voip : profile
Use this command to add VoIP profiles for SIP, SIMPLE, and SCCP. To apply the SIP ALG, you add a VoIP profile to a firewall policy that accepts SIP sessions. All SIP sessions accepted by the firewall policy will be processed by the SIP ALG using the settings in the VoIP profile. The VoIP profile contains settings that are applied to SIP, Session Initiation Protocol for Instant Messaging and Presence Leveraging Extensions (SIMPLE) and Skinny Call Control Protocol (SCCP) sessions. You configure SIP and SCCP settings separately. SIP settings also apply to SIMPLE sessions.
config voip profile
edit <profile_name>
set comment <comment_str>
set extended-utm-log {enable | disable}
config sip
set status {enable | disable}
set rtp {enable | disable}
set open-register-pinhole {enable | disable}
set open-contact-pinhole {enable | disable}
set open-record-route-pinhole {enable | disable}
set open-via-pinhole {enable | disable}
set strict-register {enable | disable}
set register-rate <rate_sec_policy_int>
set invite-rate <rate_sec_policy_int>
set max-dialogs <max_int>
set max-line-length <length_int>
set block-long-lines {enable | disable}
set block-unknown {enable | disable}
set call-keepalive <keepalive_time>
set block-ack {enable | disable}
set block-bye {enable | disable}
set block-cancel {enable | disable}
set block-info {enable | disable}
set block-invite {enable | disable}
set block-message {enable | disable}
set block-notify {enable | disable}
set block-options {enable | disable}
set block-prack {enable | disable}
set block-publish {enable | disable}
set block-refer {enable | disable}
set block-register {enable | disable}
set block-subscribe {enable | disable}
set block-update {enable | disable}
set reg-diff-port {enable | disable}
set rfc2543-branch {enable | disable}
set log-violations {enable | disable}
set log-call-summary {enable | disable}
set nat-trace {enable | disable}
set subscribe-rate <rate_sec_policy_int>
set message-rate <rate_sec_policy_int>
set notify-rate <rate_sec_policy_int>
set refer-rate <rate_sec_policy_int>
set update-rate <rate_sec_policy_int>
set options-rate <rate_sec_policy_int>
set ack-rate <rate_sec_policy_int>
set prack-rate <rate_sec_policy_int>
set info-rate <rate_sec_policy_int>
set publish-rate <rate_sec_policy_int>
set bye-rate <rate_sec_policy_int>
set cancel-rate <rate_sec_policy_int>
set preserve-override {enable | disable}
set no-sdp-fixup {enable | disable}
set contact-fixup {enable | disable}
set max-idle-dialogs <dialogs_perpolicy_int>
set block-geo-red-options {enable | disable}
set hosted-nat-traversal {enable | disable}
set hnt-restrict-source-ip {enable | disable}
set max-body-length <size_bytes_int>
set unknown-header {discard | pass | respond}
set malformed-request-line {discard | pass | respond}
set malformed-header-via {discard | pass | respond}
set malformed-header-from {discard | pass | respond}
set malformed-header-to {discard | pass | respond}
set malformed-header-call-id {discard | pass | respond}
set malformed-header-cseq {discard | pass | respond}
set malformed-header-rack {discard | pass | respond}
set malformed-header-rseq {discard | pass | respond}
set malformed-header-contact {discard | pass | respond}
set malformed-header-record-route {discard | pass | respond}
set malformed-header-route {discard | pass | respond}
set malformed-header-expires {discard | pass | respond}
set malformed-header-content-type {discard | pass | respond}
set malformed-header-content-length {discard | pass | respond}
set malformed-header-max-forwards {discard | pass | respond}
set malformed-header-allow {discard | pass | respond}
set malformed-header-p-asserted-identity {discard | pass | respond}
set malformed-header-sdp-v {discard | pass | respond}
set malformed-header-sdp-o {discard | pass | respond}
set malformed-header-sdp-s {discard | pass | respond}
set malformed-header-sdp-i {discard | pass | respond}
set malformed-header-sdp-c {discard | pass | respond}
set malformed-header-sdp-b {discard | pass | respond}
set malformed-header-sdp-z {discard | pass | respond}
set malformed-header-sdp-k {discard | pass | respond}
set malformed-header-sdp-a {discard | pass | respond}
set malformed-header-sdp-t {discard | pass | respond}
set malformed-header-sdp-r {discard | pass | respond}
set malformed-header-sdp-m {discard | pass | respond}
set ips-rtp {enable | disable}
set provisional-invite-expiry-time <time_int>
set ssl-mode {off | full}
set ssl-algorithm {high | medium | low)
set ssl-auth-client <peer_group>
set ssl-auth-server <peer_group>
set ssl-client-certificate <cert_name>
set ssl-client-renegotiation {allow | deny | secure}
set ssl-min-version {ssl-3.0 | tls-1.0 | tls-1.1}
set ssl-max-version {ssl-3.0 | tls-1.0 | tls-1.1}
set ssl-pfs {require | allow | deny}
set ssl-send-empty-frags {enable | disable}
set ssl-server-certificate <cert_name>
config sccp
set status {disable | enable}
set block-mcast {enable | disable}
set verify-header {enable | disable}
set log-call-summary {disable | enable}
set log-violations {disable | enable}
set max-calls <calls_int>
edit <profile_name>
Enter the name of a VoIP profile
comment <comment_str>
Optionally enter a description of up to 63 characters of the VoIP profile.
extended-utm-log {enable | disable}
Enable or disable detailed UTM log messages.