ZERO help from verizon on this topic: ZERO help via phone, ZERO help via email, ZERO help via live chat, ZERO help via forum, ZERO help via paper mail. All verizon avenues assert it is not possible to disable the SIP ALG in the 9100em westell. Errrn! wrong.
Export conf, edit file, load conf, reboot.
save configuration file
remove ONE line: (alg(sip_udp))
save changes to file
load configuration file
For a little more sanity modify the 9100em SIP service definition from only ONE UDP port, 5060, to include expected defaults- or YOUR SIP and RTP ports.. you’ll be redefining the 9100 SIP service to be voip service as creating your own voip service definition will not suffice — thanks verizon for making “open” RG “better”.
Yes, delightfully you will be making multiple modifications in several locations in the config file: service, meh why ruin your fun you can find the rest right? protocol(17) = UDP protocol(6) = TCP. For a little more joy craft some advanced filters (firewall settings, yes, advanced filtering) to allow traffic in, Initial Rules, from your ITSP server(s) or otherwise with the SIP/RTP ports you use. Enable rules logging to verify, syslog daemon preferred, but do not leave enabled.
9100em hardware revision A
9100em hardware revision D
Only functional SIP ALG exists with Cisco (not linksys) and Juniper networks. By default every NAT’ing device sold in a big box store has similar piss poor NAT. PFsense for everyone!
@ verizon fios
Now that I have your attention.. I would like an option to receive an IPA lease from a netblock without correlation to my geographic position. (this is not challenging for you to implement). GeoIP location violates privacy and deters confident exercise of freedom of speech.
It would also be super to buy an additional IPA since this device was designed with that in mind. That’d be easier than the solution for multi IPA I employ now which I won’t outline.
* 2010 update: the least painful way to escape fios cpe SIP ALG is to use SIP ports _other_ than 5060 on server (or proxy). DEMAND your ITSP/VSP offer such ports or upgrade to one that does [viatalk]. DEMAND your VSP support SIP TCP & TLS.
* Sept 26 2010: actual Cisco NAT & ALG
NAT Optimized SIP Media Path with SDP