Skip to content

SIP ALG Explained: Why It Breaks VoIP Calls and How to Fix It (UK 2026)

SIP ALG sits in your router and silently breaks VoIP calls. What it is, why it fails, and how to disable it on every popular UK business router in 2026.

SIP trunking network infrastructure
Andy Pickett

By · Managing Director
Published 17 April 2026 · About the author
Premium guide v1.3 · Updated 17 April 2026

Verified against Ofcom Connected Nations Spring 2026, IASME Cyber Essentials April 2026 standard and current operator pricing.

Quick answer: SIP ALG is a router feature that tries to help VoIP traffic but almost always breaks it. If your VoIP phones randomly lose registration, calls have one-way audio, or you can’t receive inbound calls — there’s a 90% chance your router has SIP ALG enabled. Turn it off. Step-by-step instructions for BT Smart Hub 2, Draytek, Cisco, FortiGate, Ubiquiti, MikroTik, Netgear and Sky Q hubs are below.

0
%
VoIP issues caused by SIP ALG
0
min
Avg time to disable
0
UK VoIP providers that recommend it
0
%
Reversible — toggle back if needed

What is SIP ALG, in plain English?

SIP ALG stands for Session Initiation Protocol Application Layer Gateway. It’s a router feature that:

  1. Watches outgoing VoIP packets,
  2. Looks at the IP addresses inside the SIP messages,
  3. Rewrites them so they appear to come from your public IP rather than your private LAN IP,
  4. And opens the necessary ports for the return audio.

The intention is good — help VoIP traffic survive NAT (Network Address Translation). The reality is that it was designed in the early 2000s for a SIP world that no longer exists, it’s poorly implemented in most consumer-grade routers, and modern VoIP providers handle NAT traversal far better themselves.

SIP PhoneHosted PBXPSTN / SIP Trunk

When SIP ALG mangles a packet, the audio path between phone and PBX is broken — even though signalling looks fine.

The symptoms — does this sound like your office?

  • VoIP phones lose registration every 60 seconds and re-register, then drop again.
  • You can dial out but nobody can call in — phones don’t ring on inbound calls.
  • One-way audio — you can hear them, they can’t hear you, or vice versa.
  • Calls drop after 30 seconds — exactly when SIP “session refresh” times out.
  • Transferring calls fails — when you press transfer, the call disconnects entirely.
  • DTMF tones (press 1 for sales) don’t reach the IVR — your menu choices are ignored.
  • Inbound CLI shows wrong number — caller ID is mangled.
  • “Connection lost” errors in your softphone every few minutes.

If you tick three or more of those, SIP ALG is almost certainly the culprit.

Business phone system network setup
Cloud-hosted phone systems handle NAT traversal in the cloud — the router's SIP ALG just gets in the way.

Switch to a smarter phone system

Hosted VoIP from £12/user/month. Free setup, number porting and UK support. Get a quote in 60 seconds.

✓ No obligation✓ Free number porting✓ 60+ features

How to disable SIP ALG — by router brand

BT Smart Hub 2 (most BT Business Broadband customers)

  1. Browse to http://192.168.1.254/ and log in (default password is on the back of the hub).
  2. Go to Advanced Settings → Firewall → SIP ALG.
  3. Uncheck “Enable SIP ALG”, click Save.
  4. Reboot the hub from the same admin page.

Draytek Vigor (2762, 2865, 2927)

  1. Log in to the Vigor’s web UI (default 192.168.1.1).
  2. Go to NAT → ALG.
  3. Untick “Enable SIP ALG”, click OK.
  4. Reboot from System Maintenance → Reboot System.

Cisco Meraki MX (any model)

  1. In the Meraki dashboard, open Security & SD-WAN → Firewall.
  2. Scroll to SIP ALG, set to Disabled.
  3. Click Save — it takes effect within seconds, no reboot required.

FortiGate (60F, 100F, etc.)

  1. SSH or use the GUI to access the FortiGate.
  2. Run config system settings then set sip-helper disable and set sip-nat-trace disable.
  3. Run config system session-helper, find the SIP entry (show), and delete [number].
  4. Save with end. Reboot recommended.

Ubiquiti UniFi / EdgeRouter

  1. SSH into the EdgeRouter / UniFi gateway.
  2. Run configure then delete system conntrack modules sip.
  3. Commit and save: commit then save then exit.

MikroTik RouterOS

  1. In WinBox or the web UI, go to IP → Firewall → Service Ports.
  2. Find sip, double-click, untick Enabled, click Apply.

Netgear (Nighthawk, Orbi)

  1. Log in at http://routerlogin.net.
  2. Go to Advanced → Setup → WAN Setup.
  3. Scroll to “Disable SIP ALG” and tick the checkbox.
  4. Apply — reboot if prompted.

Sky Q hub / Sky Broadband router

Sky disables SIP ALG by default on modern hubs. If you’re on an older hub, the only fix is to replace it with a third-party router (Draytek 2865 is the go-to for UK SMBs).

