Skip to main content

Force Disable SIP ALG on Fortigate

If you're having weird phone issues behind a fortigate firewall, it may be because SIP ALG is enabled. This happens rarely and is not the default config. These steps will force-disable the feature

 

  1. Logon to your FortiGate’s console
  2. Type ‘config system session-helper’ and press enter
  3. Type ‘show’
  4. Find the entry which shows ‘set name sip’ and note the ID (it’s usually 13)
  5. Type ‘delete 13’ (or the number shown on your firewall) and then ‘end’
  6. Type ‘config system settings’
  7. Type ‘set default-voip-alg-mode kernel-helper-based’ and then ‘end’
  8. Type ‘config voip profile’ then ‘edit default’
  9. Type ‘config sip’ then ‘set status disable’
  10. Type ‘end’ then ‘end’
  11. Reboot the router

No comments to display

Back to top