Chapter 25
Configuring Application Layer Protocol Inspection
If using TCP mode on the RealPlayer, select the Use TCP to Connect to Server and Attempt to use
TCP for all content check boxes. On the security appliance, there is no need to configure the inspection
engine.
If using UDP mode on the RealPlayer, select the Use TCP to Connect to Server and Attempt to use
UDP for static content check boxes, and for live content not available via Multicast. On the security
appliance, add an inspect rtsp port command.
Restrictions and Limitations
The following restrictions apply to the inspect rtsp command.
•
•
•
•
•
•
SIP Inspection
This section describes SIP application inspection. This section includes the following topics:
•
•
•
•
SIP Inspection Overview
SIP, as defined by the IETF, enables call handling sessions, particularly two-party audio conferences, or
"calls." SIP works with SDP for call signalling. SDP specifies the ports for the media stream. Using SIP,
the security appliance can support any SIP VoIP gateways and VoIP proxy servers. SIP and SDP are
defined in the following RFCs:
•
•
OL-10088-01
The security appliance does not support multicast RTSP or RTSP messages over UDP.
PAT is not supported.
The security appliance does not have the ability to recognize HTTP cloaking where RTSP messages
are hidden in the HTTP messages.
The security appliance cannot perform NAT on RTSP messages because the embedded IP addresses
are contained in the SDP files as part of HTTP or RTSP messages. Packets could be fragmented and
security appliance cannot perform NAT on fragmented packets.
With Cisco IP/TV, the number of translates the security appliance performs on the SDP part of the
message is proportional to the number of program listings in the Content Manager (each program
listing can have at least six embedded IP addresses).
You can configure NAT for Apple QuickTime 4 or RealPlayer. Cisco IP/TV only works with NAT
if the Viewer and Content Manager are on the outside network and the server is on the inside
network.
SIP Inspection Overview, page 25-61
SIP Instant Messaging, page 25-62
Configuring SIP Timeout Values, page 25-66
Verifying and Monitoring SIP Inspection, page 25-67
SIP: Session Initiation Protocol, RFC 2543
SDP: Session Description Protocol, RFC 2327
Cisco Security Appliance Command Line Configuration Guide
SIP Inspection
25-61