What Is SIP ALG? Why VoIP Users Should Disable It

Explore Sip Alp

Are you using a VoIP phone system but facing issues such as dropped calls, no incoming calls, or phone ringing even after receiving a call? Do not worry. You can resolve all your VoIP issues once you disable SIP ALG. SIP is considered a cornerstone of VoIP, and you need it to make calls because it creates and maintains connections with the other party. For using Voice over Internet protocol, you do not need extensive hardware. It only requires computers, SIP endpoints, phones, communication devices, and a reliable internet connection.  

With SIP calling, businesses can connect with customers and employees at a lower cost. Businesses that adopted VoIP technology are experiencing a saving of as much as $5000 per year. However, disabling SIP ALG on your router is one of the essential steps to have the best audio quality. 

This article will comprehensively describe what SIP ALG is and why it is necessary to disable it for VoIP users.

What Is SIP ALG?

SIP ALG is an acronym for Session Initiation Protocol Layer Gateway. This technology, also known as an application-level gateway, is available on many commercial routers. It helps users make SIP calls reliably even when it is behind the LAN with a secure firewall configuration. Your router addresses your ISP and your internal network using Network Address Translation. ALG is a NAT tool that rewrites private IP addresses, port them into public IP addresses, and improves connectivity. 

In other words, SIP ALG is an independent firmware program designed to prevent firewall issues on the router. It inspects SDP parts of data packets and modifies them to send them correctly. Remember that VoIP changes voice signals n to digital packets and transmits them online. Unfortunately, this technology impacts the quality of SIP calls due to the delicateness of data packets and the multi-process nature of SIP. It is a reason that SIP trunking [providers ask you to turn off the feature on the router.

How SIP Interact With ALG?

Understanding the process of SIP calls is essential to know why SIP ALG is problematic for modern SIP phone systems.

Although SIP helps in opening and terminating data connections, there are some more steps in between, which are as follows: 

  • The first stage is the invite stage, where you initiate a call and contact another caller to communicate. 
  • When there is a connection between you and the second caller, a response is sent back to you as you are the initial dialer. 
  • The answering stage acknowledges the inbound call, not the call itself. This stage of the process also commences when the receiving party takes action.
  • It is the final acknowledgment of the call connection. It is sent out from your end (the originator).
  • Once these four steps have been completed, the actual call happens. It is a two-way connection.
  • rewrite 

Although it seems like a long and complex process that sends data both ways, it takes only a few seconds to complete. From a connectivity perspective, the issue with having a five-part connection process is that it increases the risk of packet loss when ALG (Application Layer Gateway) modifies data during transmission and reception.

How To Know SIP ALG Is Affecting Your VoIP Calls?

There are a few signs or symptoms that you can notice when SIP ALG affects your VoIP phone calls. These issues often happen silently, so the signs are not always apparent.

These symptoms that you can notice include: 

  • Call drop after being connected
  • One way audio 
  • The phone does not ring when a call is coming 
  • The call goes straight to voicemail 

Typically, the reason is that some voIP traffic is lost between the phone system and 

VoIP service, and it happens due to router firewalls. This traffic is vital for maintaining the phone’s availability and choosing the right audio codecs. Many routers have SIP ALG enabled by default in their device’s firmware. Thanks to user-friendly web interfaces, you can quickly turn it on or off with a simple checkbox.

How To Turn Off SIP ALG On Your Router?

If you want to disable SIP ALG on your router, first, you have to log into your router. Some routers also work as modems for some broadband gateways. Cisco, Asus, D-Link, TP-Link, Linksys, and Netgear are some popular brands of routers. 

In most cases, you only need to log in to your router with the admin password, go to security settings, and uncheck SIP ALG. After that, you have to save these settings and reboot your router. But more advanced corporate routers and their firewalls need further adjustments, such as port forwarding.

Not all router brands have that easy setting for turning off SIP ALG, so in the following table, we will describe how to disable SIP ALG in some top routers.

