Example: Allowing Unknown MGCP ALG Message Types

This example shows how to configure the MGCP ALG to allow unknown MGCP message types in both NAT mode and route mode.

• Requirements
• Overview
• Configuration
• Verification

Requirements

Before you begin, determine whether to accommodate new and unknown MGCP message types for the device. See Understanding MGCP ALG Unknown Message Types.

Overview

This feature enables you to specify how unidentified MGCP messages are handled by a Juniper Networks device. The default is to drop unknown (unsupported) messages, because unknown messages can compromise security. However, in a secure test or production environment, this command can be useful for resolving interoperability issues with disparate vendor equipment.

Configuration

J-Web Quick Configuration

Step-by-Step Procedure

To configure the MGCP ALG to allow unknown message types:

1. Select Configure>Security>ALG.
2. Select the MGCP tab.
3. Select the Enable Permit NAT applied check box.
4. Select the Enable Permit routed check box.
5. Click OK to check your configuration and save it as a candidate configuration.
6. If you are done configuring the device, click Commit Options>Commit.

Step-by-Step Procedure

To configure the MGCP ALG to allow unknown message types:

1. Allow unknown message types to pass if the session is in either NAT mode or in route mode.
   [edit]user@host# set security alg mgcp application-screen unknown-message permit-nat-applied permit-routed
2. If you are done configuring the device, commit the configuration.
   [edit]user@host# commit

Verification

To verify the configuration is working properly, enter the show security alg mgcp command.

Related Topics

• Junos OS Feature Support Reference for SRX Series and J Series Devices
• Understanding MGCP ALG Unknown Message Types
• MGCP ALG Configuration Overview