ohassairi Thu, 10/30/2008 - 00:15
User Badges:
  • Silver, 250 points or more

Although there are no standards assigned, RTP is generally configured to use ports 16384-32767

Amit Singh Thu, 10/30/2008 - 02:41
User Badges:
  • Cisco Employee,

you can simply match the udp traafic in an acl with the above mentioned port range.

MARCELO MATURO Thu, 10/30/2008 - 04:36
User Badges:

The problem is that in this case I am excluding This traffic udp for the encription,and maybe there is not rtp .


Joseph W. Doherty Thu, 10/30/2008 - 05:34
User Badges:
  • Super Bronze, 10000 points or more

Many forms of encryption completely conceal the original packet, which makes it impossible to determine an encrypted packet is something like a RTP packet.

Encrypted packets can replicate an original packet's ToS, if they do, and if the ToS is unique enough to only be RTP, you can identify the traffic using it.

If the traffic is encrypted within SSL, there are now applicances that sometimes effectively provide a "man-in-the-middle", where you can decrypt the traffic and then see what it is. Such an appliance could then exclude such traffic.


This Discussion