Your VoIP provider should give you the information, if the SIP ALG on the Fortigate is needed or not.
In the default setting of a Fortigate the SIP ALG is active.
If a VoIP provider does not require a SIP ALG/Session Helper on the Gateway but the SIP ALG/Session Helper is still active, it can among others cause the following issues:
- One-way voice
- Telephones not ringing
- Issues with the registration of the Telephone can occur
- Call transferring might fail
- Calls that are on hold cannot be taken over
If you encounter any of the above issues, try to deactivate the SIP ALG and the session helper on the Fortigate. The commands are as follows:
fgt # config voip profile fgt (profile) # edit default fgt (default) # config sip fgt (sip) # set status disable fgt (sip) # set rtp disable fgt (sip) # end fgt (default) # end fgt # config system session-helper fgt (session-helper) # show (this command is used to find the correct <id> for the SIP ALG) edit <id> set name sip set protocol 17 set port 5060 next fgt (session-helper) # delete <id> fgt (session-helper) # end
The above changes will only take effect after the Fortigate has been rebooted. To reboot the Fortigate issue the command below:
fgt # execute reboot