NAT Slipstreaming attack

NAT Slipstreaming allows an attacker to remotely access any TCP/UDP service bound to a victim machine, bypassing the victim’s NAT/firewall just by the victim visiting a website.

You should disable SIP ALG to protect your environment from this attack.

A security researcher, Samy Kamkar, has updated a technique he devised a decade ago to create a browser-based attack that tricks NAT devices and firewalls to provide remote access to hidden internal network services.

Assuming you don’t need it (e.g. for VoIP phones), disable ALG to protect your environment from this attack.

Should I reconfigure my Peplink routers?

At the moment it is not clear if Peplink routers have an inbuilt mechanism to protect LAN clients from this attack.


Peplink supports SIP ALG (Application Layer Gateway) across the entire product family; this feature is enabled by default.

If you want to disable SIP ALG (and you should if you do not need it) , you can select the Compatibility Mode under Network > Service Passthrough Support > SIP in Balance Web Admin.

SIP ALG is disabled in compatibility mode, enabled in standard mode

Do I need  SIP ALG?

SIP ALG was built as a tool when Hosted PBX’s didn’t have a solution to handle NAT traffic.
To this day, some hosted PBX’s still do not handle NAT traffic properly.
SIP ALG solved problems with NAT traffic by inspecting SIP messages and transforming the Private IP addresses and Ports to Public Addresses and Ports.

IF PBX’s do not handle NAT traffic properly you might encounter issues like:

  • One-way or No audio, intermittently or consistently.
  • Outbound or Inbound Call Fails to Connect.
  • Audio cuts out completely while on a call and doesn’t return.

For more information read Samy Kamkar’s Twitter post:

Peplink Ninja
Peplink Ninja is an independent Peplink news aggregation and commentary site, providing access to all the latest Peplink & Pepwave company, partner and product news.

More from author

Related posts


Latest posts

Peplink Cellular Routers Fulfill Connectivity Criteria for MSPs

In the realm of selecting vendor solutions, MSPs and end users diverge in their criteria, with MSPs catering to a broader spectrum...

Peplink’s 5G Routers Transforming Smart Warehouses with Indoor 5G

Leveraging 5G routers for indoor 5G connectivity is the cornerstone of creating smart warehouses, playing a pivotal role in the success of...

Top Choice for 5G Routers in Security Systems: Peplinks Indoor 5G Solution

Selecting the right 5G router for security systems is now a complex endeavor, driven by elevated expectations for video security and access...

Want to stay up to date with the latest Peplink news?

Get all the very latest news and regular Peplink SDWAN updates.