How to disable SIP ALG on Prisma SD-WAN

How to disable SIP ALG on Prisma SD-WAN

1159
Created On 11/15/21 22:40 PM - Last Modified 12/04/25 00:34 AM


Objective


To disable SIP ALG on Prisma SD-WAN devices

Environment


  • Prisma SD-WAN
  • ION Devices

Procedure


Steps to disable SIP ALG:

 

  1. Go to Policies - Stacked Policies - NAT - NAT sets
  2. Add Disable SIP ALG Set and rule as below:
    1. Destination Zone Rules
    2. Name - Disable SIP ALG
    3. NAT Zone - Internet
    4. SRC PREFIX - None
    5. DEST PREFIX - None
    6. SRC PORTS/DEST PORTS/PROT - None
    7. Actions - ALG Disable
    8. ALG Protocol to Disable  - SIP
       
User-added image

The next step would be to insert the set into the NAT policy stack before the Default-NATPolicySet Default-NATPolicySet:

 

  1. Go to Policies - Stacked Policies - NAT - NAT Stacks and insert it into Testing NAT stack:
    1. Disable SIP ALG as Policy SET 1
    2. Default-NATPolicySet - Policy SET 2
    3. Click - Save.


User-added image


The last step would be to apply the NAT stack to the site.

  1. Go to Policies - Stacked Policies - search for the site name and apply NAT stack.
  2. Click - Save(stack is applied). 

    User-added image

This will affect only the sip traffic passing the device and shouldn't cause any interruption for other traffic passing that site/device.

 
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000004ML0CAM&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language