Avoid Frustrating VoIP Problems With These Remedies

Did you know that your firewall may actually be a hindrance to clear, quality voice calls? You need both to run a business today. Without a firewall, you can’t protect your network, data and apps. Without high-caliber cloud or hosted VoIP service, you can’t communicate with colleagues and customers.

When you think about it, it’s a bit like a dog chasing his tail. One of the primary reasons you have a firewall is to make sure calls get through safely and securely. Now it turns out that it can be the cause of calls that end up with one-way audio or are dropped altogether.

VoIP technology for cloud and hosted services use SIP, or Session Initiated Protocol, to provide reliable, high-quality communications. To make sure you end up with efficient, reliable and clear communications, you need to find and solve your cloud telecom issues by checking your firewall for problems. Here is an overview of two common problems and two possible remedies.

Problem #1: NAT

Begin by checking for interference in your Network Address Translation, or NAT. First, here’s a quick overview of the purpose of NAT. As a rule endpoints in a network link to the internet via a central router, which has a specific IP address that your Internet Service Provider, or ISP, has assigned. Each endpoint communicates with the web through that IP address. To keep track where to send data coming back in, your router assigns each device with an internal address. This is called NAT.

NAT is perfect for web searches or getting email, as well as other types of one-way communication. However, when the communication is in real time and involves connections that go both ways, like cloud VoIP or hosted VoIP, problems occur.

The way VoIP works is by establishing communication between caller and receiver by delivering the parameters for the call, like the IP address where the call’s audio should be delivered. The problems come into play because the person called receives the internal IP address of the endpoint placing the call. This is due to the fact that an internal “private” IP address cannot be routed on the “public” internet; by definition it is private.

The result is confusion. The communication is sent back from the other end and it can’t figure out where to go. You know this is happening when the person you call can hear you, but you are unable to hear them. Audio that goes just one way is frustrating for both of you.

Problem #2: ALG

The Application-Level Gateway, or ALG, for cloud VoIP or hosted VoIP is standard on many types of routers. Its purpose is to alter the VoIP packets by reaching into the data being sent, then switching out the private address for your public address. When the other end sends the info back to the public address, the router ships it to the private address. This entire back and forth process is often called “packet mangling.”

Unfortunately most commercial routers use poor implementation at the VoiP protocol level. In addition ALG is helpful on outgoing calls, but not so much for incoming. There’s a reason for that. When the endpoints register with the VoIP proxy, the proxy must send keep-alives to preserve the connection. The keep-alives are sent only when the endpoint is NATed. Therefore VoIP ALG rewrites the request so the proxy is unable to detect the NATing. The result is that the registration is lost.

Another problem with VoIP ALG is its practice of breaking the VoIP signaling. The VoIP ALG found in many commercial routers changes the VoIP headers incorrectly. When the private IP address is switched out with the public one, the router must keep a record of the private IP and port used by the returning communication to direct it correctly. Broken implementations fail to create or maintain a proper record for the two streams of data for a VoIP call, both the signaling and the media. The result is a dropped call or the frustrating one-way audio. Another common error is having the ALG write the incorrect ports into the signals. The returning communication ends up in a location unknown. Again, more frustration for callers.


If your VoIP Service isn’t working, or you have one way audio, it’s almost guaranteed to be ALG-related. The good news is that most Cloud VoIP problems, in fact 99% of them, can be resolved by implementing one of two remedies.

#1. Disable VoIP ALG.  As soon as this is done, most issues simply vanish. First log into the router configuration interface, then deactivate VoIP ALG. This usually consists of a simple toggle switch. If you need more help, check VoIP-Info, which has put together a very thorough list of routers and guides to show you how to disable it step-by-step.

#2. Bypass VoIP ALG.  If you are having trouble disabling ALG, it could be due to the fact that some only check for VoIP signaling on port 5060. You can use this workaround: switch to port 5160 as an alternative port, thereby bypassing the broken VoIP ALG.

cloud telecom, hosted voip, SIP NAT Traversal, VoIP Problems

Get In Touch

If you are ready to stop worrying about your phones - and get seamless communication with your customers and your employees - contact us now.


1411 Falls Ave E, Suite 209
Twin Falls, ID 83301

Tel: 208.735.8999
Email: info@venturetel.net


Twin Falls, Idaho
Boise, Idaho
Houston, Texas
Long Island, New York

*We Serve The Entire US & Canada*


Follow us