[VoiceOps] Tool To Test for SIP ALGs

ewieling ewieling at nyigc.com
Tue Jul 18 11:31:52 EDT 2017


In my experience, mainly Polycom and Adtran, most SIP devices send 
packets with a source port 5060.    SIP ALG preserves the source port 
but regular NAT changes the source port (maybe not for the first device) 
just like NAT for any other service.


On 07/18/2017 10:00 AM, Colton Conor wrote:
> Anyone have a tool that a technician or customer could put on a 
> computer on a customer's network, and it will tell them if a SIP ALG 
> was disabled or enabled? Or if their network was suitable for SIP 
> traffic?
>
> We started deploying some Ubiquiti Unifi USG routers, and discovered 
> that they had SIP ALG enabled by default.
>
> Typically we just put the Polycom VVX phones to register with TCP for 
> signaling, and this bypasses most SIP ALGs as I think most can only 
> handle SIP using UDP and not TCP right?
>
> Well I guess the SIP ALG used in the Ubiquiti Unifi USG does modify 
> even SIP using TCP. I know Ubiquiti Unifi USG use a fork of the vyatta 
> operating system, and the command to disabled it is set system 
> conntrack modules sip disable
>
> We were able to turn SIP ALG off, and now everything is working fine.
>
> Would be great if there was a tool a low level tech or customer could 
> use to test the network?
>
>



More information about the VoiceOps mailing list