H.323-ALG: General Settings
In the H323-ALG proxy action configuration, you can set security and performance options for the H.323-ALG (Application Layer Gateway).
H323-ALG proxy action general settings configuration in Policy Manager
Enable directory harvesting protection
Select this check box to prevent attackers from stealing user information from VoIP gatekeepers protected by your Firebox. This option is enabled by default.
Maximum sessions - Set the maximum number of sessions allowed per call
Use this feature to restrict the maximum number of audio or video sessions that can be created with a single VoIP call. For example, if you set the number of maximum sessions to one and participate in a VoIP call with both audio and video, the second connection is dropped. The default value is two sessions, and the maximum value is four sessions. The Firebox creates a log message when it denies a media session above this number.
User agent information
To have outgoing H.323 traffic identify as a client you specify, in the Rewrite user agent as text box, type a new user agent string. To remove the false user agent, clear the text box.
Timeouts - Idle media channels
When no data is sent for a specified amount of time on a VoIP audio, video, or data channel, your Firebox closes that network connection. The default value is 180 seconds (three minutes) and the maximum value is 3600 seconds (sixty minutes).
To specify a different time interval, in the Idle media channels text box, type or select the amount of time in seconds.
Enable logging for reports
To send a log message for each connection request managed by the H.323-ALG, select this check box. This option is necessary to create accurate reports on H.323 traffic.
Override the diagnostic log level for proxy policies that use this proxy action
To specify the diagnostic log level for all proxy polices that use this proxy action, select this check box. Then, from the Diagnostic log level for this proxy action drop-down list, select a log level:
The log level you select overrides the diagnostic log level that is configured for all log messages of this proxy policy type.
For more information about the diagnostic log level, see Set the Diagnostic Log Level.