The DMZ is not ideal and should be used as a last resort. And, while highly unusual, your particular setup may require that. That is fine as long as you also understand that there are some risks involved and you take steps to protect yourself. (A DMZ basically opens a hole through your router allowing unsolicited traffic through.) As thunderbird mentioned in his last post be sure that you are running anti-virus on all of your PC, but more importantly, be sure you are running a firewall on those PCs as well.ameneses54 wrote:Considering that allocating the OOMA to the DMZ is the only option that has worked for me,I really don't have much on the table, except loose $200 and trash the OOMA.
Arturo
Out going calls issue, solved!
-
- Posts:82
- Joined:Thu Apr 14, 2011 6:05 pm
Re: Out going calls issue, solved!
What's unfortunate is that I suppose that hundreds or thousands that subscribe to Uverse and as such have the 2Wire incorporated modem/router may have the same problem I described.
Thanks for your guidance
Thanks for your guidance
Re: Out going calls issue, solved!
Putting Ooma in a router's DMZ is no more dangerous than putting Ooma in front of a router.
Customer since January 2009
Telo with 2 Handsets, a Linx, and a Safety Phone
Telo2 with 2 Handsets and a Linx
Telo with 2 Handsets, a Linx, and a Safety Phone
Telo2 with 2 Handsets and a Linx
Re: Out going calls issue, solved!
For the ooma device itself, I agree 100%. However, putting the Ooma in front of the router does allow the router to continue protecting the LAN. But, opening up the DMZ on a consumer router where the LAN has no isolation from the device in the DMZ (ooma or otherwise) may lead to exploits for the rest of the LAN. I'm just saying this needs to be taken into consideration before blindly opening the DMZ for any device.murphy wrote:Putting Ooma in a router's DMZ is no more dangerous than putting Ooma in front of a router.
-
- Posts:6388
- Joined:Mon Nov 08, 2010 4:41 pm
Re: Out going calls issue, solved!
Murphy: Thanks for you refreshing breeze of common sense.murphy wrote:Putting Ooma in a router's DMZ is no more dangerous than putting Ooma in front of a router.
Lately I've done some checking and research. I was told that there is more than 2 billion, probably closer to 3 billion routers in service though out the world. A high percentage of those routers have DMZs. Every router manufacture in the world manufactures at least some of their routers with DMZs. Why would any router manufacture design and manufacture even one router with a DMZ, if are such extreme, dangerous security risks involved?
The answer is that the router DMZ is a very valuable tool, when configured and used properly.
I noticed that a little more then a year ago, in this forum, there was a big uproar about use of DMZs, with many people arguing for and against DMZ use.
I read every post in the over a year ago Ooma forum thread discussions about why to use, why not to use a DMZ.
No one mentioned the Norton family of products that when setup properly, will isolate one or more router LAN connected device, from all other router connected devices, in the same LAN. This is a very valuable tool for an Ooma user. It's like having your cake and eating it too.
For anyone that MUST use the router DMZ to be able to have their Ooma device function properly, the Norton family of products, using the "Network Security Map" to set a "Trust Control" "Restricted" security level for the Ooma device, is the perfect answer for anyone concerned about Router LAN security. It's almost like Norton designed the Network Security Map feature for Ooma.
The large company that I used to work for does this very thing for their smaller remote offices that use Router DMZs. They install a high end home consumer router for the office, along with Norton products on all of their computers/servers and are protected from the DMZ server, using the "Network Security Map". This combination has proven to be very reliable.
Norton has had the Network Security Map feature for a few years, and I'm sure that Norton’s competitors also have this same feature.
-
- Posts:82
- Joined:Thu Apr 14, 2011 6:05 pm
Re: Out going calls issue, solved!
Wow!
The question now is how do I setup NIS which luckily I use.
Please note that regarding modems and routers I'm null.
Arturo
The question now is how do I setup NIS which luckily I use.
Please note that regarding modems and routers I'm null.
Arturo
-
- Posts:6388
- Joined:Mon Nov 08, 2010 4:41 pm
Re: Out going calls issue, solved!
Here is the Norton site with instructions that you will configure, in each of your computers connected to your router's LAN:ameneses54 wrote:Wow!
