Configuration of SIP flood attack defense for the USG2000&5000 series on the CLI

You can configure SIP flood attack defense for the USG2000&5000 series on the CLI.
1. In the user view, run the system-view command to access the system view.
2. Run the firewall defend sip-flood enable command to enable the SIP flood attack defense function.
3. According to the attack defense scope, run either of the following commands to set SIP flood attack parameters:
(a) Run the firewall defend sip-flood ip ip-address [ vpn-instance vpn-instance-name ] [ alert-rate alert-rate ] [ max-rate rate-number ] [ source-detect [ on | off ] ] command to set SIP flood attack defense parameters based on IP addresses. The source detection function is enabled by default.
(b) Run the firewall defend sip-flood zone [ vpn-instance vpn-instance-name ] zone-name [ alert-rate alert-rate ] [ max-rate rate-number ] [ source-detect [ on | off ] ] command to set SIP flood attack defense parameters based on security zones. The source detection function is enabled by default.
4. Run the firewall defend sip-flood port range [start-port end-port ] command to set a port range for SIP flood attack defense.

Scroll to top