Get access to free VOIP training. Sign up below.

Fortigate SIP ALG / Fortinet SIP ALG


FortiOS has two features that can modify the SIP headers and SDP parameters. The first feature is called the “SIP Session Helper”. If you are experiencing one way audio issues disable this feature first, reboot your IP phone then try making another call. If disabling the session helper does not work, disable the SIP ALG as well.

To disable the sip session helper:

1 Enter the following command to find the sip session helper entry in the session-helper list:

show system session-helper

edit 10
set name sip
set port 5060
set protocol 17

2 Enter the following command to delete session-helper list entry number 10 to disable the sip session helper:

config system session-helper
delete 10

To disable the SIP ALG:

There are typically two VOIP profiles on a factory shipped Fortinet firewall. You may need to disable both profiles to fully stop the ALG.

config voip profile
edit VoIP_Pro_2
config sip
set status disable

See the Fortigate Technical documentation page for further details.

8 thoughts on “Fortigate SIP ALG / Fortinet SIP ALG

  1. I’ve also found you need to do this:

    config system settings
    set sip-helper disable
    set sip-nat-trace disable

    (Go Fortinet! We need another place in the config to stop your products messing with SIP by default)

      1. Hi Keith Croxford,

        I’m really appreciate your recommend. I did success for my NEC IP-PBX & SIP-Server which connection going through Fortigate Firewall

        Hieu Cao
        From Vietnam

  2. Dear Fortigate… Why is this still an issue with your equipment? Even if we turn this off its a global command which means all my VDOM’s are affected. Thanks so much!!!

  3. I had exactly the same issue, even on the latest firmware (v5.2.3,build670 (GA)
    My issues was solved by only disabling the RTP processing

    config voip profile
    edit default
    config sip
    set rtp disable

Comments are closed.