Re: [AFMUG] AT&T WiFi calling

Thu, 15 Oct 2015 16:38:50 -0700 

I meant my reply to your post on the Cambium community.
I honestly don't know how many customers we might have using these things (we have decent cell coverage). I looked through some netflow data and found quite a few customers with UDP 4500 traffic. The destinations are Verizon and AT&T IP addresses. These are obvious because they're also hitting NTP servers on the carrier's networks. A quick google search tells me this UDP 4500 stuff is IPSEC IKE NAT traversal and keepalive. That's why I asked if you've torched their traffic. Maybe the carriers do these things differently in your region. Those aren't going through the Canopy NAT, but they are behind double NAT. So I have no idea. Maybe it is still something with the Canopy NAT implementation. 

On 10/15/2015 3:58 PM, Bill Prince wrote:
Not sure if I saw your post George. I did a couple of searches, but did not find anything matching.
Since 13.4, we've tracked the NAT table, and the subscriber that called this in had zero entries in their NAT table until they switched their router into bridge mode. So I'm fairly certain they were on the DMZ. That said, the sub is a programmer/tech, so he's not your average rube. He called in to report switching their router to bridge mode fixed his AT&T WiFi calling problem. We did not torch the link. 

I call it NAT without PAT, or NAT minus PAT, or NAT no PAT.

bp
<part15sbs{at}gmail{dot}com>

On 10/15/2015 1:29 PM, George Skorup wrote:
I assume you read my post? Have you ran torch on these customers to see what the actual traffic is? I believe they all use an IPSEC VPN. Should work through one layer of NAT (obviously does as you've seen), but I don't know why not also through the SM DMZ which is really NAT, not PAT. What's the term now, NAP-T or something like that is what we all call "NAT" generally. 

On 10/15/2015 3:14 PM, Bill Prince wrote:
BTW - this is with the SM on the 13.4 release (FSK in this particular case). 

bp
<part15sbs{at}gmail{dot}com>

On 10/15/2015 1:12 PM, Bill Prince wrote:
I think we have determined that the new AT&T "WiFi calling" feature will not work with double NAT (even when the customer's router is on the DMZ). This is the same behavior we've seen on T-mobile. It seems to work if the customer router is in bridge mode, or the SM is in bridge mode.

Reply via email to