Out going calls issue, solved!

Having trouble placing or receiving calls or using your voicemail system on Ooma Telo VoIP Phones? Post your questions here.
User avatar
tomcat
Posts: 215
Joined: Tue Feb 22, 2011 1:32 pm

Re: Out going calls issue, solved!

Post by tomcat » Wed Jul 06, 2011 6:31 am

ameneses54 wrote:Considering that allocating the OOMA to the DMZ is the only option that has worked for me,I really don't have much on the table, except loose $200 and trash the OOMA.

Arturo
The DMZ is not ideal and should be used as a last resort. And, while highly unusual, your particular setup may require that. That is fine as long as you also understand that there are some risks involved and you take steps to protect yourself. (A DMZ basically opens a hole through your router allowing unsolicited traffic through.) As thunderbird mentioned in his last post be sure that you are running anti-virus on all of your PC, but more importantly, be sure you are running a firewall on those PCs as well.

ameneses54
Posts: 82
Joined: Thu Apr 14, 2011 6:05 pm

Re: Out going calls issue, solved!

Post by ameneses54 » Wed Jul 06, 2011 7:07 am

What's unfortunate is that I suppose that hundreds or thousands that subscribe to Uverse and as such have the 2Wire incorporated modem/router may have the same problem I described.
Thanks for your guidance

murphy
Posts: 7261
Joined: Tue Jan 27, 2009 12:49 pm
Location: Pennsylvania

Re: Out going calls issue, solved!

Post by murphy » Wed Jul 06, 2011 8:50 am

Putting Ooma in a router's DMZ is no more dangerous than putting Ooma in front of a router.
Customer since January 2009
Telo with 2 Handsets, a Linx, and a Safety Phone
Telo2 with 2 Handsets and a Linx

User avatar
tomcat
Posts: 215
Joined: Tue Feb 22, 2011 1:32 pm

Re: Out going calls issue, solved!

Post by tomcat » Wed Jul 06, 2011 9:01 am

murphy wrote:Putting Ooma in a router's DMZ is no more dangerous than putting Ooma in front of a router.
For the ooma device itself, I agree 100%. However, putting the Ooma in front of the router does allow the router to continue protecting the LAN. But, opening up the DMZ on a consumer router where the LAN has no isolation from the device in the DMZ (ooma or otherwise) may lead to exploits for the rest of the LAN. I'm just saying this needs to be taken into consideration before blindly opening the DMZ for any device.

thunderbird
Posts: 6388
Joined: Mon Nov 08, 2010 4:41 pm

Re: Out going calls issue, solved!

Post by thunderbird » Wed Jul 06, 2011 9:49 am

murphy wrote:Putting Ooma in a router's DMZ is no more dangerous than putting Ooma in front of a router.
Murphy: Thanks for you refreshing breeze of common sense.

Lately I've done some checking and research. I was told that there is more than 2 billion, probably closer to 3 billion routers in service though out the world. A high percentage of those routers have DMZs. Every router manufacture in the world manufactures at least some of their routers with DMZs. Why would any router manufacture design and manufacture even one router with a DMZ, if are such extreme, dangerous security risks involved?

The answer is that the router DMZ is a very valuable tool, when configured and used properly.

I noticed that a little more then a year ago, in this forum, there was a big uproar about use of DMZs, with many people arguing for and against DMZ use.

I read every post in the over a year ago Ooma forum thread discussions about why to use, why not to use a DMZ.

No one mentioned the Norton family of products that when setup properly, will isolate one or more router LAN connected device, from all other router connected devices, in the same LAN. This is a very valuable tool for an Ooma user. It's like having your cake and eating it too.

For anyone that MUST use the router DMZ to be able to have their Ooma device function properly, the Norton family of products, using the "Network Security Map" to set a "Trust Control" "Restricted" security level for the Ooma device, is the perfect answer for anyone concerned about Router LAN security. It's almost like Norton designed the Network Security Map feature for Ooma.

The large company that I used to work for does this very thing for their smaller remote offices that use Router DMZs. They install a high end home consumer router for the office, along with Norton products on all of their computers/servers and are protected from the DMZ server, using the "Network Security Map". This combination has proven to be very reliable.

Norton has had the Network Security Map feature for a few years, and I'm sure that Norton’s competitors also have this same feature.

ameneses54
Posts: 82
Joined: Thu Apr 14, 2011 6:05 pm

Re: Out going calls issue, solved!

