Example: Allowing Unknown H.323 ALG Message Types

This example shows how to configure the device to allow unknown H.323 message types in both route and NAT modes.

• Requirements
• Overview
• Configuration
• Verification

Requirements

Before you begin, understand and configure any Avaya H.323-specific features. See the Administrator Guide for Avaya Communication Manager, Avaya IP Telephony Implementation Guide, and Avaya Application Solutions IP Telephony Deployment Guide at http://support.avaya.com.

Overview

This feature enables you to specify how unidentified H.323 messages are handled by the device. The default is to drop unknown (unsupported) messages. The Enable Permit NAT applied option and the permit-nat-applied configuration statement specify that unknown messages be allowed to pass if the session is in NAT mode. The The Enable Permit routed option and the permit-routed configuration statement specify that unknown messages be allowed to pass if the session is in route mode. (Sessions in transparent mode are treated as route mode.)

Configuration

J-Web Quick Configuration

Step-by-Step Procedure

To configure the device to allow unknown H.323 message types in both route and NAT modes:

1. Select Configure>Security>ALG.
2. Select the H323 tab.
3. Select the Enable Permit NAT applied check box.
4. Select the Enable Permit routed check box.
5. Click OK to check your configuration and save it as a candidate configuration.
6. If you are done configuring the device, click Commit Options>Commit.

Step-by-Step Procedure

To configure the device to allow unknown H.323 message types in both route and NAT modes:

1. Specify that unknown messages be allowed to pass if the session is in NAT mode.
   [edit]user@host# set security alg h323 application-screen unknown-message permit-nat-applied
2. Specify that unknown messages be allowed to pass if the session is in route mode.
   [edit]user@host# set security alg h323 application-screen unknown-message permit-routed
3. If you are done configuring the device, commit the configuration.
   [edit]user@host# commit

Verification

To verify the configuration is working properly, enter the show security alg h323 command and the show security alg h323 counters command.

Related Topics

• Junos OS Feature Support Reference for SRX Series and J Series Devices
• Understanding H.323 ALG Unknown Message Types
• H.323 ALG Configuration Overview