Example: Configuring MGCP ALG DoS Attack Protection

This example shows how to configure connection flood protection for the MGCP ALG.

• Requirements
• Overview
• Configuration
• Verification

Requirements

Before you begin, determine whether to protect the MGCP media gateway from DoS flood attacks. See Understanding MGCP ALG DoS Attack Protection.

Overview

In this example, you configure the MGCP ALG to drop any message requests exceeding 10,000 requests per second and to drop any connection requests exceeding 4000 per second.

Configuration

J-Web Quick Configuration

Step-by-Step Procedure

To configure connection flood protection for the MGCP ALG:

1. Select Configure>Security>ALG.
2. Select the MGCP tab.
3. In the Message flood gatekeeper threshold box, type 10000.
4. In the Connection flood threshold box, type 4000.
5. Click OK to check your configuration and save it as a candidate configuration.
6. If you are done configuring the device, click Commit Options>Commit.

Step-by-Step Procedure

To configure connection flood protection for the MGCP ALG:

1. Configure the connection flood threshold value.
   [edit]user@host# set security alg mgcp application-screen message-flood threshold 10000user@host# set security alg mgcp application-screen connection-flood threshold 4000
2. If you are done configuring the device, commit the configuration.
   [edit]user@host# commit

Verification

To verify the configuration is working properly, enter the show security alg mgcp command.

Related Topics

• Junos OS Feature Support Reference for SRX Series and J Series Devices
• Understanding MGCP ALG DoS Attack Protection
• MGCP ALG Configuration Overview