Re: Wifi Calling Firewall Holes to Punch

2020-07-17 Thread Alex Buie via NANOG 
It's been a minute since I've set this up in a corp/campus wifi scenario,
but my notes for Verizon VoWiFi  from the last time I did say that you need
outbound udp/500 and udp/4500 IPSec protocol (IKE and ESP) permitted out
the firewall. Tunnel endpoints live in 141.207.0.0/16, so hopefully that
lets you scope the rule enough to please your ISO.

Devices will also need the ability to make an HTTPS request to
https://spg.vzw.com/SSFGateway/e911Location/changeAddress

As well, DNS queries for the ePDG domain wo.vzwwo.com need to be permitted.

That _should_ be all you need to get it bootstrapped.

Alex

On Fri, Jul 17, 2020 at 12:39 PM Lyden, John C  wrote:

> Hey gang.
>
>
>
> We’re setting up a unified wireless network for the students here, and to
> get around the issues with Nintendo and NAT we devoted a large chunk of
> public IP space to them.
>
>
>
> We’re aware that this is causing issues with wifi calling on Verizon, TMo
> etc because it appears they initiate the SIP session inbound.
>
>
>
> Does anybody have a handy list of IP blocks and ports? T-Mobile had a
> decent page but other providers just said “open up 4500 and 500” and our
> ISO guys don’t like that.
>
>
>
> Thanks if someone can help.
>
>
>
> John C. Lyden
>
> Manager of Network Infrastructure, Infrastructure Services
>
> Division of Information Resources & Technology, Rowan University
>
>
>


-- 
*Alex Buie*
Associate Network Engineer
Datto, Inc.
475-288-4550 (o)
585-653-8779 (c)
www.datto.com



Join the conversation! [image: Facebook] 
  [image: Twitter]  [image: LinkedIn]
  [image: Blog RSS]
 [image: Slideshare]
  [image: Spiceworks]

Re: HPE SAS Solid State Drives - Critical Firmware Upgrade Required

2019-11-26 Thread Alex Buie via NANOG 
Looking at a handful of images and listings online, it appears at least
some (?) are Samsung - for example, HP 816562-B21 is just a rebadged
Samsung MZ-ILS4800.

Unknown whether it only affects the HPE digitally signed firmware, or all
firmwares, though.

On Tue, Nov 26, 2019 at 3:58 PM  wrote:

> Since this is a SSD manufacturer problem does it impact other servers
> that might have SSD from the same manufacturer???
>
> HP hasn't said who the manufacturer is?
>
> Geoff
>
>
> On 11/26/19 1:45 PM, Patrick W. Gilmore wrote:
> > I do not normally post about firmware bugs, but I have this nightmare
> scenario running through my head of someone with a couple of mirrored HPE
> SSD arrays and all the drives going POOF!  simultaneously. Even with an
> off-site backup, that could be disastrous. So if you have HPE SSDs, check
> this announcement.
> >
> >
> https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-a00092491en_us
> >
>
>

-- 
*Alex Buie*
Technical Support Expert, Level 3 - Networking
Datto, Inc.
475-288-4550 (o)
585-653-8779 (c)
www.datto.com



Join the conversation! [image: Facebook] 
  [image: Twitter]  [image: LinkedIn]
  [image: Blog RSS]
 [image: Slideshare]
  [image: Spiceworks]