ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    One Way Audio Issues and STUN

    Scheduled Pinned Locked Moved IT Discussion
    43 Posts 5 Posters 3.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • scottalanmillerS
      scottalanmiller @JaredBusch
      last edited by

      @jaredbusch said in One Way Audio Issues and STUN:

      The problem with ALG is that, if I understand how it was originally designed, it is basically a MitM on SIP traffic.

      That's my understanding of it, and how it is implemented. Had no idea there was a standard for that mess.

      1 Reply Last reply Reply Quote 0
      • S
        scotth
        last edited by

        I've never turned on ALG. I caught this because I have a catchall proxy at the end of my policies for outgoing TCP/UDP/DNS that might have slipped through my other policies. It makes sure that everything is scanned and IPS hopefully catches what I may have missed.

        scottalanmillerS 1 Reply Last reply Reply Quote 0
        • S
          scotth
          last edited by scotth

          I don't like the stock, out of the box -- Allow All to Any
          Edit: Outgoing: Allow All to Any

          1 Reply Last reply Reply Quote 0
          • scottalanmillerS
            scottalanmiller @scotth
            last edited by

            @scotth said in One Way Audio Issues and STUN:

            I've never turned on ALG.

            On by default, have to manually turn it off.

            S 1 Reply Last reply Reply Quote 0
            • S
              scotth @scottalanmiller
              last edited by

              @scottalanmiller said in One Way Audio Issues and STUN:

              @scotth said in One Way Audio Issues and STUN:

              I've never turned on ALG.

              On by default, have to manually turn it off.

              Not in the Watchguards that I use

              scottalanmillerS 1 Reply Last reply Reply Quote 0
              • scottalanmillerS
                scottalanmiller @scotth
                last edited by

                @scotth said in One Way Audio Issues and STUN:

                @scottalanmiller said in One Way Audio Issues and STUN:

                @scotth said in One Way Audio Issues and STUN:

                I've never turned on ALG.

                On by default, have to manually turn it off.

                Not in the Watchguards that I use

                We're discussing Ubiquiti here. That's what the OP is using.

                1 Reply Last reply Reply Quote 0
                • S
                  scotth
                  last edited by

                  Apologies

                  scottalanmillerS 1 Reply Last reply Reply Quote 0
                  • scottalanmillerS
                    scottalanmiller @scotth
                    last edited by

                    @scotth said in One Way Audio Issues and STUN:

                    Apologies

                    Although nice that WG doesn't turn it on by default, most systems do. Such a bad idea.

                    S 1 Reply Last reply Reply Quote 0
                    • S
                      scotth @scottalanmiller
                      last edited by

                      @scottalanmiller said in One Way Audio Issues and STUN:

                      @scotth said in One Way Audio Issues and STUN:

                      Apologies

                      Although nice that WG doesn't turn it on by default, most systems do. Such a bad idea.

                      I'd have to dig, but I'm fairly sure that I saw a notification in one of the release notes for an update that it was to be left off unless you had a VOIP / SIP vendor who specifically required it.

                      K 1 Reply Last reply Reply Quote 0
                      • K
                        krisleslie @scotth
                        last edited by

                        @scotth very few if any tell you to turn it on. I could see maybe a scenario if the SIP provider provided you the equipment then sure if they want it turned on cool, since they may have certified it. But in general it I think the problem is whatever ALG is doing messes up with the firewall and I think basically the traffic is getting probed and flagged!

                        K 1 Reply Last reply Reply Quote 1
                        • K
                          krisleslie @krisleslie
                          last edited by

                          I want to go find the programmer who created ALG and throw him in a cage of lions!
                          #frustrated!

                          1 Reply Last reply Reply Quote 2
                          • 1
                          • 2
                          • 3
                          • 3 / 3
                          • First post
                            Last post