Ooma firewall test needed to check blocked ports

Something on your mind? Want to give us feedback on something in particular or everything in general? Tell us how we are doing!
danlisman
Posts:108
Joined:Sat Jan 22, 2011 6:16 am
Ooma firewall test needed to check blocked ports

Post by danlisman » Wed Feb 16, 2011 12:00 pm

Suggestion: Seems like Ooma NEEDS an online firewall test to verify for blocked ports.
http://ooma.custhelp.com/app/answers/de ... /related/1
Service Ports
Ooma uses the following application ports for outbound data and voice traffic:
UDP 53, UDP 123, UDP 514, UDP 1194,UDP 3386, UDP 3480, UDP 10000-20000, TCP 53 and TCP 443.

If Ooma "Customer Support" had a firewall port testing tool, they could satisfy more customers with useful information. Instead of making customers "jump through hoops" of trial-and-error. Doing boot, speed, ping, jitter boot EVERY time you call does not help if you have a firewall problem.

I did not know that my modem contained a firewall that could block ports that were important to Ooma. Maybe I am not the only person of ignorance who could have been helped. I still do not KNOW that that is causing my dependability problems, but nobody else knows either.
Dan
Get rid of satellite/cable. Buy DVR to Pause-Rewind-Record live antenna HDTV.
http://MustardTree.eCRATER.com

User avatar
highq
Posts:421
Joined:Fri Dec 25, 2009 10:11 am
Location:New York, NY

Re: Ooma firewall test needed to check blocked ports

Post by highq » Wed Feb 16, 2011 2:04 pm

If a home-use modem|router is blocking any ports, it's going to be INCOMing ports. A home-use router is extremely unlikely to block OUTGOing requests.

Since no server at ooma.com is calling yourOoma device, and since your Telo (or Hub) initiates all communications up to ooma.com, there's really no port-blocking bogeyman to get alarmed about. Your Ooma device polls HQ, not the other way around, and it ain't being blocked.

Incoming port blocks are IGNORED, IF and ONLY IF the traffic is IN ANSWER TO an outgoing request.

thunderbird
Posts:6388
Joined:Mon Nov 08, 2010 4:41 pm

Re: Ooma firewall test needed to check blocked ports

Post by thunderbird » Wed Feb 16, 2011 2:37 pm

ntoy wrote:Hello,

Is the play button still flashing orange on your telo? Ooma is behind a router? Any firewall enabled or port blocking?
danlisman wrote:
ntoy wrote:
danlisman wrote:When my wife got home tonight, she said she had called 20 minutes earlier and the phone rang and rang and rang. Her cell phone shows that she made the call just as she said and did not have a wrong number. The home phones did not ring and home caller ID did not register any incoming calls for today. Ooma Telo has all lights blue. I check Ooma caller log and it shows I had 3 MISSED calls today. My wife and 2 others. My phones never rang. Of course I did a cold boot on everything and it works now. Taking care of Telo is worse than a babysitting job. I missed 100 percent of my calls today.
Hello,

Is your Ooma behind a router? May want to check to see if your router has any firewall enabled or port blocking.
If firewall port blocking isn't a possible Ooma problem, why Ooma Moderator Norm Toy bring it up as a possible problem in two of his recent posts?

murphy
Posts:7554
Joined:Tue Jan 27, 2009 12:49 pm
Location:Pennsylvania

Re: Ooma firewall test needed to check blocked ports

Post by murphy » Wed Feb 16, 2011 2:58 pm

Because there are a very few home class routers and all commercial routers (ie big bucks) that do block outgoing ports. In those cases the outgoing ports have to be opened.
Customer since January 2009
Telo with 2 Handsets, a Linx, and a Safety Phone
Telo2 with 2 Handsets and a Linx

thunderbird
Posts:6388
Joined:Mon Nov 08, 2010 4:41 pm

Re: Ooma firewall test needed to check blocked ports

Post by thunderbird » Wed Feb 16, 2011 4:07 pm

Information only:

I was helping someone with a 2 Wire Rig setup today, and when reading the User Guide, I noticed that the 2 wire Modem/Router has Inbound and Outbound Port Blocking. See bottom of page.

