DIsabling SIP Application Layer Gateway (ALG) functionality

Support
2016-05-30 07:47

Disabling SIP ALG

If you are experiencing one way voice particularly on incoming calls the most probable cause is SIP ALG. While originally designed to resolve a NAT related problems, with no standard implementation many routers and software based firewalls corrupt the SIP message by attempting to rewrite part of the SIP message. Frustratingly the one-way voice issues will often only occur on a single number and will clear once the router has been reset.

As a general rule all VoIP service providers recommend disabling SIP ALG (see VoIP Org).

Content

1. Cisco IOS Router
2. DrayTek Router
3. Juniper JunOS Router
4. Netgear Modem Router
5. SonicWall
6. TP-LINK Modem Router
7. Billion 7300GRA, 7800N
8. Zyxel
9. Netcomm

 

If you are unable to access the router consider switching your phone or PBX to use TLS which to encrypt the SIP packet ultimately preventing SIP ALG corruption.

1. Disabling SIP ALG – Cisco IOS Router

  • From the CLI: Enable configure terminal, No IP nat service SIP UDP port 5060
  • For TCP run: No ip nat service sip tcp port 5060

2. Disabling ALG – DrayTek Routers

This guide specifically applies to the Vigor 2760 but is also applicable to most other DrayTeks in the series.

  • 2800, 2820, 2830, 2860, 2920, 2925, 2960

Windows

  1. Start | Cmd
  2. Type: telnet 192.168.1.1 (Enter) NB – Ensure Telnet is enabled ( Start | Control Panel | Programs | Programs and Features | Turn Windows Features on or off | TELNET CLIENT >> OK)
  3. Default user name: admin | admin
  4. Type: sys sip_alg 0 (Enter) Enter

3. Disabling ALG – Juniper JunOS Router

  • From the CLI: To verify if SIP ALG is enabled or disabled run show security ALG status | match sip
  • To disable run:
  1. Configure
  2. Set security alg sip disable
  3. Commit

4. Disabling ALG – Netgear Modem Router

This guide applies to most Netgear routers

  1. In browser browse to 192.168.0.1 (this is the default IP address)The default username is admin and the default password is password
  2. Under Advanced select WAN Setup
  3. Check Disable SIP ALG option
  4. Select Apply

5. Disabling ALG – SonicWALL

This KB applies to all SonicWALL SonicOS firewalls.

SonicWall has a feature called SIP Transformations that consistently cause total or partial loss of voice.

  1. Log into the web interface on the SonicWall.
  2. On the left, find the VOIP tab. Depending on the version of SonicOS your screen may appear slightly different.
  • Disable SIP Transformations: Browse to the SIP Settings page and ensure Enable SIP Transformations is NOT enabled.
  • Enable Consistent NAT: The Consistent NAT setting will ensure the same NAT port is used. If this is disabled, you may experience undesired call behaviour.
  • Ensure Consistent NAT is Enabled

This KB applies to most TP-LINK routers.

On Windows 7/8

  1. Start | cmd >>Enter
  2. Type:telnet 192.168.1.1EnterNB – Ensure Telnet is enabled ( Start | Control Panel | Programs | Programs and Features | Turn Windows Features on or off | TELNET CLIENT >> OK)
  3. Default user name: admin | adminNote that no symbols may appear when typing in the password, but continue anyway.
  4. Type inip nat service sip sw offEnterIf successful, it should say Nat SIP v2 switch off!

7. Disabling ALG – Billion 7300GRA, 7800

8. Disabling ALG – Zyxel Equipment

Web UI: Using the Web Interface Navigate to the NAT tab and uncheck the box for SIP ALG.

Using Telnet

  1. Telnet into the router Select menu items 24 then 8
  2. To display current SIP ALG status run the following command:

9. Disabling ALG – Netcomm

While the following KB guide specifies the NB604N all Netcomm routers are similarly configured. Netcomm also provide a useful router emulator for all their routers.

  1. Logon to the router
  2. Advanced Setup | NAT | ALG >> uncheck “Enable SIP”

Average rating: 0 (0 Votes)

You cannot comment on this entry