SIP ALG Problem

At the moment we change our analog telephonie to IP telephonie. I have create a proxy SIP-ALG policy.
After creating the policy the telephony works from external to internal but not from internal to external. The voice transmission does not work.
Is an error known during configuration with SIP-ALG?


  • No it is not.
    Please open a support incident so that a WG rep can help you get this working.

  • I have now created a policy with a packet filter instead of a SIP ALG.
    Now the telephony works.
    From: Phone Server
    TO: Any External
    Ports: I got from my provider

    @Bruce_Briggs what do you think about this configuration?

  • Many sites use policies with a port list instead of using a SIP-ALG policy.
    It depends on the IP phone system details as to which method is best.

  • According to my provider these always have difficulties with SIP ALG. This is a Swyx telephone system

  • Every VoIP provider I have encountered recommends a packet filter and disabling any SIP-ALG on the firewall.

    Gregg Hill

  • @GreggHill thanks for your post. What I find unfortunate is the Watchguard which describes that this should work without problems with a single SIP-ALG proxy.

  • Hi Daniel,

    as I can see we are in the same boat.

    We also had to setup a Swyx behind a Firebox. After spending endless hours in trying to get the SIP-ALG running without problem, we dropped it altogether and used packet filters instead.

    Sometimes it worked and sometimes voice was missing in one direction.

  • Hi @offbyone ,
    thanks for your post. Yes I think so.
    Now I will let the configuration with packte filters when you say you have the same problem with Swyx.

  • Hi Daniel.

    Just for the record. We are not sure if the Swyx itself is the problem. It could also be the telephone carrier or a combination of both.

    Most important thing if you try to get the SIP-ALG running is that you disable STUN on the PBX as it interferes with SIP-ALG.

  • Hi @offbyone thanks for your porst. I have disable STUN on the PBX but it still doenst work. I've now built a packet filter where the ports of my provider are containend an released to externally without SIP. Now it works.

    But I had the last time the problem that the voice transmission didn't work anymore. I usually took the port policy any. Then the voice transmission went again. After that I changed the ports back to those of my provider and it was still ok. Can someone tell me what the problem is or was?

Sign In to comment.