...
Common signs of SIP ALG NATing issues
Softphone works but physical phones will not register or stay registered. (Firewall is blocking a server IP from the hosted product)
BLF's work intermittently or not at all. (Source Ports are changing too often)
Transferring calls internally end up at the wrong location or a user can't pick up a parked call. (Source ports changing too often)
Rebooting a phone that has lost registration causes another phone to drop. (Duplicate source ports)
Outbound calls fail. (Source port changed during handshake/invite with hosted product)
Inbound calls reach the wrong destination. (Source port changed during handshake/invite with hosted product)
Call quality. Intermittent drops in audio. (Source port changes during the call. (Firewall will correct the change but milliseconds are lost during the process causing call quality issues, network jitter.)
One way or no audio but call is connected. Both intermittently or consistently. (Source port changed during the invite, after a successful handshake)
Phone rings but call can't be picked up. (Source port changed during the invite, after a successful handshake)
And many others!
SIP ALG (Application Level Gateway) is a feature in which the network device (router, access point, or any Layer 2 or Layer 3 device) manipulates the payload section of a SIP Packet to change the Private address to a public IP address. As the phone (or softphone) is not aware of the public address, all payload information would reference the device's Private Address. Network devices with ALG Enabled attempt to "correct" this by opening all SIP packets and manipulating the payload (body) of the packets by replacing private addresses with the public/NAT IP of the edge device and the NAT port. Unfortunately, some devices do not properly manipulate these packets causing them to be invalid or contain incorrect information.
...