Router Manufacture How To Disable
Go to advanced setting and click on WAN.
Then click the NAT pass through tab.
Click the drop down menu and disable SIP passthrough.
Click apply.
Click advanced.
Select WAN.
Check the box called disable SIP ALG.
Click apply.
Log in to the router's terminal via telnet, SSH, or a serial console.
Enter the "enable" command..
Type "configure terminal" so that you can access the configuration terminal.
To disable SIP ALG for UDP on port 5060, enter "no IP nat service sip UDP port 5060.
Add "no IP nat service sip TCP port 5060 for TCP.
Click Advanced setup.
Select NAT
Click on ALG
Unchecked the box of SIP
Click Save
Go to Advanced settings
Click Firewall settings
Uncheck box that says Enable SIP
Change UDP and TCP Endpoint and set it to Endpoint Independent.
Uncheck SIP and ALG
Click Save
Click on the "Advanced" option.
Uncheck the SIP ALG feature. For BEFSR41 routers:
1.Go to "Applications and Gaming."
2.Click on "Port Triggering."
3.Enter "TCP" in the application field.
4.Input "5060" in both the Triggering and Forwarded Range fields.
5.Enable the configuration.
Select "ALG."
Unselect the "Session Initiation Protocol (SIP)" option.
Unselect "Netmeeting (H.323)."
Click "Save Status."
In the System Setup menu on the left, go to VoIP.
Enable 'Consistent NAT' and disable 'SIP Transformations.' Click 'Accept.'
To extend UDP timeouts, access Firewall Settings, then Flood Protection.
Select the UDP tab and change the default UDP connection timeout to 300 seconds.
Save the changes by clicking 'Accept.' For additional details, refer to the support article.
Click on Internet Tab
Click on port forwarding
To extend UDP timeouts, access Firewall Settings, then Flood Protection.
Uncheck the field of Enable SIP ALG
Click save

After making all the changes according to your router, it is a rule of thumb to reboot your router. After making these changes, you will see that call quality issues are reduced.   

Why Do You Need To Disable SIP ALG?

Common wisdom often suggests enabling Application-Level Gateways (ALG), as many consumer and commercial routers have SIP ALG enabled by default. 

SIP ALG was introduced in most broadband routers with good intentions, aiming to address the limitations of Network Address Translation. However, it can disrupt the inherent functionality of IP and signaling protocols. In today’s VoIP applications, SIP ALG is generally no longer necessary.

ALGs operate at the Application Layer of the OSI Model and do not consider datagrams within transport protocols like UDP or TCP. VoIP signaling protocols have evolved to resolve these issues by including public and private IP addresses in every packet.

In some cases, routers attempt to enhance security by closing open connections in the firewall, known as a “firewall pinhole.” While this allows traffic to function briefly, it can lead to issues with VoIP calls if the SIP proxy starts dropping packets once established.

You must disable SIP ALG because:

  • It impacts the reliability of VoIP apps and desk phones 
  • It affects SIP traffic 
  • It is not required when you use cloud-based VoIP service providers. 

It is the best practice for all VoIP users to turn off SIP ALG completely. You can only enable SIP ALG when your VoIP provider or router manufacturer instructs you.

Practices For Reliable VoIP Performance

Voice over Internet Protocol or VoIP requires a few standard requirements to make optimal phone calls, including bandwidth, stability, and latency.

Here are some tips that you can follow to improve the quality of inbound and outbound calls.

1. Choose The Right ISP With Proper Hardware

It is essential to have ample network capacity to ensure a robust VoIP infrastructure.  Utilizing gigabit switches and routers will effectively remove any internal congestion points.

Remember that your network must accommodate numerous devices, such as computers, phones, and televisions, all of which require bandwidth. Therefore, aiming to utilize only 80% of your allocated network capacity is advisable.

2. Use a Wired Internet Connection When Possible

Wireless connections are vulnerable to interference, resulting in packet loss and jitter. While latency and packet loss may not typically be apparent during everyday internet browsing, they can significantly impact the quality of VoIP calls, particularly on VoIP desk phones.