Post by ameneses54 » Wed Jul 06, 2011 10:55 am

Wow!
The question now is how do I setup NIS which luckily I use.
Please note that regarding modems and routers I'm null.

Arturo

thunderbird
Posts: 6388
Joined: Mon Nov 08, 2010 4:41 pm

Re: Out going calls issue, solved!

Post by thunderbird » Wed Jul 06, 2011 11:12 am

ameneses54 wrote:Wow!
The question now is how do I setup NIS which luckily I use.
Please note that regarding modems and routers I'm null.

Arturo
Here is the Norton site with instructions that you will configure, in each of your computers connected to your router's LAN:

http://us.norton.com/support/kb/web_vie ... 09162049EN

***And***

http://us.norton.com/support/kb/web_vie ... 09160254EN

User avatar
tomcat
Posts: 215
Joined: Tue Feb 22, 2011 1:32 pm

Re: Out going calls issue, solved!

Post by tomcat » Thu Jul 07, 2011 6:35 pm

thunderbird wrote:
murphy wrote:Putting Ooma in a router's DMZ is no more dangerous than putting Ooma in front of a router.
Murphy: Thanks for you refreshing breeze of common sense.

Lately I've done some checking and research. I was told that there is more than 2 billion, probably closer to 3 billion routers in service though out the world. A high percentage of those routers have DMZs. Every router manufacture in the world manufactures at least some of their routers with DMZs. Why would any router manufacture design and manufacture even one router with a DMZ, if are such extreme, dangerous security risks involved?

The answer is that the router DMZ is a very valuable tool, when configured and used properly.

I noticed that a little more then a year ago, in this forum, there was a big uproar about use of DMZs, with many people arguing for and against DMZ use.

I read every post in the over a year ago Ooma forum thread discussions about why to use, why not to use a DMZ.

No one mentioned the Norton family of products that when setup properly, will isolate one or more router LAN connected device, from all other router connected devices, in the same LAN. This is a very valuable tool for an Ooma user. It's like having your cake and eating it too.

For anyone that MUST use the router DMZ to be able to have their Ooma device function properly, the Norton family of products, using the "Network Security Map" to set a "Trust Control" "Restricted" security level for the Ooma device, is the perfect answer for anyone concerned about Router LAN security. It's almost like Norton designed the Network Security Map feature for Ooma.

The large company that I used to work for does this very thing for their smaller remote offices that use Router DMZs. They install a high end home consumer router for the office, along with Norton products on all of their computers/servers and are protected from the DMZ server, using the "Network Security Map". This combination has proven to be very reliable.

Norton has had the Network Security Map feature for a few years, and I'm sure that Norton’s competitors also have this same feature.
thunderbird -
I'll have to say that you have surprised me. Your post provides an example of exactly what I have been trying to explain all along. However, I think we were approaching it from different angles and this is what caused our confusion. By providing more detail and using a specific example I am now able to understand what you are saying. I am glad to see that we are, in fact, on the same page. :)

ameneses54
Posts: 82
Joined: Thu Apr 14, 2011 6:05 pm

Re: Out going calls issue, solved!

Post by ameneses54 » Fri Jul 08, 2011 2:53 am

Sounds simple enough.
To sattisfy my tech curiosity,please let me know what the procedure you suggest with NIS exactly does.

miserTen
Posts: 1
Joined: Mon Jun 04, 2012 10:22 am

Re: Out going calls issue, solved!

Post by miserTen » Mon Jun 04, 2012 10:28 am

My understanding is that ATT Uverse gateway includes router, so there is no way to put OOMA in front. Unless you have another router connected to home network port of OOMA.
tomcat wrote:
murphy wrote:Putting Ooma in a router's DMZ is no more dangerous than putting Ooma in front of a router.
For the ooma device itself, I agree 100%. However, putting the Ooma in front of the router does allow the router to continue protecting the LAN. But, opening up the DMZ on a consumer router where the LAN has no isolation from the device in the DMZ (ooma or otherwise) may lead to exploits for the rest of the LAN. I'm just saying this needs to be taken into consideration before blindly opening the DMZ for any device.
So my understanding is as long as you have

Uverse Gateway (wired port 1) --> Writed DMZPlus to OOMA --> OOMA "Home network" port disconnected.
Uverse Gateway (wireless and wired port 2-4)--> All other computers still using gateway firewall.

Should be ok and not pose any network security risk. am I missing anything?

Also, Is there information available on what ports does OOMA service need, Uverse gateway has pinhole defined for bunch of services like yahoo messenger/net2phone etc, will opening up any one of those be enough?

Post Reply