Differences

This shows you the differences between two versions of the page.

--- routersthatshouldnotbeused [2022/06/01 17:54] – jim
+++ routersthatshouldnotbeused [2024/07/17 14:55] (current) – jim
@@ Line 3: / Line 3: @@
 ====Routers That Should Not Be Used====
+**Most Cellular Modems and Modem routers will not work!!!!**\\
+For //**Business Class T-Mobile**// subscribers, we have confirmed that using an Inseego FX3100 router will allow service to work over Cellular.\\
+//T-Mobile's regular router that they give out WILL NOT work.//
+\\
+\\
+**Mesh Routers -** Mesh routers are great for lots of things, but VOIP is absolutely not one of them.  Mesh systems MUST be used in Access Point Mode with a traditional router or they will not work.
 **Comcast home version with wireless -** have them change to Comcast business version. The home version with wireless gets used by Comcast to also support their open Wi-Fi network (Hotspot) and this can lead to overutilization and voice quality issues. It is reported that it can be disabled, instructions are here [[http://bgr.com/2014/06/11/how-to-disable-comcast-xfinity-wi-fi-hotspot/]].    If this does not work then a call to Comcast customer service is needed.
+**Comcast CBR-T Modem Router -** This unit will not work out of the box and will not work as a DHCP router.  In order to use this device, Comcast must place the unit in IP Pass-through mode, and disable:\\
+(sp)(sp)(sp)1. Firewalls\\
+(sp)(sp)(sp)2. WiFi Antennas\\
+(sp)(sp)(sp)3. DHCP\\
 **Motorola SBG-650 -** (used by Time Warner). The problem with this one is that under high load, it starts buffering (or even freezing) packet output and it doesn't seem to be a way to set QOS to still allow RTP so it will end up with voice quality issues.
@@ Line 17: / Line 29: @@
 **Verizon FiOS G3100  -** SIP ALG is enabled by default and Verizon/Frontier has not provided a method for the end-user to disable SIP ALG. Needs to be configured to a set of efficient DNS servers in order to prevent issues with registration on Polycom phones.  There is no suitable replacement provided by Verizon. Alternative solutions include installing a third-party router or configuring the phone using TCP as the transport type for the Outbound Proxy.
-***Routers With SIP ALG On By Default***
+**Routers With SIP ALG On By Default**
-    Motorola - SBG6580- (SurfBoard Extreme Wireless Cable Modem Gateway)
+**Motorola - SBG6580 -** (SurfBoard Extreme Wireless Cable Modem Gateway)
-        No Registration possible behind NAT as the device changes Call-ID and causes the responses to be discarded by SIP clients/ATAs
+No Registration possible behind NAT as the device changes Call-ID and causes the responses to be discarded by SIP clients/ATAs
-        No Solution at this time (SIP ALG, called SIP Pass-Through, can not be disabled).
+No Solution at this time (SIP ALG, called SIP Pass-Through, can not be disabled).
-        Must disable NAT and put the device in bridge mode (check Motorola website for guide).
+Must disable NAT and put the device in bridge mode (check Motorola website for guide).
-    SpeedTouch - ST560 v6 (firmware >= 5.4.0.13 comes with SIP ALG enabled by default.) NAT type: symmetrical
-        Issues:
+**SpeedTouch - ST560 v6 -** (firmware >= 5.4.0.13 comes with SIP ALG enabled by default.) NAT type: symmetrical
-            No incoming calls.
+Issues:
-            It replaces the private IP appearing in SIP headers with the public IP using a dumb text replacement. If for example, the private IP appears in the "Call-ID" it replaces it too (that it's completely unnecessary).
+No incoming calls.
-        To disable SIP ALG:
+It replaces the private IP appearing in SIP headers with the public IP using a dumb text replacement. If for example, the private IP appears in the "Call-ID" it replaces it, too (that is completely unnecessary).\\
-            ~# telnet router
+To disable SIP ALG:\\
-            -> connection unbind application=SIP port=5060
+~# telnet router\\
-            -> saveall
+-> connection unbind application=SIP port=5060\\
-    Zyxel - 660 family comes with SIP ALG enabled by default. NAT type: symmetrical
+-> saveall\\
-        Issues:
-            No incoming calls.
+**Zyxel - 660 family -** comes with SIP ALG enabled by default. NAT type: symmetrical
-            SIP protocol is broken making 50% of outgoing calls impossible because the wrong values are inserted into SIP headers.
+Issues:
-        To disable SIP ALG:
+No incoming calls.
-            ~# telnet router
+SIP protocol is broken making 50% of outgoing calls impossible because the wrong values are inserted into SIP headers.
-            Menu option "24. System Maintenance".
+To disable SIP ALG:\\
-            Menu option "8. Command Interpreter Mode".
