Description | This article describes the steps needed to confirm whether or not SIP traffic is being inspected by FortiGate. |
Scope | VoIP traffic over FortiGate. |
Solution |
In a FortiGate CLI window, run the following commands to get a list of all existing SIP sessions running on port 5060:
diagnose sys session filter clear diagnose sys session filter dport 5060 diagnose sys session list diagnose sys session filter clear diagnose sys session filter sport 5060 diagnose sys session list
In the output for each session, examine the line starting with 'class_id=':
class_id=0 ha_id=0 policy_dir=0 tunnel=/ helper=sip vlan_cos=0/255
class_id=0 ha_id=0 policy_dir=0 tunnel=/ helper=20 vlan_cos=0/255
class_id=0 ha_id=0 policy_dir=0 tunnel=/ vlan_cos=0/255
Related article: Technical Tip: VoIP and SIP configuration and troubleshooting resource lists |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.