What Is SIP ALG?
SIP ALG (Session Initiation Protocol – Application Layer Gateway) is a feature found in many routers and firewalls that is designed to analyze and modify SIP traffic. Its purpose is to assist VoIP connections in NAT environments.
In practice, however, SIP ALG very frequently causes problems, as modern VoIP platforms already handle NAT and media streams correctly on their own.
Typical Symptoms When SIP ALG Is Active
An enabled SIP ALG can cause the following problems, among others:
- Calls remain connected but audio transmission briefly drops out
- Regular audio interruptions (e.g. every 20–60 seconds)
- All locations or lines show an identical error pattern
- Call participants intermittently cannot hear each other or hear only interrupted audio
These effects occur particularly frequently in a periodic pattern and are often mistakenly interpreted as a bandwidth problem.
Important: Disable SIP ALG Even When Using an RTP Proxy
Even when a central RTP proxy is in use (e.g. to avoid NAT or one-way audio issues), SIP ALG must still be disabled.
An active SIP ALG can, despite a correctly established media path:
- Modify SDP information
- Interrupt or reinitialize RTP sessions
- Cause brief audio dropouts even though the call remains connected
Virtual-Call Recommendation
For stable telephony operation, we explicitly recommend:
- Completely disable SIP ALG on all routers and firewalls
- No SIP or RTP manipulation by firewalls (Inspection, Helper, DPI)
- Set UDP session timeouts for VoIP sufficiently high (at least 120 seconds)
- Prioritize RTP traffic (QoS), especially on shared internet connections
After making configuration changes, routers and firewalls should be restarted.
Names for SIP ALG (Varies by Manufacturer)
Depending on the manufacturer, SIP ALG may also be listed under different names, such as:
- SIP Helper
- VoIP Helper
- SIP Inspection
- Application Layer Gateway
Please make sure that all corresponding features are disabled.
Comments
0 comments
Article is closed for comments.