+~# telnet router\\
-            ip nat service sip active 0
+Menu option "24. System Maintenance."\\
-    Netgear - WGR614v9 Wireless-G Router, DGN2000 Wireless-N ADSL2+ Modem Router
+Menu option "8. Command Interpreter Mode."\\
-        Firmware V1.0.18_8.0.9NA
+ip nat service sip active 0\\
-        To disable SIP ALG: From Wan Setup Menu, NAT Filtering, uncheck the box next to "Disable SIP ALG"
-    SMC - ToDo- NAT type: No symmetrical
+**Netgear - WGR614v9 Wireless-G Router, DGN2000 Wireless-N ADSL2+ Modem Router**
-        Issues:
+Firmware V1.0.18_8.0.9NA
-            The ALG doesn't replace the private address in "Call-ID" header (that is correct) but it does replace the "call-id" value in "Refer-To" header so SIP transfer is broken.
+To disable SIP ALG: From Wan Setup Menu, NAT Filtering, uncheck the box next to "Disable SIP ALG"
-        To disable SIP ALG: ToDo no ALG related options found via web and telnet. No idea of how to disable it.
-    Linksys - WRV200, WRT610N. NAT type: Symmetrical
+**SMC -** ToDo- NAT type: No symmetrical
-        Issues:
+Issues:
-            The ALG replaces the private address in "Call-ID" header (not needed at all). Some phones (as Linksys with the latest firmware) encode the "Call-ID" value in the "Refer-To" header (by escaping the dots) so the private IP appearing there is not replaced with the public IP. This causes that the call transfer fails since the proxy/PBX/endpoint will not recognize the dialog info.
+The ALG doesn't replace the private address in "Call-ID" header (that is correct) but it does replace the "call-id" value in "Refer-To" header so SIP transfer is broken.
-        To disable SIP ALG on WRV200; no ALG related options found via web and telnet. No idea of how to disable it.
+To disable SIP ALG: No idea of how to disable it.
-        To disable SIP ALG on WRT610N: Web Interface: Administration, Management, underside heading 'Advanced Features' SIP ALG, can be disabled.
-    Fortinet -All models come with SIP Helper enabled by default
+**Linksys - WRV200, WRT610N -** NAT type: Symmetrical
-        To disable SIP helper (v6.2 and up):
+Issues:
-            config system settings
+The ALG replaces the private address in "Call-ID" header (not needed at all). Some phones (as Linksys with the latest firmware) encode the "Call-ID" value in the "Refer-To" header (by escaping the dots) so the private IP appearing there is not replaced with the public IP. This causes that the call transfer fails since the proxy/PBX/endpoint will not recognize the dialog info.
-            set default-voip-alg-mode kernel-helper based
+To disable SIP ALG on WRV200; no ALG related options found via web and telnet. No idea of how to disable it.
-            end
+To disable SIP ALG on WRT610N: Web Interface: Administration, Management, underside heading 'Advanced Features' SIP ALG, can be disabled.
-            config system session-helper
-            delete 13
+**Fortinet -** All models come with SIP Helper enabled by default
-            end
+To disable SIP helper (v6.2 and up):\\
-            NOTE: The section below clears any currently active sessions, if you’re applying the new settings live it prevents needing to reboot
+config system settings\\
-            di sys session filter dport 5060
+set default-voip-alg-mode kernel-helper based\\
-            di sys session clear
+end\\
-            di sys session filter clear
+config system session-helper\\
-            di sys session filter sport 5060
+delete 13\\
-            di sys session clear
+end\\
-        To disable SIP helper (lower than v6.2):
+NOTE: The section below clears any currently active sessions, if you’re applying the new settings live it prevents needing to reboot\\
-            ~# telnet firewall
+di sys session filter dport 5060\\
-            config system settings
+di sys session clear\\
-            set sip-helper disable
+di sys session filter clear\\
-            set sip-nat-trace disable
+di sys session filter sport 5060\\
-            end
+di sys session clear\\
-            config system session-helper
-            show <---- use this to find out which entry is configured for typically 12 or 13
+To disable SIP helper (lower than v6.2):\\
-            delete 12
+~# telnet firewall\\
-            end
+config system settings\\
-        For SIP Trunks
+set sip-helper disable\\
-            If using Virtual IPs under objects make sure to turn OFF NAT within each IPv4 rule for VoIP. If not using Virtual IPs under objects make sure to turn ON NAT under each IPv4 rule for VoIP.
+set sip-nat-trace disable\\
-            The preferred solution is to configure the SIP ALG. Policies that use the SIP ALG will not use SIP helper. Full documentation at http://docs.fortinet.com then pick FortiOS for the version on your device, then VoIP solutions: SIP.
+end\\
-    Cisco - 800 series - To disable the NAT services for SIP in IOS, just run these commands:
+config system session-helper\\
-        no ip nat service sip tcp port 5060
+show <---- use this to find out which entry is configured for typically 12 or 13\\
-        no ip nat service sip udp port 5060
+delete 12\\
-    Juniper/Netscreen - SSG Series To disable SIP ALG:
+end\\
-        In the Web interface: Security -> ALG
-    Asus RT-AC66U- with their most current firmware enables their SIP ALG by default. THERE IS NO GUI OPTION TO DISABLE IT.
