Turning Off SIP ALG or SIP Transformations

First, a little background on SIP ALG (Application Layer Gateway). It is a security component of a router, or NAT, that allows VoIP traffic to pass back and forth through from private to the public through the firewall. The SIP ALG inspects the traffic and then repackages it as it allows it to continue on to its destination. Many routers incorporate this protocol, however, unfortunately, after inspecting some information is lost or rearranged, which results in the return RTP not making it to the intended destination inside the LAN. The result is one-way audio, where the caller can hear the person inside the network behind the router, but that user cannot hear the person on the outside. The RTP data never make it back to him.

SIP ALG on a router achieves:

It controls SIP (Session Initiation Protocol) activity by limiting the duration with inactivity media timeout features.
It protects the SIP proxy server from a DoS (Denial of Service) attack from outside the network.
It allows passage of data when the session occurs while using NAT (Network Address Translation) mode and special routing modes.

What are SIP Transformations?

It is a setting found primarily on a SonicWall, and is essentially SIP ALG. And is known to cause issues with some VoIP services. These issues can be one-way audio, phone registration issues, or even dropped calls. Most VoIP carriers will request the user to disable (or uncheck Enable) for SIP Transformations and enable consistent NAT (Network Address Translation) on a SonicWall if these issues are occurring.

VoIP Issues? Try disabling SIP ALG

Most routers have SIP ALG enabled by default. Disabling this setting is easy and should resolve some VoIP issues, including one-way audio. Below are two screenshots showing where to locate it on a Linksys WRT1900AC and on a SonicWall. Additionally, you'll find screenshots of where to disable SIP ALG on a Netgear AC1900 and a version of Tomato firmware.

Linksys WRT1900 ALG setting.

Disabling SIP ALG on a WRT1900 Linksyst router.

Most good routers have advanced routing rules that can help accomplish many obstacles, such as Port Forwarding and other advanced routing features.

Sonic Wall screenshot showing the SIP Transformation setting.

Screenshot of Sonicwall SIP Transformations.

As shown, the Sonicwall includes a setting to Enable consistent NAT (Network Address Translation). This setting can help ensure that the NAT address remains the same, helping voice traffic (RTP) to find the correct endpoint.

The Netwgear AC1900 under WAN settings.

SIP ALG on a Netwgear AC1900 router.

The Netgear Nighthawk series of routers are fast, can handle numerous devices, and are good for networks that use VoIP. The AC1900 offers excellent value and performance.

Tomato software go to the NAT Helpers screen.

The SIP ALG setting on Tomato firmware.

Depending on the version of Tomato, you can find SIP ALG under Advanced, then Conntrack/Netfilter, in the Tracking/NAT Helpers section. If you find SIP checked, then SIP ALG is enabled. Uncheck it to disable it.

Enabling Constant NAT

Sonicwall firewall devices have a setting of Constant NAT. Some VoIP providers will suggest enabling constant NAT along with disabling SIP Transformations. We suggest you follow their suggestion.

Changing outbound port numbers, which are done by routers and/or Sonicwall devices, will cause issues with the VoIP traffic, which can cause one-way audio and dropped calls. Keeping the same NAT pinhole assignment allows RTP traffic to complete its travels to the correct destination. Constant NAT helps with RTP traveling through the firewall and using this setting as a troubleshooting tool can help resolve many one-way audio issues with VoIP.

SIP (Session Initiation Protocol)

SIP is an application layer control protocol that supports features that are needed when initiating and ending communication. SIP does not provide services itself, therefore it works in conjunction with other protocols to provide those services. One such service is RTP, which carries the voice for a VoIP call.