What is SIP ALG Application Layer Gateway and SIP Pinhole.
SIP ALG is a feature where the firewall will inspect the SIP packets to perform Layer 7 NAT ( from private IP to public IP).
Goal of SIP ALG
1- Modification of IP addresses in the SIP payload SDPwhen NAT is used. Referred as NAT Traversal.
2- Dynamic opening of media UDP ports well known (“pinholes”) to allow audio/video traffic instead of statically allow a large UDP ports on the firewall policies.
The best way to know if there is media issues is to understand SIP negociations and perform a packet capture for SIP Transactions. You should verify first if the phones are trying to negociate media parameters such as its private IP address and NOT its NAT’d IP in the SDP Session Description Protocol.