Copy:
2Wire Gateway
User Guide

Firewall Features
The 2Wire gateway has a professional-grade firewall to help prevent unauthorized users from accessing your local network. The 2Wire gateway firewall includes the following features:
Stateful packet inspection. Blocks common Denial of Service attacks (such as SYN/FIN flooding or Smurf), and detects and logs TCP and UDP port scans.
Stateless packet inspection. Filters specific NetBios traffic, suspicious packets and IP fragments; blocks packets sent from the private network to the Internet that have spoofed IP addresses.
Network Address Translation (NAT). Translates a local network’s IP address to an external address maintained by the 2Wire gateway, effectively “hiding” the existence of a home network to the Internet. The 2Wire gateway then uses this external address to communicate with the Internet on behalf of devices connected to the local network.
Port Address Translation (PAT). A function provided by some routers which allows hosts on a LAN to communicate with the rest of a network (such as the Internet) without revealing their own private IP address. All outbound packets have their IP address translated to the router’s external IP address. Replies come back to the router, which then translates them back into the private IP address of the original host for final delivery. During PAT, each computer on the LAN is translated to the same IP address, but with a different port number assignment.
Inbound and outbound port blocking. Blocks common inbound and outbound protocol types from passing information to or receiving information from the Internet.

jblock312
Posts:39
Joined:Thu Dec 30, 2010 5:17 am

Re: Ooma firewall test needed to check blocked ports

Post by jblock312 » Thu Feb 17, 2011 6:24 am

Here's a nifty little tool that you can check ports with.

portforward.com/help/portcheck.htm

Anyone know how you could check ooma on a router with this?

CodeMasterG
Posts:33
Joined:Sun Mar 13, 2011 3:26 pm

Re: Ooma firewall test needed to check blocked ports

Post by CodeMasterG » Mon Mar 28, 2011 4:55 pm

highq wrote:If a home-use modem|router is blocking any ports, it's going to be INCOMing ports. A home-use router is extremely unlikely to block OUTGOing requests.

Since no server at ooma.com is calling yourOoma device, and since your Telo (or Hub) initiates all communications up to ooma.com, there's really no port-blocking bogeyman to get alarmed about. Your Ooma device polls HQ, not the other way around, and it ain't being blocked.

Incoming port blocks are IGNORED, IF and ONLY IF the traffic is IN ANSWER TO an outgoing request.
If no server at ooma.com is contacting my Telo, do you know why the Telo responds to an ICMP echo (ping)? A ping scan is one of the first things an attacker will use to find network resources for possible hacking. Do you know how to disable ping responses when using the recommended setup of modem --> ooma --> router?

User avatar
highq
Posts:421
Joined:Fri Dec 25, 2009 10:11 am
Location:New York, NY

Re: Ooma firewall test needed to check blocked ports

Post by highq » Mon Mar 28, 2011 6:29 pm

How are you detecting the incoming ping and to what address is it being sent? And who sent it?

murphy
Posts:7554
Joined:Tue Jan 27, 2009 12:49 pm
Location:Pennsylvania

Re: Ooma firewall test needed to check blocked ports

Post by murphy » Tue Mar 29, 2011 2:36 am

The hub and the Telo both respond to external ping requests.
This is one more reason why my hub and Telo are behind my router instead of in front of it.
Customer since January 2009
Telo with 2 Handsets, a Linx, and a Safety Phone
Telo2 with 2 Handsets and a Linx

CodeMasterG
Posts:33
Joined:Sun Mar 13, 2011 3:26 pm

Re: Ooma firewall test needed to check blocked ports

Post by CodeMasterG » Tue Mar 29, 2011 5:38 pm

I executed the ping from a laptop; the ping was directed towards the IP address of the Telo port conncted to my modem. I would like to disable ping responses from the Telo. If I put my Telo behind the router, do any inbound ports need to be opened?

Thanks.

Post Reply