48-39
Cisco ASA 5500 Series Configuration Guide using ASDM
Chapter 48 Configuring Inspection for Voice and Video Protocols
Skinny (SCCP) Inspection
Fields
• Use the default SCCP (Skinny) inspection map—Specifies to use the default SCCP (Skinny) map.
• Select an SCCP (Skinny) map for fine control over inspection—Lets you select a defined application
inspection map or add a new one.
• Add—Opens the Add Policy Map dialog box for the inspection.
• Encrypted Traffic Inspection—Lets you specify TLS proxy settings for the inspect map.
–
Do not inspect Encrypted Traffic—Disables the inspection of Skinny application inspection.
–
Use Phone Proxy to enable inspection of encrypted traffic—Uses the Phone Proxy configured
on the ASA to inspect Skinny application traffic. See Chapter 52, “Configuring the Cisco Phone
Proxy.”
–
Use TLS Proxy to enable inspection of encrypted traffic—Specifies to use Transaction Layer
Security Proxy to enable inspection of encryped traffic.
TLS Proxy Name:—Name of existing TLS Proxy.
New—Opens the Add TLS Proxy dialog box to add a TLS Proxy.
SCCP (Skinny) Inspect Map
Configuration > Global Objects > Inspect Maps > SCCP (Skinny)
The SCCP (Skinny) pane lets you view previously configured SCCP (Skinny) application inspection
maps. An SCCP (Skinny) map lets you change the default configuration values used for SCCP (Skinny)
application inspection.
Skinny application inspection performs translation of embedded IP address and port numbers within the
packet data, and dynamic opening of pinholes. It also performs additional protocol conformance checks
and basic state tracking.
Fields
• SCCP (Skinny) Inspect Maps—Table that lists the defined SCCP (Skinny) inspect maps.
• Add—Configures a new SCCP (Skinny) inspect map. To edit an SCCP (Skinny) inspect map, choose
the SCCP (Skinny) entry in the SCCP (Skinny) Inspect Maps table and click Customize.
• Delete—Deletes the inspect map selected in the SCCP (Skinny) Inspect Maps table.
• Security Level—Select the security level (high or low).
–
Low—Default.
Registration: Not enforced.
Maximum message ID: 0x181.
Minimum prefix length: 4
Media timeout: 00:05:00
Signaling timeout: 01:00:00.
RTP conformance: Not enforced.
–
Medium
Registration: Not enforced.
Maximum message ID: 0x141.