JunaidKhan Lv1Posted 26 Sep 2023 14:05
  
Last edited by JunaidKhan 26 Sep 2023 14:09.

The Palo Alto Networks firewall uses the Session Initiation Protocol (SIP) application-level gateway (ALG) to open dynamic pinholes in the firewall where NAT is enabled. However, some applications—such as VoIP—have NAT intelligence embedded in the client application. In these cases, the SIP ALG on the firewall can interfere with the signaling sessions and cause the client application to stop working.

One solution to this problem is to define an Application Override Policy for SIP, but using this approach disables the App-ID and threat detection functionality. A better approach is to disable the SIP ALG, which does not disable App-ID or threat detection.

The following procedure describes how to disable the SIP ALG.
1.        STEP 1 – select > Application.
2.        STEP 2 – select the sip Application.
You can type sip in the Search box to help find the sip application.
3.        STEP 3 –Select Customize….for  ALG in the Options section of the Application dialog box.

4.STEP 4 – Select the Disable ALG check box in the Application -      sip dialog box and click OK

5.STEP 5 –Close the Application dialog box and  Commit the change.

original.png (115.38 KB, Downloads: 368)

original.png

original 2.png (7.36 KB, Downloads: 360)

original 2.png

I Can Help:

Change

Moderator on This Board

11
6
5

Started Topics

Followers

Follow

1
2
5

Started Topics

Followers

Follow

0
3
4

Started Topics

Followers

Follow

67
20
3

Started Topics

Followers

Follow

3
10
3

Started Topics

Followers

Follow

1
137
3

Started Topics

Followers

Follow

Board Leaders