Ooma Forums

Suggestion: Seems like Ooma NEEDS an online firewall test to verify for blocked ports.
http://ooma.custhelp.com/app/answers/de ... /related/1
Service Ports
Ooma uses the following application ports for outbound data and voice traffic:
UDP 53, UDP 123, UDP 514, UDP 1194,UDP 3386, UDP 3480, UDP 10000-20000, TCP 53 and TCP 443.

If Ooma "Customer Support" had a firewall port testing tool, they could satisfy more customers with useful information. Instead of making customers "jump through hoops" of trial-and-error. Doing boot, speed, ping, jitter boot EVERY time you call does not help if you have a firewall problem.

I did not know that my modem contained a firewall that could block ports that were important to Ooma. Maybe I am not the only person of ignorance who could have been helped. I still do not KNOW that that is causing my dependability problems, but nobody else knows either.
Dan

If a home-use modem|router is blocking any ports, it's going to be INCOMing ports. A home-use router is extremely unlikely to block OUTGOing requests.

Since no server at ooma.com is calling yourOoma device, and since your Telo (or Hub) initiates all communications up to ooma.com, there's really no port-blocking bogeyman to get alarmed about. Your Ooma device polls HQ, not the other way around, and it ain't being blocked.

Incoming port blocks are IGNORED, IF and ONLY IF the traffic is IN ANSWER TO an outgoing request.

ntoy wrote:Hello,

Is the play button still flashing orange on your telo? Ooma is behind a router? Any firewall enabled or port blocking?

danlisman wrote:

ntoy wrote:

danlisman wrote:When my wife got home tonight, she said she had called 20 minutes earlier and the phone rang and rang and rang. Her cell phone shows that she made the call just as she said and did not have a wrong number. The home phones did not ring and home caller ID did not register any incoming calls for today. Ooma Telo has all lights blue. I check Ooma caller log and it shows I had 3 MISSED calls today. My wife and 2 others. My phones never rang. Of course I did a cold boot on everything and it works now. Taking care of Telo is worse than a babysitting job. I missed 100 percent of my calls today.

Hello,

Is your Ooma behind a router? May want to check to see if your router has any firewall enabled or port blocking.

If firewall port blocking isn't a possible Ooma problem, why Ooma Moderator Norm Toy bring it up as a possible problem in two of his recent posts?

Because there are a very few home class routers and all commercial routers (ie big bucks) that do block outgoing ports. In those cases the outgoing ports have to be opened.

Information only:

I was helping someone with a 2 Wire Rig setup today, and when reading the User Guide, I noticed that the 2 wire Modem/Router has Inbound and Outbound Port Blocking. See bottom of page.

Copy:
2Wire Gateway
User Guide

Firewall Features
The 2Wire gateway has a professional-grade firewall to help prevent unauthorized users from accessing your local network. The 2Wire gateway firewall includes the following features:
Stateful packet inspection. Blocks common Denial of Service attacks (such as SYN/FIN flooding or Smurf), and detects and logs TCP and UDP port scans.
Stateless packet inspection. Filters specific NetBios traffic, suspicious packets and IP fragments; blocks packets sent from the private network to the Internet that have spoofed IP addresses.
Network Address Translation (NAT). Translates a local network’s IP address to an external address maintained by the 2Wire gateway, effectively “hiding” the existence of a home network to the Internet. The 2Wire gateway then uses this external address to communicate with the Internet on behalf of devices connected to the local network.
Port Address Translation (PAT). A function provided by some routers which allows hosts on a LAN to communicate with the rest of a network (such as the Internet) without revealing their own private IP address. All outbound packets have their IP address translated to the router’s external IP address. Replies come back to the router, which then translates them back into the private IP address of the original host for final delivery. During PAT, each computer on the LAN is translated to the same IP address, but with a different port number assignment.
Inbound and outbound port blocking. Blocks common inbound and outbound protocol types from passing information to or receiving information from the Internet.

Here's a nifty little tool that you can check ports with.

portforward.com/help/portcheck.htm

Anyone know how you could check ooma on a router with this?

highq wrote:If a home-use modem|router is blocking any ports, it's going to be INCOMing ports. A home-use router is extremely unlikely to block OUTGOing requests.

Since no server at ooma.com is calling yourOoma device, and since your Telo (or Hub) initiates all communications up to ooma.com, there's really no port-blocking bogeyman to get alarmed about. Your Ooma device polls HQ, not the other way around, and it ain't being blocked.

Incoming port blocks are IGNORED, IF and ONLY IF the traffic is IN ANSWER TO an outgoing request.

If no server at ooma.com is contacting my Telo, do you know why the Telo responds to an ICMP echo (ping)? A ping scan is one of the first things an attacker will use to find network resources for possible hacking. Do you know how to disable ping responses when using the recommended setup of modem --> ooma --> router?

How are you detecting the incoming ping and to what address is it being sent? And who sent it?

The hub and the Telo both respond to external ping requests.
This is one more reason why my hub and Telo are behind my router instead of in front of it.

I executed the ping from a laptop; the ping was directed towards the IP address of the Telo port conncted to my modem. I would like to disable ping responses from the Telo. If I put my Telo behind the router, do any inbound ports need to be opened?

Thanks.