I have a HP Home Server, which is really just a Microsoft 2003 Server slimmed down. It provides my DHCP & DNS. I have a network printer and lots of other devices on my network to provide for remote printing, ftp, and tons of other services when I'm out of the house. If the home server detects that there is another DHCP server running on the network, it will shut itself down to prevent any conflicts.
Because I could not shut down the DHCP, I would be forced to place my home network BEHIND an ADDITIONAL firewall to filter out the DHCP requests. That won't work due to firewall configuration issues, and the second requirement I have which is DDNS.
The 2nd option would be to place the OOMA box BEHIND a firewall, and open the ports to that device that it needs for phone traffic. Which is what I did. Problem with that option is that the OOMA box is no longer able to manage voice quality of service. I had to set up port based QoS on the router, but even still - we would have serious problems when calls would come in, we could not talk to people for the first 10-15 seconds after answering the call... they could hear us, we couldn't hear them... WE endured wondering when ooma would get around to working on their firewall features.
When I saw that the Telo came out, I looked at the features list which stated that it supported "Advanced network/firewall configuration"
FINALLY, I thought... I can get the Ooma to be my gateway device... I didn't waste a second ordering it and 4 of the handsets...
Huzzah!!! It came today!!!
I called the support number to get the transfer started. I connected it to the network, browsed to the interface page and... saw the same exact interface of as the Ooma Hub.
When I told the operator that I needed to disable DHCP, she started laughing at me. I had to explain the difference to her betweenthe DHCP on the internet side (ooma box , and the DHCP on the home network side.
I am pissed off.
Required Features for Ooma:
1) Dynamic DNS Registration
2) Disable DHCP on the Ooma Box
If you already have the hardware setup to put Ooma behind your firewall, why couldn't you just put Ooma in front of your firewall?
I'm assuming your firewall (or other device) already provides DDNS support and by their nature the firewall would filter out DHCP on its Internet port so your HP Home Server wouldn't see Ooma's DHCP.
There are valid reasons but you didn't seem to list any of them and your current setup with Ooma behind your firewall uses the same amount of hardware as Ooma in front of the firewall, except the latter config solves your DHCP and DDNS complaints as well as allows Ooma to perform QoS.
You just make your firewall the DMZ in Ooma and for most people it just works.
The two that you left out are that these days it needs a gigabyte interface and you need to be able to disable external pings.
I have a hub and a Telo behind my gigabit router and they work fine.
Nothing is connected to the Home port of either device.
I did not have to open any ports in the router for them to work.
It was trivial to configure the router to give them priority when they need it.
Telo with 2 Handsets, a Linx, and a Safety Phone
Telo2 with 2 Handsets and a Linx
In my case, I have a linksys WRT54G. I wiped out the crappy linksys firmware, and replaced it with TOMATO. I set up QoS, and it's alllllll good. Fantastic call quality, and I have full control of my network. If you have a wrt54G, let us know and I can offer tips, even my config.
Telo2 upgrade (hub retired) October 2016
Service Level: Core
Because then we have the OOMA device providing NAT to my internal router, which is also providing NAT, and if I have any devices wanting to do UPnP, forget it... it'll open up the ports on the firewall, but not the Ooma, which doesn't even support UPnP anyhow... but nevertheless, I'd need to open ports on the Ooma, then the external firewall, and that would break the DDNS on the internal firewall.If you already have the hardware setup to put Ooma behind your firewall, why couldn't you just put Ooma in front of your firewall?
All i want is for Ooma to give their devices a DECENT, nee MINIMAL basic feature set to 1) make it STFU when I want it to (turn off dhcp) and Speak up when I need it to (DDNS) and heck, just match a basic firewall feature set that you can get on any basic network device these days and I'd be ecstatic!
And another thing, WHY is it taking 48 hours to port my old Ooma Hub info over to the New Ooma Telo? I'm trying to register my handsets to the Telo and I cannot obtain my PIN number apparently until its fully provisioned.
By adding your firewall as the DMZ in Ooma config, you don't need to add port forwarding twice (once in your firewall and once in Ooma). All incoming ports (except the ones Ooma intercepts for itself) are then passed through to your firewall without further configuration.JRHelgeson wrote:Because then we have the OOMA device providing NAT to my internal router, which is also providing NAT, and if I have any devices wanting to do UPnP, forget it... it'll open up the ports on the firewall, but not the Ooma, which doesn't even support UPnP anyhow... but nevertheless, I'd need to open ports on the Ooma, then the external firewall, and that would break the DDNS on the internal firewall.
UPnP works as it does now, opening up the ports in your firewall. No need to open up ports in Ooma, because the DMZ has basically already opened up all ports and sent them to your firewall.
DDNS is not broken in that configuration either. The DDNS update request is done by your firewall and traverses a NAT by Ooma, but the eventual request hitting the DDNS server will have source IP of your Ooma, which is the real public IP that needs to be in the DDNS database. When lookup is done on your DDNS name, the public IP is returned, the request is made, and since your firewall is listed as the DMZ in Ooma, any requests that come in (other than Ooma's) are automatically forwarded to your firewall, where the firewall's config takes over and decides what to do.
Under Advanced Settings: Change the DHCP start address and end address to the same value ending in zero for the last octet. e.g.
IP Address: 192.168.0.1
Start Address: 192.168.0.0
End Address: 192.168.0.0
That gives an IP address range of 0 valid IP's, which will make the device stop responding to DHCP requests.
I use the standard modem/router combo from my ISP and I cannot remember having any issues that a quick reboot of a handset did not solve.