• Home
  • Troubleshooting

Signs of SIP ALG or Double NAT

Written by Marissa Orsini

Updated at April 4th, 2025

Contact Us

  • The Essentials
    FAQs Forms
  • Announcements
    Carrier Events mFax Events Platform Events Release Notes
  • Billing Administration
    Datagate OneBill
  • Faxing
    mFax - Analog mFax - Digital Native Fax
  • Hardware & Software
    Manual Configuration Provisioning NDP Axis Cisco Fanvil Grandstream Polycom Snom Yealink Mobile Applications Desktop Applications Mobile-X SNAPbuilder TeamMate Connector UC Integrator
  • Hosted Voice
    Auto Attendants Branding Call Queues Call Routing CDRs Conferencing E-911 Features Fraud Integrations Inventory / Phone Numbers Local & Toll Free Porting Onboarding Recommendations SNAP.HD SIP Trunking SMS / MMS Users Voicemail Caller ID
  • Troubleshooting
    VoIPmonitor Firewalls PBX
  • Ray's Stuff
+ More

Table of Contents

What is SIP ALG? What are the symptoms of SIP ALG? Audio Issues Call Connectivity Issues Other Issues How do I know if SIP ALG is on? How do you know if there is SIP ALG? How to check for signs of SIP ALG on Call Traces Inbound Call Outbound Call Another way to see symptoms of SIP ALG

Scope:

The following steps will show you how to check a call trace if there is SIP ALG or Double NAT is occurring on the network. SIP ALG modifies SIP packets in unexpected ways, corrupting them and making them unreadable. This can give you unexpected behavior, such as phones not registering and incoming calls failing.

 

Requirements:

  • Access to the Manager Portal as a Reseller or higher
  • Call Trace (Preferrably Inbound) - Find out how to obtain one here
 

What is SIP ALG?

SIP ALG (Session Initiation Protocol Application Layer Gateway) is a technology found in many commercial and residential firewalls, routers, and modems. It assists users in reliably initiating SIP calls, even when behind a LAN with a secure firewall configuration. The ALG functions as a NAT tool, translating private IP addresses and ports into public ones.

The SIP ALG inspects the SDP portion of data packets and modifies them to ensure they are transmitted correctly. Since VoIP systems convert audio data (voice) into packets for transmission over the internet, the ALG is designed to supposedly help maintain call quality. In practice, however, this technology can degrade the quality of SIP calls due to the multi-process nature of SIP and the sensitivity of data packets. This can lead to SIP messages being delivered to the wrong endpoint or not being delivered at all. For this reason, we recommend disabling SIP ALG.

What are the symptoms of SIP ALG?

Audio Issues

  • One-way audio: You can hear the other person, but they can't hear you, or vice versa.  
  • No audio: Complete loss of audio during calls.  

Call Connectivity Issues

  • Dropped registrations: VoIP devices frequently lose their connection to the SIP server.  
  • Calls going straight to voicemail: Calls ring briefly, or not at all, then go straight to voicemail without establishing a connection.  
  • Random error messages: Unusual error messages appear during incoming calls, such as "The caller you have dialed is no longer in service."  
  • Phones continue ringing without being answered: Calls keep ringing but cannot be answered.  

Other Issues

  • Call transfers failing: Transfers between users or to voicemail may not work.  
  • Unable to put a call on hold or park: Call hold or call parking features may not function properly.  
  • BLF or MWI issues: BLF or MWI may be directed to the wrong extension, respond slowly, or fail to work altogether.

How do I know if SIP ALG is on? How do you know if there is SIP ALG?

Although SIP ALG typically causes issues immediately, it can remain on your customer's network for months or even years before causing any problems. This delay in issues may result from a firmware update or corruption of the file system on the routing device.

How to check for signs of SIP ALG on Call Traces

Inbound Call

If you're analyzing an inbound call, locate the 200 OK response to the INVITE from the device that answered the call. (We recommend capturing an answered call.)

Here’s an example of an inbound call to device 102. In line 13, we can see a 200 OK response from a Grandstream GXP2160. Multiple public IP addresses are present in the SIP message. It’s normal to see public IP addresses in the message; however, public IP addresses should not appear in the Contact Header or SDP body. The presence of a public IP address in either of these two fields indicates the use of SIP ALG.

 

Outbound Call

If you're analyzing an outbound call, look for the INVITE that originated from the calling device.

This is an example of an outbound call from the Grandstream GXP2160, device 102. On line 1, you can see an INVITE from device 102. As mentioned above, multiple public IP addresses may appear in the SIP message, but they should not be present in the 'Received packet from' and 'Via' headers.

Another way to see symptoms of SIP ALG

Go to User > Phones. Then, hover over the IP address of the device. An IP address that appears in red indicates a potential issue. When you hover over it, a description will appear saying "Possible SIP ALG Enabled" as seen below.



 

double nat sip alg

Was this article helpful?

Yes
No
Give feedback about this article

Related Articles

  • IP Addresses & Ports
  • Troubleshooting Outbound Calls Marked as Spam
  • Outbound Call Troubleshooting

Knowledge Base Software powered by Helpjuice

Expand