05-17-2018 03:02 AM - edited 03-08-2019 03:03 PM
Hi all,
I'm not that knowledgable with VOIP so bear with me......we have a conference phone and it keeps showing as registered on the VOIP companies site (a 3rd party) and then during the call it then drops and shows as not registered and no calls can be made.
They have asked me to disable SIP ALG on the router which i did by:
But then the phone doesn't work and shows as unregistered.
Am i doing this wrong or is this not the correct way to disable SIP ALG on a Cisco ?
Thanks in advance
05-17-2018 03:50 AM
no ip nat service sip tcp port 5060
no ip nat service sip udp port 5060
05-17-2018 04:03 AM
So i've done it right then (i did both UDP and TCP) ? Would this block port 5060 completely by any chance?
05-17-2018 04:18 AM
05-17-2018 04:20 AM
Great, thanks
05-17-2018 04:21 AM
Sorry, just realised. Are you saying YES to me doing it right or YES to it would block port 5060 altogether?
Thanks
05-17-2018 04:44 AM
05-17-2018 06:27 AM
Right so as i'm not great at VOIP etc then i thought that SIG ALP was just a sort of inspection on SIP packets that sometimes modifies it and therefore causes issues so i was under the impression that this would disable the "ALG" inspection of the SIP packet but still let the packet through ?
Is there any way of disabling the ALG side but still let the SIP packet through or am i completely misunderstanding this ?
Thanks
05-17-2018 01:13 PM
@WonderfulIT wrote:
or am i completely misunderstanding this ?
You're over-thinking this.
When applied, the two lines disables SIP ALG. Period.
Factory default the AP and observe what it's doing.
05-18-2018 12:33 AM
I think i am then....so if you disable SIP ALG then how does a device communicate on port 5060 ? From what you're saying these commands BLOCK that port completely ?
05-18-2018 01:23 AM
@wilson419 wrote:
if you disable SIP ALG then how does a device communicate on port 5060
It won't. TCP and UDP 5060 are blocked so nothing should be talking to that port. NOTHING.
05-18-2018 01:52 AM
Right, that's clear now then so the part i obviously don't understand is that when comms companies ask us to disable SIP ALG on a line (which seems to becoming a common request) then if the device on the end of that communicates on port 5060 then this will just block the whole device ?
On some of the Drayteks we use there's an option to disable SIP ALG and this seems to disable it but still allow that device to work on port 5060 so is there anything else i would need to do on a Cisco such as adding a new NAT rule or something or is it a case of if you disable SIP ALG then there's no chance of getting anything to work on port 5060 ?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide