All good points turbo9
, and you're correct, routing through a firewall, reserving ports, assigning DHCP is all for the more technical user. This was my point exactly, most of us on this forum are technical enough to handle setting these things up, there's just no clear direction. User's are left reading and reading various posts with no visual examples to follow when it's not an Ooma device routing the traffic. You could refer to your routers documentation, and I'll bet some of them are pretty good, but I know first hand that when too much unrelated detail exists along side a specific scenario, it can confuse even a person who is generally very technical. My posts are probably a good example of that
Ooma doesn't really help with anything other than their default "put the Telo first after the modem" answer in their online documentation. I'm sure there are certain level 2 & 3 techs that are a big help, but phone support is a disaster when two people don't communicate well. Some people are better off and happier figuring it out on their own, they just need guidance. It's people like ibmofo
, and others that step up to the plate and really help out the community. I do think there's a lack of third party integration support on Ooma's account. I'm not simplifying the task requirement though. It's a very difficult job to support everyone's hardware out there. What results is copy and paste of the same instruction over and over, that doesn't always relate to a particular scenario. As teddmf
points out, there is no user control over the firmware revision on a Telo. You get upgrades, like it or not. This is not comforting if you have your internet routing through your Telo, but you require internet AND
phone to run a home business as my wife does. If you have your router managing traffic, you have better control over your environment.
I'm considering putting together a guide that would comprise the advice from senior users together with screenshots of a specific scenario, but a very common and basic one, which is a home network with a highspeed modem, a wireless router, and a Telo. I'd hope that such a post would be contributed to by the community, rather picked apart and criticized because it's different than another persons. It would be great to have separate links to posts covering each of the router manufacturers, with screen shots of how to configure them, but I don't know if that's feasible and/or if it would just create more confusion. I would be willing to post my Cisco Linksys configuration screen shots, along with tips on how to troubleshoot and safely upgrade the stock firmware on these routers. It literally would be about four screenshots for configuring the IP routing and maybe three or four additional if I added Wireless configuration screenshots. It would be great to see Ooma champion a community effort like this as well.
In regard to what you say about the Telo tunneling it's way back home. I'm currious about this statement because it seems to contrict what some people say about issues they having with this scenario, even when they have setup QoS on their router. It would also make it completely unessesary for the Telo to ever be before the router. Of course there are a lot of factors that could contribute to the success or failure of this effort. However, I do understand that this fact elludes a lot of people. When you disconnect the ethernet from the back of your Telo and plug it into your PC (without
a firewall running on your PC), what's the result when you run the All Service Ports
test of SheildsUP! on Steve Gibson's site
? Are all ports stealth? The reason I put my Telo in the DMZ was to prevent the router's firewall from blocking any traffic to it. This is the equivellent of connecting the Telo directly to the high speed modem, except it's more like connecting both the Telo and the router to the high speed modem In parallel, even though they are physically connected one after the other. I have not tested this on a cable modem since I'm on ADSL, but I think it would probably satisfy the requirement that many Cable ISPs have for only one MAC address to be registered to the ISP at a time. It used to be possible to pay your ISP extra money (a brain dead move of itself) to have more than one MAC address registed at time, but with the number of routers out there instead of the dumb hubs everyone used to have, the cable ISPs may not offer that anymore. Having one device in the DMZ only exposes that device, but allows the rest of your network to remain stealth. As long as that device is the only one on the DMZ and it's not routing packets back to the local network itself AND
there are not bugs in the routers firmware (an important and often overlooked issue), then you should be safe from most attacks, except for the group Anonymous
. Don't get on their bad side.