The question now is how do I setup NIS which luckily I use.
Please note that regarding modems and routers I'm null.
Arturo
http://us.norton.com/support/kb/web_vie ... 09162049EN
***And***
http://us.norton.com/support/kb/web_vie ... 09160254EN
Re: Out going calls issue, solved!
thunderbird -thunderbird wrote:Murphy: Thanks for you refreshing breeze of common sense.murphy wrote:Putting Ooma in a router's DMZ is no more dangerous than putting Ooma in front of a router.
Lately I've done some checking and research. I was told that there is more than 2 billion, probably closer to 3 billion routers in service though out the world. A high percentage of those routers have DMZs. Every router manufacture in the world manufactures at least some of their routers with DMZs. Why would any router manufacture design and manufacture even one router with a DMZ, if are such extreme, dangerous security risks involved?
The answer is that the router DMZ is a very valuable tool, when configured and used properly.
I noticed that a little more then a year ago, in this forum, there was a big uproar about use of DMZs, with many people arguing for and against DMZ use.
I read every post in the over a year ago Ooma forum thread discussions about why to use, why not to use a DMZ.
No one mentioned the Norton family of products that when setup properly, will isolate one or more router LAN connected device, from all other router connected devices, in the same LAN. This is a very valuable tool for an Ooma user. It's like having your cake and eating it too.
For anyone that MUST use the router DMZ to be able to have their Ooma device function properly, the Norton family of products, using the "Network Security Map" to set a "Trust Control" "Restricted" security level for the Ooma device, is the perfect answer for anyone concerned about Router LAN security. It's almost like Norton designed the Network Security Map feature for Ooma.
The large company that I used to work for does this very thing for their smaller remote offices that use Router DMZs. They install a high end home consumer router for the office, along with Norton products on all of their computers/servers and are protected from the DMZ server, using the "Network Security Map". This combination has proven to be very reliable.
Norton has had the Network Security Map feature for a few years, and I'm sure that Norton’s competitors also have this same feature.
I'll have to say that you have surprised me. Your post provides an example of exactly what I have been trying to explain all along. However, I think we were approaching it from different angles and this is what caused our confusion. By providing more detail and using a specific example I am now able to understand what you are saying. I am glad to see that we are, in fact, on the same page.
-
- Posts:82
- Joined:Thu Apr 14, 2011 6:05 pm
Re: Out going calls issue, solved!
Sounds simple enough.
To sattisfy my tech curiosity,please let me know what the procedure you suggest with NIS exactly does.
To sattisfy my tech curiosity,please let me know what the procedure you suggest with NIS exactly does.
Re: Out going calls issue, solved!
My understanding is that ATT Uverse gateway includes router, so there is no way to put OOMA in front. Unless you have another router connected to home network port of OOMA.
Uverse Gateway (wired port 1) --> Writed DMZPlus to OOMA --> OOMA "Home network" port disconnected.
Uverse Gateway (wireless and wired port 2-4)--> All other computers still using gateway firewall.
Should be ok and not pose any network security risk. am I missing anything?
Also, Is there information available on what ports does OOMA service need, Uverse gateway has pinhole defined for bunch of services like yahoo messenger/net2phone etc, will opening up any one of those be enough?
So my understanding is as long as you havetomcat wrote:For the ooma device itself, I agree 100%. However, putting the Ooma in front of the router does allow the router to continue protecting the LAN. But, opening up the DMZ on a consumer router where the LAN has no isolation from the device in the DMZ (ooma or otherwise) may lead to exploits for the rest of the LAN. I'm just saying this needs to be taken into consideration before blindly opening the DMZ for any device.murphy wrote:Putting Ooma in a router's DMZ is no more dangerous than putting Ooma in front of a router.
Uverse Gateway (wired port 1) --> Writed DMZPlus to OOMA --> OOMA "Home network" port disconnected.
Uverse Gateway (wireless and wired port 2-4)--> All other computers still using gateway firewall.
Should be ok and not pose any network security risk. am I missing anything?
Also, Is there information available on what ports does OOMA service need, Uverse gateway has pinhole defined for bunch of services like yahoo messenger/net2phone etc, will opening up any one of those be enough?