For FortiGate with FortiOS >= 5.2.
- Log in to your FortiGate as administrator
- Connect to the CLI Console and enter the following commands
Remove the SIP Session Helper
show system session-helper
Search for the rule with port 5060 (normally it is the rule number 13) and remove it with the following commands.
config system session-helper
delete 13
end
Set the SIP ALG mode
Has to be done for each VDOM.
config system settings
set sip-tcp-port 9999
set sip-udp-port 9999
set default-voip-alg-mode kernel-helper-based
end
Deactivate the SIP ALG
Has to be done for each VDOM.
config voip profile
edit default
config sip
set status disable
set rtp disable
set strict-register disable
end
end
Don’t forget to reboot your firewall or to clear the sessions!