Technical Documentation

[edit security alg] Hierarchy Level

security {alg {dns {disable;traceoptions flag all <extensive>;}ftp {disable;traceoptions flag all <extensive>;}h323 {disable;application-screen {message-flood {gatekeeper threshold messages-per-second;}unknown-message {permit-nat-applied;permit-routed;}}endpoint-registration-timeout seconds;media-source-port-any;traceoptions {flag flag <flag-modifier>;}}ike-esp-nat {enable;esp-gate-timeout seconds;esp-session-timeout seconds;state-timeout seconds;traceoptions flag all <extensive>;}mgcp {disable;application-screen {connection-flood threshold requests-per-second;message-flood threshold messages-per-second;unknown-message {permit-nat-applied;permit-routed;}}inactive-media-timeout seconds;maximum-call-duration minutes;traceoptions {flag flag <extensive>;}transaction-timeout seconds;}msrpc {disable;traceoptions flag all <extensive>;}pptp {disable;traceoptions flag all <extensive>;}real {disable;traceoptions flag all <extensive>;}rsh {disable;traceoptions flag all <extensive>;}rtsp {disable;traceoptions flag all <extensive>;}sccp {disable;application-screen {call-flood threshold calls-per-second;unknown-message {permit-nat-applied;permit-routed;}}inactive-media-timeout seconds;traceoptions {flag flag <extensive>;}}sip {disable;application-screen {protect {deny {all;destination-ip {address;}timeout seconds;}}unknown-message {permit-nat-applied;permit-routed;}}c-timeout minutes;disable-call-id-hiding;inactive-media-timeout seconds;maximum-call-duration minutes;retain-hold-resource;t1-interval milliseconds;t4-interval seconds;traceoptions {flag flag <flag-modifier>;}}sql {disable;traceoptions flag all <extensive>;}sunrpc {disable;traceoptions flag all <extensive>;}talk {disable;traceoptions flag all <extensive>;}tftp {disable;traceoptions flag all <extensive>;}}}

Published: 2010-04-28