Disable SIP ALG [Cisco Meraki MX68CW-WW]

Mad_Dog_82
Here to help

Disable SIP ALG [Cisco Meraki MX68CW-WW]

Hi All,

 

A VoIP services provided asked to disable SIP ALG on a firewall (Cisco Meraki MX68CW-WW).

The description of the reported issue with VoIP - intermittent speech issues.

I searched similar threads in Meraki community and found this one. 

https://community.meraki.com/t5/Security-SD-WAN/Does-anyone-know-how-to-disable-SIP-AGL-in-Cisco-Mer...

However, unlike the case in the thread I found in my case PBX is cloud based running in AWS so I believe no port forwarding is required from outside to inside.

As understand SIP ALG is not implemented in Cisco Meraki hence it cannot be enabled\disabled.

In that thread a buggy firmware was mentioned. 

The current version of the device in question is MX 18.211.2.

 

Two questions: 

1. Where I can check the latest available firmware?

2. If it is not a firmware is there anything else I should check on the firewall? 

 

Thanks in advance. 

4 Replies 4
mwiater
Getting noticed

I don't think the MX has a SIP ALG.  However, if your Voice service provider configured your service for TLS, that would ensure that no ALG could possibly impact voice traffic.

 

You might also consider enabling the standard Traffic Shaping rules under SD-Wan & traffic shaping. Be sure to configure your wan bandwidth correctly in the Uplink section, it's important.

DarrenOC
Kind of a big deal
Kind of a big deal

I’ve installed many an MX on voice networks connected to SIP CUBEs and had no issues. As you’ve already stated SIP ALG isn’t your issue here. Your provider is clutching at straws.  What is the problem being reported by the users? Jittery voice, one way audio?

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
Mad_Dog_82
Here to help

Hi All,

 

Thanks for your replies. 

Unfortunately, the VoIp provided hasn't give any specific information regarding the reported issues.

From now, after it was made clear that that SIP ALG is not implemented on Cisco Meraki firewalls and this factor was ruled out the provider will continue investigation on their end.

GIdenJoe
Kind of a big deal
Kind of a big deal

If your voice solution is using regular SIP with regular G711 codec you can even capture and analyse this with wireshark.  You can always perform a packet capture on the LAN side or the WAN side of the MX and then see in the telephony analysis if you are having packet loss or jitter.  You can even playback the audio which is cool.

Get notified when there are additional replies to this discussion.