You configure SCCP parameters to allow unknown message types, enhance protection against flood attacks, and set timeout values
SCCP Enable indicates status of the SCCP ALG. Check or uncheck and click Apply to enable or disable the SCCP ALG.
Application Screen
Use this section to configure the security device to screen for unknown SCCP message types. Click Apply after making your selection.
Allow Unknown Message
Use this section to specify how unidentified SCCP messages are handled by the security device. The default is to drop unknown messages. Permitting unknown messages can compromise security and is not recommended. However, in a secure test or production environment, this command can be useful for resolving inter operability issues with disparate vendor equipment. For example, the security device rejects SIP messages containing unsupported SIP “methods.” By permitting unknown SIP messages in this case, you can get your network operational and later analyze your VoIP traffic to determine why some messages were being dropped.
Note that this command applies only to received packets identified as supported VoIP protocol packets. If a packet cannot be identified, it is always dropped. If you allow unknown messges and a packet is identified as a supported protocol, the message is forwarded without processing.
NAT specifies that unknown messages be allowed to pass if the session is in NAT mode.
Route specifies that unknown messages be allowed to pass if the session is in route mode. (Sessions in transparent mode are treated as route mode.)
Call Flood Threshold: specifies how long pinholes and sessions opened for media are kept alive in the absence of activity. The default is 120 seconds.
Timeout & Interval
Media-Timeout: specifies a time interval in seconds of no media activity after which the session times out.