Ooma Forums

I have my ooma hub behind my router and would like to see a way to login to see the setup.ooma.com status page without hooking up a laptop. More of a want than a need, but it would still be nice to be able to do this.

I agree it would be nice. However there are undoubtedly tremendous security issues. My guess is for Ooma it's much safer to keep things as they are.

If someone configured an Ooma hub for LAN access behind a router and then moved it in front of the router, almost anyone on internet could have access to the hub.

My guess is it's a matter of safety for all or convenience for some.

gregg098 wrote:I have my ooma hub behind my router and would like to see a way to login to see the setup.ooma.com status page without hooking up a laptop. More of a want than a need, but it would still be nice to be able to do this.

This is exactly the same as the setup that I have. And, here is how I access my Ooma hub through the WAN port:

a) I setup my router to give the same IP address to the Ooma each time the hub sents a DHCP request. In my case, the router is 192.168.1.1, and the Ooma hub is 192.168.1.4 - most routers have this capability, as long as you have the MAC address for the Ooma's WAN interface.

b) Now, the LAN IP address of the Ooma is always 172.27.35.1, and it's WAN IP address is 192.168.1.4

c) I setup a static route on my router, such that for the destination 172.27.35.1, the gateway is 192.168.1.4 - in other words, the Ooma's WAN interface is the gateway for the Ooma's LAN interface.

d) I connected once to the Ooma through the LAN interface, and set the IP address 172.27.35.1 in the Ooma hub's DMZ.

That's it - you should be able to connect to your Ooma hub using either 172.27.35.1 or 192.168.1.4 - if you have a Linux or Mac computer, you can edit /etc/hosts, to map "setup.ooma.com" to either one of those two addresses. I'm sure this mapping is also possible with Windows - I just don't know how to do it, never having used Windows.

Hope this helps,
DG

Pandora wrote:I agree it would be nice. However there are undoubtedly tremendous security issues. My guess is for Ooma it's much safer to keep things as they are.

If someone configured an Ooma hub for LAN access behind a router and then moved it in front of the router, almost anyone on internet could have access to the hub.

My guess is it's a matter of safety for all or convenience for some.

Ooma's configuration is sufficiently flexible to permit this. The default setting is to not permit WAN access to TCP port 80, bound to the LAN interface. But it can be modified - simply by placing the LAN IP in the DMZ of the Ooma hub.

DG

daet wrote: That's it - you should be able to connect to your Ooma hub using either 172.27.35.1 or 192.168.1.4 - if you have a Linux or Mac computer, you can edit /etc/hosts, to map "setup.ooma.com" to either one of those two addresses. I'm sure this mapping is also possible with Windows - I just don't know how to do it, never having used Windows.

There is a hosts file in C:\WINDOWS\system32\drivers\etc folder. I assume it's the same.

daet wrote:

gregg098 wrote:...here is how I access my Ooma hub through the WAN port...

d) I connected once to the Ooma through the LAN interface, and set the IP address 172.27.35.1 in the Ooma hub's DMZ.

I followed all the same steps, including putting 172.27.35.1 for the DMZ. If ping that IP from my PC, I get 100% replies in 1ms. Yet the browser doesn't show the page regardless of whether I use 172.27.35.1 or the 192.168.1.x address. It just times out.

What could I be doing wrong? I'd like easy access to the QoS upload bandwidth to experiment with different settings and also because I have both DSL and cable, and they have wildly different uplink speeds. (448k vs 2500k)

I set the DMZ to be 172.27.35.1 on one of my Ooma hubs.

Without doing anything to the router, when I enter the LAN address of my Ooma hub, I get the status screen.

This is fantastic!

Thanks!!!

Note to all, this is a trick to try ONLY if your hub is behind your NAT router or other firewall. If your hub sits between the modem and router this could create a serious security concern.

A second warning to all, this trick permits telnet access to the Ooma hub from the WAN port. It is extremely dangerous to enable this on a hub which is not behind a router or firewall.

Pandora wrote: Note to all, this is a trick to try ONLY if your hub is behind your NAT router or other firewall. If your hub sits between the modem and router this could create a serious security concern.

A second warning to all, this trick permits telnet access to the Ooma hub from the WAN port. It is extremely dangerous to enable this on a hub which is not behind a router or firewall.

Yup. In fact, this part of your post should be in red and bold .....

DG

Very useful.. good work guys! I need to try that this weekend

i'd like somebody to clarify what LAN and WAN map to as far as the ports on the back of the hub - because to me (WAN = "modem") they've been mixed up in the post above the directs a user how to do this.