Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
ACARIMO
Staff
Staff

Created on ‎08-12-2024 05:10 AM Edited on ‎01-29-2025 03:46 AM By Community Manager

Article Id 332325

Technical Tip: How to verify if SIP traffic is being inspected by FortiGate

Description This article describes the steps needed to confirm whether or not SIP traffic is being inspected by FortiGate.
Scope VoIP traffic over FortiGate.
Solution

In a FortiGate CLI window, run the following commands to get a list of all existing SIP sessions running on port 5060:

 

diagnose sys session filter clear

diagnose sys session filter dport 5060

diagnose sys session list

diagnose sys session filter clear

diagnose sys session filter sport 5060

diagnose sys session list

 

In the output for each session, examine the line starting with 'class_id=':

 

  • If the line contains a tag 'helper=sip', then FortiGate is inspecting SIP traffic using the SIP Session-Helper feature:

 

class_id=0 ha_id=0 policy_dir=0 tunnel=/ helper=sip vlan_cos=0/255

 

  • If the line contains a tag 'helper=20', then FortiGate is inspecting SIP traffic using the SIP ALG feature:

 

class_id=0 ha_id=0 policy_dir=0 tunnel=/ helper=20 vlan_cos=0/255

 

  • If the line does not contain a tag 'helper', FortiGate is not inspecting SIP traffic:

class_id=0 ha_id=0 policy_dir=0 tunnel=/ vlan_cos=0/255

 

Related article:

Technical Tip: VoIP and SIP configuration and troubleshooting resource lists
12034
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.