I was wondering if there is a limit with SIP inspect as it relates to number of established SIP calls.
So does SIP die after 50 calls, 100 calls etc.
I ask because the Juniper SSG and ISG firewalls have limits with thier Application Layer Gateways (ALG) which is similar to the SIP inspect in the ASA. Juniper does not post that the ALG has a limit so I found out the hard way. Then thier support told me this is not documented but each product has a different limit for the SIP ALG.
I just do not know if Cisco has a limit that is also not documented before there are issues with calls.
Any help or any pointers to documentation that speak to this would greatly be appreciated.
To the best of my knowledge it is just a limitation in traffic forwarding not raw number of simultaneous calls. All of the SIP traffic will have to be fixed up so you'll just need to keep an eye on the CPU and memory of the device as more calls are created.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...