Hi Stuart, On Tue, Jul 06, 2021 at 08:23:06AM +1000, Stuart Longland wrote: > One thing the OpenBSD host cannot know, is what specific port in that > 10000:30000 range, is being used at any particular time. I note they > don't ask you to expose port 5060/udp, so presumably the device is > _not_ receiving SIP traffic directly from incoming callers, but rather > tunnels it via some sort of STUN-type arrangement or VPN (port 1194 > smells like OpenVPN).
A bit more web serching found some discussions https://forums.ooma.com/viewtopic.php?t=15326#p106898 https://www.dslreports.com/forum/r28676066-Ooma-uses-SIP https://forums.ooma.com/viewtopic.php?t=7553#p53035 https://forums.ooma.com/viewtopic.php?t=15072 where people claim that Ooma does in fact use an OpenVPN tunnel to their own cloud infrastructure. > What also we don't know, is whether the RTP traffic (the 10000:30000/udp > range) is going to come from a single subnet, or from global addresses. > If you can find this information out, then it's possible to just > expose yourself to your VSP (voice service provider) and be closed to > everybody else. Hopefully it only comes from Ooma's own IP addresses. I will try to run some experiments next week to see what the traffic actually looks like. -- -- "Jonathan Thornburg [remove color- to reply]" <jthorn4...@pink-gmail.com> on the west coast of Canada, eh? "There was of course no way of knowing whether you were being watched at any given moment. How often, or on what system, the Thought Police plugged in on any individual wire was guesswork. It was even conceivable that they watched everybody all the time." -- George Orwell, "1984"