24-121
Cisco ASDM User Guide
OL-16647-01
Chapter 24 Configuring Application Layer Protocol Inspection
Inspect Map Field Descriptions
–
High
SIP instant messaging (IM) extensions: Enabled.
Non-SIP traffic on SIP port: Denied.
Hide server’s and endpoint’s IP addresses: Disabled.
Mask software version and non-SIP URIs: Enabled.
Ensure that the number of hops to destination is greater than 0: Enabled.
RTP conformance: Enforced.
Limit payload to audio or video, based on the signaling exchange: Yes
SIP conformance: Drop packets that fail state checking and packets that fail header validation.
–
Customize—Opens the Add/Edit SIP Policy Map dialog box for additional settings.
–
Default Level—Sets the security level back to the default level of Low.
Modes
The following table shows the modes in which this feature is available:
Add/Edit SIP Policy Map (Security Level)
The Add/Edit SIP Policy Map pane lets you configure the security level and additional settings for SIP
application inspection maps.
Fields
• Name—When adding a SIP, enter the name of the SIP map. When editing a SIP map, the name of
the previously configured SIP map is shown.
• Description—Enter the description of the SIP map, up to 200 characters in length.
• Security Level—Select the security level (high or low).
–
Low—Default.
SIP instant messaging (IM) extensions: Enabled.
Non-SIP traffic on SIP port: Permitted.
Hide server’s and endpoint’s IP addresses: Disabled.
Mask software version and non-SIP URIs: Disabled.
Ensure that the number of hops to destination is greater than 0: Enabled.
RTP conformance: Not enforced.
SIP conformance: Do not perform state checking and header validation.
–
Medium
SIP instant messaging (IM) extensions: Enabled.
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
• • • •—