How to put ooma into DMZ?

Need extra help installing your Ooma Hub or Telo system? Let us know.
trim81
Posts:262
Joined:Thu Jul 31, 2008 9:14 pm
Re: How to put ooma into DMZ?

Post by trim81 » Fri Feb 13, 2009 9:48 pm

dknyinva wrote:I tried your method to a "T" and still unable to connect to my secure internal web portal. I had a friend tested and still no go.

Thanks
Then you are doing something wrong.

niknak
Posts:885
Joined:Tue Jan 27, 2009 7:53 pm
Location:Staten Island, NY

Re: How to put ooma into DMZ?

Post by niknak » Wed Feb 18, 2009 7:44 pm

dknyinva wrote:
Achilleus wrote:Well, FWIW, I called ooma and asked about the remote access to servers, and they said there is no way to do this unless you plug the ooma into the router, and not have it between the modem and router. My adviser was quite adamant about this.

Not ideal, but I can see my servers from outside now.
Do you have your ooma behind your router or between your router and modem?

Ooma works If I put it between my modem and router, but then I can't connect to my internal web portal.

Ooma does not work If I put ooma behind my router, but then I can connect to my web portal.
Ooma will work behind your router but you must go into Ooma's setup and change the Ooma's IP address /subnet mask to an address within your router's pool of addresses. In other words give the ooma a static ip address within your network's range of addresses

snuggles
Posts:9
Joined:Tue Feb 17, 2009 7:20 am

Re: How to put ooma into DMZ?

Post by snuggles » Tue Feb 24, 2009 4:03 am

I followed trim81's advice and for the most part it worked. Since adding
OpenDNS (208.67.222.222, 208.67.220.220) to my linksys router as main DNS when I go to the http://setup.ooma.com I get an openDND search page. How do I get around this?

I'm also trying to figure the best way to update my dyndns account since
the ooma hub is in front of my switch.

Any help will be appreciated,

trim81
Posts:262
Joined:Thu Jul 31, 2008 9:14 pm

Re: How to put ooma into DMZ?

Post by trim81 » Tue Feb 24, 2009 4:20 am

Once you place your router on DMZ mode you can no longer access the Ooma setup page..

Reason being is that your LAN is now on a seperate subnet.

Only way to again access the Ooma setup page is to direct connect your Ooma hub, bypassing the router.

This shouldn't be an issue anyway, as I do not see a need to mess with the Ooma setup once you are properly configured

inrame
Posts:354
Joined:Mon Feb 09, 2009 5:58 am
Location:Mouse-House, Florida

Re: How to put ooma into DMZ?

Post by inrame » Tue Feb 24, 2009 8:51 am

can you get to it by using the ip of the ooma hub? ie, 172.35.27.1

BCNeuman
Posts:9
Joined:Mon Feb 23, 2009 9:53 am
Location:Los Angeles
Contact:

Re: How to put ooma into DMZ?

Post by BCNeuman » Tue Feb 24, 2009 10:38 pm

You can avoid placing your router in the DMZ yet still enable port forwarding by assigning the router a static IP address and then setting up port forwarding to the static address for all ports other than the range of ports used for the Ooma hub itself (if you assign a large range, you will get an error message telling you which ports you can't forward - and then assign around them).

If you do this, you will still be able to access the Ooma setup page from behind your router, and you will be able to access servers behind your router from the outside (assuming you had already set up port forwarding on your router - which I presume was set up in your pre-ooma configuration).

Note that you are loosing the firewall functionality of the Ooma hub in this configuration, but if the only device behind the hub is the router and you already have it set up as a firewall, this is no major loss.

What still does not work in this configuration, however, will be dyndns, which your router will still try to set as the private address behind the Ooma hub.

What would be nice (I guess for future versions of Ooma) would be if it allowed it to be configured NOT to be its own NAT firewall. i.e. it would provide a single address on the inside when queried by DHCP - i.e the same address that it received from your ISP on the outside. This would effectively pass the ISP assigned address through so that it would be visible to the router - which would then know the correct external address to use when calling up to dyndns. This would only work in the most common configuration where only a single device is connected on the HOME port (i.e. no connecting a bridge or hub - but a NAT box (most routers) are fine).

koehn
Posts:77
Joined:Tue Feb 10, 2009 10:57 am

Re: How to put ooma into DMZ?

Post by koehn » Wed Feb 25, 2009 10:26 am

BCNeuman wrote:What would be nice (I guess for future versions of Ooma) would be if it allowed it to be configured NOT to be its own NAT firewall. i.e. it would provide a single address on the inside when queried by DHCP - i.e the same address that it received from your ISP on the outside. This would effectively pass the ISP assigned address through so that it would be visible to the router - which would then know the correct external address to use when calling up to dyndns. This would only work in the most common configuration where only a single device is connected on the HOME port (i.e. no connecting a bridge or hub - but a NAT box (most routers) are fine).
Most DynDns clients will query an external service to get their external IP address, e.g., http://checkip.dyndns.org/ . That way it doesn't matter if somebody upstream is using NAT. Here's a simple unix script I use to get my IP address:

Code: Select all

#!/bin/bash

CHECK_IP=`curl http://checkip.dyndns.org/ 2> /dev/null`
if [ $? -ne 0 ]
then
        echo Unable to get current IP address with curl >&2
        exit 100
fi
echo $CHECK_IP | sed -e 's!.*: \(.*\)</body>.*!\1!'
Agreed, however, that it would be nice if Ooma was more like existing routers, where you can be a bridge (as you described), NAT router, or straight router. But this makes the Ooma far more complicated from a configuration perspective. I'm just glad I can put Ooma inside my existing router and let it do its thing.

voip-ninja
Posts:11
Joined:Sun Nov 02, 2008 8:59 am

Re: How to put ooma into DMZ?

Post by voip-ninja » Wed Feb 25, 2009 10:18 pm

dknyinva wrote:
Achilleus wrote:Well, FWIW, I called ooma and asked about the remote access to servers, and they said there is no way to do this unless you plug the ooma into the router, and not have it between the modem and router. My adviser was quite adamant about this.

Not ideal, but I can see my servers from outside now.
Do you have your ooma behind your router or between your router and modem?

Ooma works If I put it between my modem and router, but then I can't connect to my internal web portal.

Ooma does not work If I put ooma behind my router, but then I can connect to my web portal.
It is possible that the Ooma is somehow impacting the ability to reach the web portal service. Basically the Ooma acts as a transparent NAT/gateway to the internal network and all port forwarding, etc, for applications inside the home network should pass through the Ooma seamlessly.

There are situations there were this might not be occurring. In such situations I would recommend putting Ooma on the router and make sure you forward any appropriate ports to the Ooma. Normally you don't need to do any of this, but if your router is totally locked down it is possible that it is blocking some of the ports that Ooma needs to function. It's also possible (though unlikely) that something is being blocked or misrouted on the ISP side.

Post Reply