Fortinet black logo

Handbook

Home FortiGate / FortiOS 6.0.0 Handbook

How the SIP ALG translates IP addresses in the SIP body

6.0.0
6.0.0
Copy Link
Copy Doc ID 4afb0436-a998-11e9-81a4-00505692583a:934665
Download PDF

How the SIP ALG translates IP addresses in the SIP body

The SDP session profile attributes in the SIP body include IP addresses and port numbers that the SIP ALG uses to create pinholes for the media stream.

The SIP ALG translates IP addresses and port numbers in the o=, c=, and m= SDP lines. For example, in the following lines the ALG could translate the IP addresses in the o= and c= lines and the port number (49170) in the m= line.

o=PhoneA 5462346 332134 IN IP4 10.31.101.20

c=IN IP4 10.31.101.20

m=audio 49170 RTP 0 3

If the SDP session profile includes multiple RTP media streams, the SIP ALG opens pinholes and performs the required address translation for each one.

The two most important SDP attributes for the SIP ALG are c= and m=. The c= attribute is the connection information attribute. This field can appear at the session or media level. The syntax of the connection attribute is:

c=IN {IPV4 | IPV6} <destination_ip_address>

Where

  • IN is the network type. FortiGates support the IN or Internet network type.
  • {IPV4 | IPV6} is the address type. FortiGates support IPv4 or IPv6 addresses in SDP statements. However, FortiGates do not support all types of IPv6 address translation. See SIP over IPv6.
  • <destination_IP_address> is the unicast numeric destination IP address or domain name of the connection in either IPv4 or IPv6 format.

The syntax of the media attribute is:

m=audio <port_number> RTP <format_list>

Where

  • audio is the media type. FortiGates support the audio media type.
  • <port_number> is the destination port number used by the media stream.
  • RTP is the application layer transport protocol used for the media stream. FortiGates support the Real Time Protocol (RTP) transport protocol.
  • <format_list> is the format list that provides information about the application layer protocol that the media uses.
Previous
Next

How the SIP ALG translates IP addresses in the SIP body

The SDP session profile attributes in the SIP body include IP addresses and port numbers that the SIP ALG uses to create pinholes for the media stream.

The SIP ALG translates IP addresses and port numbers in the o=, c=, and m= SDP lines. For example, in the following lines the ALG could translate the IP addresses in the o= and c= lines and the port number (49170) in the m= line.

o=PhoneA 5462346 332134 IN IP4 10.31.101.20

c=IN IP4 10.31.101.20

m=audio 49170 RTP 0 3

If the SDP session profile includes multiple RTP media streams, the SIP ALG opens pinholes and performs the required address translation for each one.

The two most important SDP attributes for the SIP ALG are c= and m=. The c= attribute is the connection information attribute. This field can appear at the session or media level. The syntax of the connection attribute is:

c=IN {IPV4 | IPV6} <destination_ip_address>

Where

  • IN is the network type. FortiGates support the IN or Internet network type.
  • {IPV4 | IPV6} is the address type. FortiGates support IPv4 or IPv6 addresses in SDP statements. However, FortiGates do not support all types of IPv6 address translation. See SIP over IPv6.
  • <destination_IP_address> is the unicast numeric destination IP address or domain name of the connection in either IPv4 or IPv6 format.

The syntax of the media attribute is:

m=audio <port_number> RTP <format_list>

Where

  • audio is the media type. FortiGates support the audio media type.
  • <port_number> is the destination port number used by the media stream.
  • RTP is the application layer transport protocol used for the media stream. FortiGates support the Real Time Protocol (RTP) transport protocol.
  • <format_list> is the format list that provides information about the application layer protocol that the media uses.
Previous
Next