When utilizing Wi-Fi, it’s crucial to maintain a robust signal and disable SIP ALG in your wireless router to mitigate these issues.

3. Set Up Virtual LAN Tagging

Once you reach around 15 users, we strongly advise implementing network prioritization through Quality of Service (QoS). You can prioritize VoIP data over less critical network traffic by utilizing VLAN tagging. This approach helps reduce packet loss and improves the overall security of your VoIP system.

4. Keep Up With Firmware Updates

Be proactive in monitoring and updating your router manufacturer’s firmware patches. Occasionally, these updates may reset your configurations, but they are essential for addressing security and performance issues.

If you use commercial routers, engaging with the vendor to obtain updates through methods such as downloading from their FTP server or pushing software images via the Command Line Interface (CLI) might be necessary.

5. Choose The Right Phone Service

Deactivating SIP ALG can be a straightforward solution to numerous issues encountered during VoIP calls. Frequently, this uncomplicated adjustment is underestimated by technicians, yet it undeniably holds the potential to significantly enhance the reliability and performance of your virtual phone service.

If you are currently reading this article due to troubles with your phone system, rest assured that you are not alone. Rather than attempting to troubleshoot the issue independently, you might consider choosing a well-reputed VoIP service provider with experts to guide you in technical issues.

Final Words - SIP ALG

In conclusion, SIP ALG, or Session Initiation Protocol Layer Gateway, is a feature in many routers. While it was initially intended to improve network address translation, it often causes problems for VoIP users. Disabling SIP ALG is crucial in ensuring reliable VoIP calls, as it can lead to issues like dropped calls and one-way audio.

By following the steps to disable SIP ALG on your router, you can significantly improve the quality and reliability of your VoIP service. Choosing the right Internet Service Provider with appropriate hardware is essential, using wired connections when possible to reduce interference, implementing VLAN tagging for network prioritization, and regularly updating your router’s firmware to optimize your VoIP experience.

Should you encounter issues, seeking assistance from a reputable VoIP service provider with technical expertise can be a wise choice. These steps allow you to enjoy clear and dependable VoIP calls, enhancing your overall communication experience.


SIP ALG can disrupt the normal flow of SIP packets between VoIP devices and services. It often modifies these packets in unintended ways, leading to communication issues. For example, it may change private IP addresses to public ones, which can cause problems when connecting with VoIP services.

Disabling SIP ALG is often necessary to ensure the reliable and high-quality performance of VoIP calls. SIP ALG can frequently cause issues such as dropped calls, one-way audio, or calls not ringing through, making it a common culprit for VoIP problems. Disabling it can help mitigate these issues.

Common signs that SIP ALG is causing issues with your VoIP calls include call drops, one-way audio (where you can hear the other party but they can’t hear you or vice versa), calls going straight to voicemail, or phones not ringing when a call comes in. These symptoms may not always be immediately apparent but can indicate SIP ALG interference.

Disabling SIP ALG for VoIP calls is generally recommended, as it can cause more problems than it solves in modern VoIP applications. However, certain VoIP providers or router setups may require SIP ALG to be enabled in some rare cases. If unsure, consult your VoIP service provider or router manufacturer for guidance.

If disabling SIP ALG is not an option, you can consider using a different router or firewall that doesn’t have SIP ALG enabled by default. Alternatively, if you have a more advanced setup, you can configure your router’s settings to work around SIP ALG issues.

To maintain the best audio quality for VoIP calls, you can follow several best practices, including having ample network capacity, using wired connections when possible, implementing network prioritization with Quality of Service (QoS), keeping your router firmware up to date, and choosing a reliable VoIP service provider. These measures collectively enhance the overall VoIP experience.

Many VoIP service providers offer technical support and guidance for addressing SIP ALG-related problems. If you’re experiencing VoIP issues related to SIP ALG, consider contacting your service provider for assistance in turning it off or resolving associated problems.

Scroll to Top