Quick Reference Guide

ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual

5-18 Firewall Security and Content Filtering

v1.0, January 2010

The Total Number of Packets Dropped due to Session Limit field shows total number of

packets dropped when session limit is reached.

6. In the Session Timeout section, modify the TCP, UDP and ICMP timeout values as you

require. A session will expire if no data for the session is received for the duration of the

timeout value. The default timeout values are 1200 seconds for TCP sessions, 180 seconds for

UDP sessions, and 8 seconds for ICMP sessions.

7. Click Apply to save your settings.

To monitor session limiting, return to this screen periodically and check the display of Total

Number of Packets Dropped due to Session Limit, which indicates that session limits have been

reached.

Managing the Application Level Gateway for SIP Sessions

The Application Level Gateway (ALG) facilitates multimedia sessions such as voice over IP

(VoIP) sessions that use the Session Initiation Protocol (SIP) across the firewall and provides

support for multiple SIP clients. ALG support for SIP is disabled by default.

To enable ALG for SIP:

1. Select Security > Firewall from the main/submenu.

1. Click the Advanced tab. The Advanced screen is displayed.

2. Select the Enable SIP ALG checkbox.

3. Click Apply to save your settings.

Note: Some protocols (such as FTP or RSTP) create two sessions per connection

which should be considered when configuring Session Limiting.

Figure 5-10