Diagnosing Expected Sessions with sys session list expectation
20 Questions
2 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

Which protocol does the SIP ALG support?

  • TCP
  • UDP (correct)
  • FTP
  • HTTP
  • Where does the SIP ALG run?

  • On the client side
  • On the server side
  • In the kernel
  • As a user space process (correct)
  • When does FortiGate use the SIP ALG?

  • When traffic does not match a policy with a VoIP profile and the VoIP mode is set to proxy-based
  • When traffic does not match a policy with a VoIP profile and the VoIP mode is set to kernel-helper-based
  • When traffic matches a policy with a VoIP profile (correct)
  • FortiGate always uses the SIP ALG regardless of the configuration
  • What does the default-voip-alg-mode setting specify?

    <p>Which VoIP mode to use</p> Signup and view all the answers

    When should FortiGate use the SIP helper instead of the SIP ALG?

    <p>When the SIP ALG is not working as expected</p> Signup and view all the answers

    What can be changed using the 'config system settings' command?

    <p>SIP ALG port numbers</p> Signup and view all the answers

    How can you display all active SIP calls?

    <p>diagnose sys sip-proxy calls list</p> Signup and view all the answers

    What does a debug level of 4 in the SIP real-time debug enable?

    <p>Session creation and deletion</p> Signup and view all the answers

    What does a debug level of 64 in the SIP real-time debug enable?

    <p>HEX dump of all data</p> Signup and view all the answers

    What can you use the 'im' and 'sip' real-time debugs for?

    <p>To display real-time information about SIP traffic</p> Signup and view all the answers

    Which command can be used to list the expected sessions created by the session helpers?

    <p>diagnose sys session list expectation</p> Signup and view all the answers

    What does the debug flow show for traffic inspected by a helper?

    <p>run helper-ftp(dir=original)</p> Signup and view all the answers

    What does the debug flow show for traffic matching an expected session?

    <p>Find an EXP session, id 00016f90</p> Signup and view all the answers

    Which command can be used to list the active session helpers?

    <p>config system session-helper</p> Signup and view all the answers

    What does the output of 'config system session-helper' command list?

    <p>TCP or UDP port numbers</p> Signup and view all the answers

    Which protocols may require a session helper in certain circumstances?

    <p>PPTP, H323, and RSH</p> Signup and view all the answers

    What can be done if a protocol is using a different port number?

    <p>Change the FortiGate configuration</p> Signup and view all the answers

    What does the SIP application layer gateway (ALG) provide?

    <p>All the same features as the SIP helper</p> Signup and view all the answers

    Which command can be used to view the name of the session helper inspecting the traffic?

    <p>debug flow</p> Signup and view all the answers

    What does the debug flow show for traffic matching an expected session previously created by a session helper?

    <p>Find an EXP session</p> Signup and view all the answers

    Study Notes

    SIP ALG Details

    • SIP ALG supports SIP protocol
    • It runs on FortiGate
    • FortiGate uses SIP ALG when SIP traffic is detected

    SIP ALG Settings

    • The default-voip-alg-mode setting specifies the default mode for the SIP ALG

    SIP Helper vs SIP ALG

    • FortiGate should use the SIP helper instead of the SIP ALG when SIP traffic is fragmented or contains IP options

    Config System Settings

    • The 'config system settings' command can be used to change settings, including those related to SIP ALG

    SIP Debugging

    • 'diagnose debug flow' command displays all active SIP calls
    • Debug level 4 in SIP real-time debug enables debugging for SIP call setup and teardown
    • Debug level 64 in SIP real-time debug enables debugging for SIP message logging
    • 'im' and 'sip' real-time debugs can be used for troubleshooting SIP and instant messaging issues

    Session Helpers

    • The 'diagnose system session-helper list' command lists the expected sessions created by the session helpers
    • Debug flow shows the traffic inspected by a helper
    • Debug flow shows the traffic matching an expected session previously created by a session helper
    • The 'diagnose system session-helper list' command lists the active session helpers
    • The 'config system session-helper' command lists the configured session helpers

    Protocols and Ports

    • Protocols like SIP, H.323, and Skinny may require a session helper in certain circumstances
    • If a protocol uses a different port number, the session helper can be configured to use that port

    SIP Application Layer Gateway

    • The SIP application layer gateway (ALG) provides SIP traffic inspection and modification

    Session Helper Inspection

    • The 'diagnose system session-helper show' command can be used to view the name of the session helper inspecting the traffic

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Description

    Learn how to diagnose expected sessions using the sys session list expectation command. This quiz covers the command syntax and provides an example of listing expected sessions for specific IP addresses and ports. Discover how to monitor session helpers and inspect traffic using debugging tools.

    More Like This

    Use Quizgecko on...
    Browser
    Browser