Page 3 of 4

Re: Port forwarding with Ooma?

Posted: Sun Dec 13, 2009 7:50 pm
by TonyB
Where has the weekend gone... At least I got the Christmas tree and some lights up :|

Well, after researching this AirPort Extreme router, it seems quite clear that it does NOT support QOS :( So... the fall-back plan of moving the Ooma in place of the router is now moot. I need to make it work in the current configuration. If anyone learns of someone doing this, please let me know. If I know it's possible, I'll keep plugging-away...

If I do get this port forwarding sorted-out [dsl / cable modem -> Ooma hub -> Apple AirPort Extreme], assuming it is doable, I'll most certainly post to let others know...

Re: Port forwarding with Ooma?

Posted: Mon Dec 14, 2009 11:43 am
by Aveamantium
Hi Tony,

I'm responding to your PM here... Anyway, unfortunately my setup is different from yours in that I'm not using DSL and my router is a Linksys WRT54GL running Tomato. Having said that I would be offering up the same advice that murphy is telling you. Seems to be that your router is still not pulling its IP from the Hub or it would be 172.27.35.10. However, if you can't get it to pull this IP and you know that the IP IS 172.27.35.123 then put this number into the Hub's DMZ. This "should" forward all traffic coming into the LAN from the WAN to the router essentially making the Hub invisible (no need to forward ports). The only forwarding you should have to do is at the router (if it works with the Ooma out of the mix then I'm assuming that you have the appropriate ports forwarded here).

Sorry I can't help more!

Re: Port forwarding with Ooma?

Posted: Mon Dec 14, 2009 3:09 pm
by TonyB
Aveamantium, my apologies as I thought you have a set-up like mine. I was so excited... Sorry about that.

That said, thanks for the confirming information and for the idea of putting 172.27.35.123 in the Ooma hub's DMZ. I guess I would need to change the DHCP start and end IP's accordingly?

Again, thanks for coming-over here and reading this thread. Having seen some of your others posts, as you must know, you are real asset to this forum! Murphy, tommies, ifican, others... thank you too. I'll tackle this again after work today...

Re: Port forwarding with Ooma?

Posted: Mon Dec 14, 2009 3:23 pm
by Aveamantium
For grins I'd change the DHCP range like you mentioned and put that IP in the DMZ.

Thank you for the complement! Hope you get it working as you would like!! :D

Re: Port forwarding with Ooma?

Posted: Mon Dec 14, 2009 5:02 pm
by TonyB
The more I look at the AirPort Extreme (router) utility settings, it appears that changes in Ooma Advanced settings did work. This is what I now see, and I didn't do anything since yesterday:

IP Address = 172.27.35.10 (was .123)
Subnet Mask = 255.255.255.0
Router Address = 172.27.35.1

The "Router Address" is that of the Ooma, right? In this set-up, the Ooma is seen as a router... So, I was looking for this router address to change to 172.27.35.10, and it didn't budge, and that's probably why...

Maybe the actual router (AirPort Extreme) address is the one called "IP Address"... Bingo. As a test, in the Ooma settings, I did this:

DHCP Start, End & DMZ = 172.27.35.11

I then did a power cycle of both, and now I get this in the APE utility:

IP Address = 172.27.35.11
Subnet Mask = 255.255.255.0
Router Address = 172.27.35.1

So, "IP Address" is that of the router, not "Router Address", which is the Ooma...

That all said, I'm not certain where this leaves me... I just put those settings within Ooma back to "10", power cycled, and the APE utility is showing the 10 address again for the APE router. I think I need to go back and re-read some posts as this should be working...

The Ooma is the first device in line... It has one rule for port forwarding:

Ports = 85
Type = TCP & UDP
Forwarded To = 172.27.35.10:85

So, it then forwards to the APE router at 172.27.35.10. This device has Port Mapping set-up for TCP and UDP on port 85, and forwards to 10.0.1.6 - the static IP for the DVR, which I can reach locally on the LAN.

The power cycling, as someone said earlier, really is important. If this is indeed possible, I should be mighty close. Thanks.

Re: Port forwarding with Ooma?

Posted: Mon Dec 14, 2009 5:13 pm
by tommies
I'm about to ask you for a screen shot of the APE setting. Now I'm glad that it works out for you. It should be working righ after you reboot all network devices.

Note that ooma does not support NAT loopback, so you need to test it from the outside of your LAN.

Re: Port forwarding with Ooma?

Posted: Mon Dec 14, 2009 5:21 pm
by TonyB
Thanks tommies. Not sure how to do screen shots on a Mac, but I'll do just that in a bit...

I'm on my work laptop now, VPN'd. I should be able test from that, right?

Re: Port forwarding with Ooma?

Posted: Mon Dec 14, 2009 5:29 pm
by dknyinva
My setup is modem -- telo -- router
I'm running an open source linux as a dedicated router. All my firewall rules and port forwarding are being done on my router. If you put the telo in the DMZ, then the traffic associated with each will not interfere with each other. Voice will be handled by telo and data by my router. In the advanced settings on the telo, just put the following information

IP Address (172.27.35.1)
Netmask (255.255.255.0)
DHCP Start/End (172.27.35.2) - your Airport Express will pick up this IP once you cycle the Airport Express
DMZ Address (172.27.35.2)

I have a secure web portal internal and all outside traffic are being routed to the appropriate machine inside my network without any issue.

Good Luck

Re: Port forwarding with Ooma?

Posted: Mon Dec 14, 2009 5:39 pm
by TonyB
Ok, I got a couple screen shots. Not sure how to post, but I'll try....

That was painless... EDIT / ADD - except for you all. Dang, those are big! I'll try to reduce. Not familiar on a Mac just yet..

dknyinva - thanks for sharing your settings. Encouraging.

Re: Port forwarding with Ooma?

Posted: Mon Dec 14, 2009 5:45 pm
by Aveamantium
Looks like you're getting there! :D However, when you have the Router in the DMZ of the Hub there should be NO reason to forward ports. DMZ will pass ALL traffic to the IP of the router so forwarding ports is redundant. The only reason to forward ports through a firewall is to continue to utilize the firewall while allowing some traffic to get through. An example would be if you're running a mail server but you don't want all ports exposed; in this scenario you'd want to forward TCP Port 25 to the IP of the mail server and the firewall will continue to block the remaining ports. Make sense?