+For SIP Trunks\\
-        To disable the SIP ALG manually, you enable telnet to the device via the WWW interface
+If using Virtual IPs under objects make sure to turn OFF NAT within each IPv4 rule for VoIP. If not using Virtual IPs under objects make sure to turn ON NAT under each IPv4 rule for VoIP.\\
-            Telnet to the device (from a command line enter "telent 192.168.1.1" or the appropriate IP address for the device.)
+The preferred solution is to configure the SIP ALG. Policies that use the SIP ALG will not use SIP helper.\\
-            Issue the following commands:
+Full documentation at [[http://docs.fortinet.com]] then pick FortiOS for the version on your device, then VoIP solutions: SIP.\\
-            nvram get nf_sip
-            (It should return a "1")
+**Cisco - 800 series -**
-            nvram set nf_sip=0
+To disable the NAT services for SIP in IOS, just run these commands:
-            nvram commit
+no ip nat service sip tcp port 5060
-            Reboot
+no ip nat service sip udp port 5060
-            Then reboot the router for the changes to take effect.
-        Under firmware 3.0.0.4.374_257 SIP ALG is located in (via the web interface):
+**Juniper/Netscreen - SSG Series -**
-            Log into the router's web interface.
+To disable SIP ALG:
-            Go to Advanced Settings / WAN on left side.
+In the Web interface: Security -> ALG
-            From the tabs across the top, choose NAT Pass through.
-            Change SIP pass through to "Disable." Hit apply.
+**Asus RT-AC66U -** with their most current firmware enables their SIP ALG by default.
-        For phones to pick up the change immediately, reboot each of them, otherwise, they will pick up the new NAT table with changes during their next registration.
+THERE IS NO GUI OPTION TO DISABLE IT.
-    Comcast DPC3939B - has ALG pre-installed and cannot be turned off.
+To disable the SIP ALG manually, you enable telnet to the device via the WWW interface
-    Comcast Netgear Gateway Model CG3000 DCR -  will not allow customers to disable SIP ALG. The only true way to work around this is to place the CG3000 into bridge mode and then place a router/firewall behind it. *(note, we have seen sites that made this change and still encountered issues, the suspicion is that it does not function in a true bridge mode. Some sites had to replace with a regular modem.)
+Telnet to the device (from a command line enter "telent 192.168.1.1" or the appropriate IP address for the device.)
-    Arris TG862G and TG862G-CT- SIP ALG is enabled and no way to disable it. These are often used by Comcast as a Gateway.
+Issue the following commands:\\
-        Bright house default password is "motorola"
+nvram get nf_sip\\
-    AT&T Uverse Arris NVG589 - SIP ALG is enabled by default and cannot be disabled. By default it will not support hosted phones, AT&T may be able to open port 5060 for SIP traffic but it is reported to us it is not possible for user-level admin to do so.
+(It should return a "1")\\
-    ACTIONTEC model GT784WNV - Frequently used by Verizon. The manual states that ALG is assigned automatically and there is no mention of a way to disable.
+nvram set nf_sip=0 \\
-    Verizon FiOS G1100 & G3100 - This modem has SIP ALG enabled by default and Verizon has not provided a method to disable this feature. Verizon has also not released if it can be disabled by Verizon itself. The best recommendation at this time is not to use this modem. White page link  https://hosting.intermedia.net/support/kb/default.asp?id=3343
+nvram commit\\
+Reboot\\
+Then reboot the router for the changes to take effect.\\
+Under firmware 3.0.0.4.374_257 SIP ALG is located in (via the web interface):\\
+Log into the router's web interface.\\
+Go to Advanced Settings / WAN on left side.\\
+From the tabs across the top, choose NAT Pass through.\\
+Change SIP pass through to "Disable." Hit apply.\\
+For phones to pick up the change immediately, reboot each of them, otherwise they will pick up the new NAT table with changes during their next registration.
+**Comcast DPC3939B -** has ALG pre-installed and cannot be turned off.
+**Comcast Netgear Gateway Model CG3000 DCR -**  will not allow customers to disable SIP ALG. The only true way to work around this is to place the CG3000 into bridge mode and then place a router/firewall behind it. *(note - this change does not always work and we suspect is that it does not function in a true bridge mode.)
+**Arris TG862G and TG862G-CT -** SIP ALG is enabled and no way to disable it. These are often used by Comcast as a Gateway.
+Bright house default password is "motorola"
+**AT&T Uverse Arris NVG589 -** SIP ALG is enabled by default and cannot be disabled. By default it will not support hosted phones, AT&T may be able to open port 5060 for SIP traffic but it is reported to us it is not possible for user-level admin to do so.
+**ACTIONTEC model GT784WNV -** (Used by Verizon). The manual states that ALG is assigned automatically and there is no mention of a way to disable.
+**Verizon FiOS G1100 & G3100 -** This modem has SIP ALG enabled by default and Verizon has not provided a method to disable this feature. Verizon has also not released if it can be disabled by Verizon itself. The best recommendation at this time is not to use this modem. White page link  [[https://hosting.intermedia.net/support/kb/default.asp?id=3343]].
+originally published by: [[https://voipdocs.io/en/articles/246-routers-with-known-issues]]