Need extra help installing your Ooma Hub or Telo system? Let us know.

DMZ

#11475 by 82ray
Sun Jun 14, 2009 1:40 pm
Has anybody ever used DMZ on Ooma router? I used DMZ on router to get to my server from the Internet, but it does not work on Ooma. The Ooma is connected to cable modem, Any ideas?
#11479 by ggilman
Sun Jun 14, 2009 5:45 pm
I too am going modem->ooma->router currently. Rather than opening 2 separate firewalls for each app I run on my PC, I opened a DMZ from the ooma to router, and adjust the firewall just there. It works fine.

To do this, you need to have your router set to static IP address and have it point to your ooma IP for all settings (DNS, Gateway). Then assign the this static IP of your router into the DMZ setting of the ooma. My setup seems to work fine this way.

If you set your DMZ to go straight to a PC inside the router, this could be a problem. The only other machine on the ooma's internal network is the router. Being on a different logical network, our ooma would have no idea how to DMZ to a PC on the other side of your router.

If you really need a DMZ set up to a PC inside the router, open the ooma DMZ to your router, then open your router DMZ to the PC.

However, I wouldn't really suggest using a DMZ in most cases. It defeats the purpose of the firewall in your router. Granted, it's easier to set up a single DMZ to a PC than figuring out the necessary port forwarding, but then anybody can get to your internal PCs without getting blocked by your firewall. Not a good idea & you are asking to be hacked. It's fine opening an ooma DMZ to your router since your router is a firewall, but spend the time and set up a couple of port forwards on your router rather than opening a DMZ and letting the whole world of traffic in, if at all possible.
#11514 by 82ray
Mon Jun 15, 2009 3:19 pm
ggilman thanks for the information. I tried your recommended configuration and still did not work.

Can you tell what router you are using? Do you mind sharing Ooma and Router IP configuration information?

My Router DMZ works great without Ooma inline. Any ideas? My Router is pretty old Linksys WRT54g (F/W is up to date).

Ray




ggilman wrote:I too am going modem->ooma->router currently. Rather than opening 2 separate firewalls for each app I run on my PC, I opened a DMZ from the ooma to router, and adjust the firewall just there. It works fine.

To do this, you need to have your router set to static IP address and have it point to your ooma IP for all settings (DNS, Gateway). Then assign the this static IP of your router into the DMZ setting of the ooma. My setup seems to work fine this way.

If you set your DMZ to go straight to a PC inside the router, this could be a problem. The only other machine on the ooma's internal network is the router. Being on a different logical network, our ooma would have no idea how to DMZ to a PC on the other side of your router.

If you really need a DMZ set up to a PC inside the router, open the ooma DMZ to your router, then open your router DMZ to the PC.

However, I wouldn't really suggest using a DMZ in most cases. It defeats the purpose of the firewall in your router. Granted, it's easier to set up a single DMZ to a PC than figuring out the necessary port forwarding, but then anybody can get to your internal PCs without getting blocked by your firewall. Not a good idea & you are asking to be hacked. It's fine opening an ooma DMZ to your router since your router is a firewall, but spend the time and set up a couple of port forwards on your router rather than opening a DMZ and letting the whole world of traffic in, if at all possible.
#11515 by ggilman
Mon Jun 15, 2009 3:34 pm
On the ooma, DMZ address is set to 172.27.35.2

On my router (Dlink DI-655), I have the following set:

Static IP is set to 172.27.35.2
Subnet mask: 255.255.255.0
Default Gateway & Primary DNS server both set to 172.27.35.1 (ooma hub's ip address)

That's really it for setting up my router behind the ooma and using the ooma's DMZ to the router. I'm not using a DMZ into my network, since as I stated earlier I don't think it's a good idea. I just have a couple of specific ports open. If I did open a DMZ to the internal network, I would just set it up on the router.

Off the top of my head, I cannot think what you'd have set up wrong to not work, other than not using a static ip on the router or having the ooma point straight to the internal device rather than the router.
#45936 by Josh68
Mon Feb 08, 2010 10:38 am
Sorry to re-post to this old thread, but I'm coming up empty with my setup, which is Comcast cable modem (CDV eMTA)->Ooma Telo->Asus WL-500gx/DD-WRT. I've done exactly as is suggested in this post (left the original DHCP range on the Ooma Telo and set my router to a static IP of 172.27.35.2, set the Ooma DMZ to the same, set the router DNS and Gateway to Ooma HOME IP of 172.27.35.1 and subnet mask to the usual 255.255.255.0). I forwarded my desired ports, in my router only, to the same on the static IP lease of my laptop's MAC, but when I test from the web, the ports aren't open through to my computer from the modem IP. The phone signal is fine and the router is getting and internet connection just fine, but I still can't get port forwarding with this setup. I've also tried restricting DHCP on the Ooma, with the same result. Anything I'm doing wrong here? Is it possible DMZ isn't working right in my Telo? Thanks.

ggilman wrote:I too am going modem->ooma->router currently. Rather than opening 2 separate firewalls for each app I run on my PC, I opened a DMZ from the ooma to router, and adjust the firewall just there. It works fine.

To do this, you need to have your router set to static IP address and have it point to your ooma IP for all settings (DNS, Gateway). Then assign the this static IP of your router into the DMZ setting of the ooma. My setup seems to work fine this way.

If you set your DMZ to go straight to a PC inside the router, this could be a problem. The only other machine on the ooma's internal network is the router. Being on a different logical network, our ooma would have no idea how to DMZ to a PC on the other side of your router.

If you really need a DMZ set up to a PC inside the router, open the ooma DMZ to your router, then open your router DMZ to the PC.

However, I wouldn't really suggest using a DMZ in most cases. It defeats the purpose of the firewall in your router. Granted, it's easier to set up a single DMZ to a PC than figuring out the necessary port forwarding, but then anybody can get to your internal PCs without getting blocked by your firewall. Not a good idea & you are asking to be hacked. It's fine opening an ooma DMZ to your router since your router is a firewall, but spend the time and set up a couple of port forwards on your router rather than opening a DMZ and letting the whole world of traffic in, if at all possible.

Who is online

Users browsing this forum: No registered users and 9 guests