It's quite possible that you could be working better. The SIP/ALG setting in a router was designed around "Software" using SIP. Such as the many softphones that a computer can run with a headset. When this is set up in the router, it can conflict with the SIP that the external voip adapter is trying to do.

As for the firewall being disabled, there a couple things to realize. 1) Most people don't use static IP addresses. They use a router that has "NAT". NAT (Network Address Translation) is what is used to allow you numerous private (Internal) IP addresses like 192.168.1.10, and have all these local IP addresses SHARE the Public IP address (The 1 REAL IP address that your internet provider feeds your DSL/Cable modem). NAT by it's own nature is a firewall. Not intentionally, but because an outside person can't get directly to 192.168.1.10 or whatever your PC's IP address. 192.168.1.? is not unique every basic consumer router uses those IP addresses. So to get to your computer, the bad guy has to get to your REAL (Public) IP address, then using ports, get inside. This alone is difficult unless a bad guy is specifically trying to get a specific person's computer.

But, besides the NAT, most operating systems like Windows XP/7, and others have software firewalls built in. Basically, the NAT router knows WHICH 192.168.x.x. equipment is ASKING for an outside internet site. When the response comes in, the router know where to send it. The software firewall on the computer knows what you're asking for. If it knows you asked for cnn.com, then it will ALLOW anything from cnn.com coming in to go to that computer. However, if an inboud packet comes that your computer didn't first request, then the firewall tells you. "Hey dude.... Someone is trying to get in and you didn't invite them. Can they come in? If you don't say yes, then it is blocked. And while windows/OS type firewalls are OK, you can even get better ones like ZoneAlarm or BlackIce. And you can specifically teach the firewall to not let in ANYTHING that you don't approve. Even to the point where other computers on your network need permission.

You normally only get incoming packets because you ASKED for them. I.e. web surfing, download a file, etc... Firewall is going to let them in, because you asked for them. However, some people have servers, play games, etc... that require a lot of inbound traffic that wasn't specifically asked for. Voip is that way to. Voip is special because it basically uses port 5060 or similar for the SIP traffic. No other computer will normally deal with that port. Email has it's own port. etc... The RTP traffic, (That's the traffic with your actual voice conversation on it), can be a number of different ports. That's why VoipO recommends such a large number of ports be opened. They don't use the same ports continuously. It's somewhat random. There's many reasons for this, but one of added benefits it that someone can't lock in on a specific port and stop, copy, etc... your phone calls. But fortunately, there are over 65000 ports PER IP ADDRESS, so if you do set up a server, security camera, or other device that needs to be spoken to from the outside, there's plenty of ports available.

So, the bottom line is that firewalls are indeed important. But I, and most networking people, believe that it's best to firewall what you specifically want to, and not everything. In a decent business IT network, they would never have a combined router/switch/firewall/etc... that you or I bought. e.g. Linksys wireless router from Walmart. They will use their incoming bandwidth and connect it to a dedicated router. That router will feed a switch. There will be some things, like a public website that customers visit that will be on that switch with nothing else. Another spot on that switch will possibly feed their VOIP/Phone system. A third port will feed a "Dedicated" firewall. This firewall now connects to another switch that feeds all of that company's employees computers and such. This stops the outside world from getting to their internal network, but allows the outside world to get to the public website or call them on their phone system. When you do it the proper way, there is NO PORT FORWARDING. Why? Because you BUY separate static IP addresses. There's an IP address just for the VOIP/Phone system. A different IP for the WebSite server. A different IP for the internal network. Then once inside, they use NAT and give all the employees 10.1.1.x (Similar to 192.168.1.10 type addresses); so they can share the one static IP address.

But the common consumer, doesn't want to pay for separate IP addresses for their computers, voip, gaming, etc... So they take the 1 IP address from the ISP and use a combination router/switch/wireless/firewall and make everything go through that. The problem is, you need to know port forwarding, security, firewall, etc... to eliminate conflicts.

So, bottom line. Make your router as basic as possible. No firewall turned on. No ALG turned on. No UPnP turned on. Give your Voip Adapter a static IP address of 192.168.1.x or whatever, so it's the SAME IP address ALL the time. Port forward in the router the ports necessary to that IP address. Then, use LOCAL software firewall, virus protection, etc... on each machine to protect them from outside influences. Hope this helps. Also hope it was explained basic enough. best of luck. Mike....