, this statement is useful to resolve interoperability issues with disparate vendor equipment. By permitting unknown H.323 (unsupported) messages, you can get your network operational. Later, you can analyze your VoIP traffic to determine why the device dropped the messages.
This statement applies only to received packets identified as supported VoIP packets. SRX Series device always drops unidentified packets and passes the identified packets without processing.
permit-nat-applied—Permits unknown messages to pass if the session is in NAT mode.
permit-routed—Permit unknown messages on routed packets. Sessions in Transparent mode are treated as Route mode.
Required Privilege Level
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.