Got something else to discuss that is not covered by the previous forums? Post it here!
#73506 by Zarak
Sun Jan 23, 2011 5:47 pm
I have Ooma plugged into my cable modem. Whether I plug in my router or laptop into Ooma I am unable to make a Cisco VPN TCP connection. UDP works fine.

I tried a port forwarding rule for TCP 10000 to the IP or the router and also to the IP of the laptop when it was plugged in directly. Neither of these worked.

I would expect someone else has run into this already, but I didn't see anything in the forums. Can someone let me know what is needed to resolve this? I have been back and forth with email support but we haven't gotten a resolution.
#73514 by thunderbird
Mon Jan 24, 2011 3:08 am
An Alternate Solution:

Try connecting your Ooma device behind (On the LAN Side of) your router. Than your VPN will function as before. Many people set-up their connection Modem-Router-Ooma without any problems at all. A few people have OoS issues connecting this way. If you do, post your problems in this forum and someone will give you directions how to make corrections to resolve the QoS issues.
#73518 by Zarak
Mon Jan 24, 2011 5:12 am
Thanks for the info. Is there a way to do it without changing the order things are plugged in? I wanted to keep the Ooma connected to the cable modem so I don't lose QoS.
#73533 by thunderbird
Mon Jan 24, 2011 9:19 am
Try This:
a. Access your Ooma Telo “home port” by plugging in a patch (network) cable from the Ooma Telo home port to a computer’s network card port. Sometimes you have to restart your computer after installing the patch cable, so that a proper connection occurs. (In in your case, if the computer is connected to the router, and the router is connected to the Ooma device Home port, skip to step b.)
b. Type http://setup.ooma.com in you browser address window and hit enter. The “Ooma Setup” window opens.
c. In the left hand Navigation window, select “Network”.
d. Under “Network Settings” go to network connection: select the down arrow with your mouse and select “Automatic” (if not already set to Automatic).
e. Under “Modem Port MAC Address”, select Use Built in:
f. Select the “Update button”.
g. In the left hand Navigation window, select “Advanced”.
h. Under “Advanced Settings” go to DHCP Configuration. (Since you are connecting only your router to the Ooma device Home Port, you only need to issue one IP address to the router. To let the DMZ function properly, the router needs to have the same IP address issued each time it is restarted.)
i. Change Start Address: to 172.27.35.11
j. Change End Address: to 172.27.35.11
k. In DMZ add 172.27.35.11
l. Select the “Update button”.
m. Do a “cold boot” of the Ooma device.
n. After the Ooma device cold boot, do a “cold boot” of the router.
Good Luck
#73657 by Zarak
Wed Jan 26, 2011 6:06 am
Thanks, I tried it, but still no good. I'm assuming setting a static would have been fine as well as a single IP in a DHCP range. Regardless, still no good.

Do I need to setup port forwarding as well?
#73660 by thunderbird
Wed Jan 26, 2011 6:43 am
Placing 172.27.35.11 into the Ooma DMZ should have moved the router's WAN side to the WAN, providing access.

Maybe I should have told you to cold boot the Modem, than the Ooma device, than your router.

With this setup, were you able to connect to an Internet site like Google from your computer?

If you remove the Ooma device and connect the router directly to the modem, can you access the Cisco VPN without making any changes to the router?

You could try Port Forwarding in the Ooma Setup Advanced page. You would be forwarding 172.27.35.11,
using the ports that have to be opened, TCP, UDP, or both, for your Cisco VPN port requirements.

Make sure your router is Port Forwarded with the same ports and TCP or UDP settings, for the Static IP address assigned from your router, to the computer, that you are using for the Cisco VPN.

Note: another thing that you have to do is set Quality of Service in your Ooma device Advanced page. Click on the(?) which will lead you to instructions for setting QoS.

When done with setups, make sure you cold boot the Modem, than the Ooma device, than your router.
#73669 by Zarak
Wed Jan 26, 2011 9:06 am
I was able to still get to the Internet, just not VPN. If I remove Ooma VPN works fine.

I tried port forwarding on both the router and the Ooma, but still no good.

I can still do UDP VPN, so I'm not completely out of luck, but it would be nice to know what in Ooma is keeping TCP VPN from working. Sounds like a good KB article if we can get this figured out.
#73695 by thunderbird
Wed Jan 26, 2011 1:15 pm
I was looking at different Cisco VPNs. Below is just an example of ports that have to be open for the VPN 3000. Maybe the question and answer below could help?

Internet Question:
If I place my VPN 3000 Concentrator behind a firewall or router running access control lists, which ports and protocols do I need to allow through?

A. This chart lists ports and protocols.

Service Protocol Number Source Port Destination Port
PPTP Control Connection 6 (TCP) 1023 1723
PPTP Tunnel Encapsulation 47 (GRE) N/A N/A
ISAKMP/IPSec Key Management 17 (UDP) 500 500
IPSec Tunnel Encapsulation 50 (ESP) N/A N/A
IPSec NAT Transparency 17 (UDP) 10000 (default) 10000 (default)

Note: The Network Address Translation (NAT) Transparency port is configurable to any value in the 4001 through 49151 range. In versions 3.5 or later, you can configure IPsec over TCP by going to Configuration > System > Tunneling Protocols > IPSec > IPSec over TCP. You can enter up to 10 comma-separated TCP ports (1 - 65535). If this option is configured, make sure that these ports are allowed in your firewall or router running access-control lists.
#73735 by Zarak
Wed Jan 26, 2011 7:10 pm
TCP 10000 is the only port I need for this.

Who is online

Users browsing this forum: No registered users and 8 guests