SIP/ALG settings Question

AriesUpNorth
AriesUpNorth Posts: 2
First Anniversary First Comment
edited April 2021 in Security
Newly installed Zywall 110.  Looking to improve voice quality on Verizon VoIP phones (server in cloud).  Phones connect fine and quality is average with occasional stutters & packet drops. I found an article on the KB with steps to improve the quality.  I've determined phone traffic is on UDP 5061.  When following the settings noted in "How to Manage Voice Traffic" I run into an immediate issue:  CONFIG\NETWORK\ALG then ENABLE SIP ALG, ENABLE SIP TRANSFORMATIONS, RESTRICT both P2P Signaling and P2P Media.  I then add port 5061 (leaving default of 5060) and the phones immediately go offline when I click apply.  When I remove 5061 from the port list, the phone come back online.  So Enabling SIP ALG with the correct ports disconnects the phones. 

There are more steps, but not proceeding as the steps noted drop the connection between the phones and the Cloud SIP Server.

New to this process, so any help appreciated!

All Replies

  • Follow-Up...messaged posted before I was done.  Does activating SIP/ALG require additional policy to be created to allow SIP traffic in/out of Firewall?
  • Zyxel_Stanley
    Zyxel_Stanley Posts: 1,361  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer

    Hi @AriesUpNorth

    To setup SIP traffic with highest priority:

    (1) SIP ALG is enabled.


    (2) BWM function and highest priority for SIP traffic is enabled


    After setup these configuration, SIP traffic should with highest priority.

    The SIP and RTP traffic will auto-translate to WAN side SIP server by SIP ALG function.

    Is any phone call issue on your phone now?  Does re-register SIP session help for this case?


  • ChrisGer
    ChrisGer Posts: 205  Ally Member
    First Anniversary Friend Collector First Answer First Comment
    @AriesUpNorth; @Zyxel_Stanley
    hi together,
    in some cases SIP-ALG must be disabled, cause i've two vendors (Zyxel and another one) :) where SIP-ALG is not 100% working and disconnect sporadical a call :)

    I've disabled SIP/ALG rebooted the USG to load the SIP deactivation and configured the in/outbound rules as required and it works fine :smile:

    Regards
    Chris

Security Highlight