H.323-ALG: General Settings

In the H323-ALG proxy action configuration, you can set security and performance options for the H.323-ALG (Application Layer Gateway).
  1. Select Firewall > Proxy Actions.
    The Proxy Action page opens.
  2. Select the proxy action to edit.
  3. Click Edit.
  4. Select General.
  1. Select Setup > Actions > Proxies.
    The Proxy Action dialog box opens.
  2. Select the proxy action to edit.
  3. Click Edit.
  4. Select General.

Settings

Screen shot of the General settings
H323-ALG proxy action general settings configuration in Fireware Web UI

Screen shot of the H323 ALG Action Configuration dialog box — General page
H323-ALG proxy action general settings configuration in Policy Manager

Enable directory harvesting protection

Select this check box to prevent attackers from stealing user information from VoIP gatekeepers protected by your Firebox. This option is enabled by default.

Maximum sessions - Set the maximum number of sessions allowed per call

Use this feature to restrict the maximum number of audio or video sessions that can be created with a single VoIP call. For example, if you set the number of maximum sessions to one and participate in a VoIP call with both audio and video, the second connection is dropped. The default value is two sessions, and the maximum value is four sessions. The Firebox creates a log message when it denies a media session above this number.

User agent information

To have outgoing H.323 traffic identify as a client you specify, in the Rewrite user agent as text box, type a new user agent string. To remove the false user agent, clear the text box.

Timeouts - Idle media channels

When no data is sent for a specified amount of time on a VoIP audio, video, or data channel, your Firebox closes that network connection. The default value is 180 seconds (three minutes) and the maximum value is 3600 seconds (sixty minutes).

To specify a different time interval, in the Idle media channels text box, type or select the amount of time in seconds.

Enable logging for reports

To send a log message for each connection request managed by the H.323-ALG, select this check box. This option is necessary to create accurate reports on H.323 traffic.

Override the diagnostic log level for proxy policies that use this proxy action

To specify the diagnostic log level for all proxy polices that use this proxy action, select this check box. Then, from the Diagnostic log level for this proxy action drop-down list, select a log level:

  • Error
  • Warning
  • Information
  • Debug

The log level you select overrides the diagnostic log level that is configured for all log messages of this proxy policy type.

For more information about the diagnostic log level, go to Set the Diagnostic Log Level.

Related Topics

About the H.323-ALG

H.323-ALG: Access Control

H.323-ALG: Denied Codecs