VoIP calls dropping? Fix SIP ALG issues

Hosted VoIP from £12/user/month with expert UK support. We handle the tech so you don’t have to.

Get a Free VoIP Quote →

Or call us on 0333 015 2615

How to verify SIP ALG is really off

1. Restart the VoIP phone

Power-cycle a desk phone or restart the softphone app. It re-registers fresh — if it stays registered for 5 minutes, you’re past the most common SIP ALG failure mode.

2. Make a 2-minute test call

SIP ALG often kicks in at 30 seconds (session refresh timer). A clean 2-minute call with audio both ways = working.

3. Test DTMF

Call a number with an IVR (try 0800 800 150 — BT’s automated line). If the menu responds when you press 1/2/3, DTMF is reaching the carrier.

4. Use sngrep

For technical teams: capture SIP packets with sngrep on a Linux box plugged into the LAN. Compare INVITE Contact headers — the IP should match your public WAN, not be mangled.

Why VoIP providers don’t need SIP ALG anymore

SIP ALG was designed for an era when every SIP endpoint had to manage its own NAT traversal. In 2026, modern hosted VoIP services use:

  • STUN — endpoints discover their public IP themselves, so the SIP messages already contain the right addresses.
  • ICE — endpoints negotiate the best media path automatically (works through almost any NAT).
  • Symmetric RTP — providers send audio to whichever IP/port the audio came from, NAT just-works.
  • Far-end NAT detection — the SBC at the carrier figures out NAT without help from your router.

Result: SIP ALG is at best redundant, at worst actively destructive. Every major UK VoIP provider (hypercloud, RingCentral, 8×8, Vonage Business, Microsoft Teams Phone direct routing) explicitly recommends turning it off.

VoIP still flaky after disabling SIP ALG?

Talk to our network team — we’ll check QoS, DSCP marking, codec choice and SBC config to find the real cause. Free 30-minute review.

Talk to a UK telecoms expert →

SIP ALG — FAQs

Historical inertia. It was useful on early-2000s consumer routers with poor NAT implementations. Most modern firmware leaves it enabled to avoid breaking legacy customer setups, but for any 2026 hosted VoIP service it should be off.

Rarely. Some legacy on-premise PBXs without STUN support behind double-NAT might benefit. For 95%+ of UK businesses on hosted VoIP it just causes problems.

No — SIP ALG only inspects SIP packets (UDP/TCP 5060, 5061). Disabling it has zero impact on web browsing, email, video conferencing or any other traffic.

Check (1) QoS is marking SIP/RTP DSCP EF, (2) your firewall isn’t aggressive on UDP timeout (set ≥ 90 seconds for UDP), (3) you have enough upload bandwidth (100 kbps per call), (4) your provider’s SBC IP isn’t being filtered. Or ask us — these checks take 30 minutes.

Related Articles

SMS and MMS for Business UK: Costs, Bulk Messaging & Setup

Text messaging remains one of the most effective communication channels available to UK businesses. With open rates above 95 per…

Read more →

Virtual Phone Number UK 2026: How It Works, What It Costs & Why Businesses Are Switching

Traditional phone systems are disappearing. With the UK PSTN switch-off completing by January 2027, every business landline in the country…

Read more →

Best MDM Solutions for UK Businesses 2026: Compare Platforms

Managing company mobiles, tablets and laptops used to mean handing out handsets and hoping for the best. In 2026, that…

Read more →

Microsoft 365 Cloud-to-Cloud Backup with EU/UK Data Residency (2026)

Premium guide v1.3 · Updated 17 April 2026Verified against Ofcom Connected Nations Spring 2026, IASME Cyber Essentials April 2026 standard…

Read more →

Business Phone Contracts UK 2026

What Is a Business Phone Contract? A business phone contract (also called a business mobile contract) is an agreement between…

Read more →

Sky Business Mobile UK 2026: Plans, Pricing, Limitations & Better Alternatives

Quick Answer Sky Business Mobile launched in October 2025 as a SIM-only service for SMEs, running on O2's network from…

Read more →
Written by
CTO and AI Champion

Andrew is a Chief Technology Officer with over 15 years’ experience in IT and telecommunications, leading the design and delivery of robust, scalable technology solutions.

IT StrategyCloudCybersecurityAIDigital Transformation

©Connection Technologies 2026. All Rights Reserved.

Connection Technologies Limited is authorised and regulated by the Financial Conduct Authority, reference FRN 958225

Registered office: Fareham Innovation Centre, Merlin House, 4 Meteor Way, Fareham, Lee-on-the-Solent, PO13 9FU.

Registered in England and Wales, Company No. 11630924

Connect with Us

Linkedin
Sitemap
Get a VoIP Quote 0333 015 2615

Need a business phone system?

Hosted VoIP with 60+ features, from £12/user. Free setup and number porting — no obligation.

Get a VoIP Quote →

Or call 0333 015 2615