Can't connect to VPN server through OOMA

I have my Ooma Telo (old version, the one with touch buttons) setup as follows

Internet<—>Cable Modem<—>OOMA<—>Router

I have my routers WAN port set to static IP 172.27.35.8 and OOMAs LAN IP at the default of 172.27.35.1. I then set the DMZ on OOMA to 172.27.35.8. With this setup, I can connect to the VPN server on my router from the internet with no problems.

I have the exact same setup with my Dad’s OOMA, but he has a newer Telo, the one with the mechanical buttons. I cannot successfully VPN into his router. He does have a different router, but I don’t think it’s the router’s problem because if I take away the OOMA and have the cable modem connected directly to the router, I can VPN in just fine.

This is all PPTP VPN by the way.

I’m suspecting it’s something in the newer Telo firmware that is blocking this, but I’m not certain. Besides moving the OOMA to connect to one of the LAN ports of the router, does anyone know what might be the problem or have any suggestions to connect to the VPN server successfully?

Your forum email address doesn’t match the one on your account so I can’t look it up. Also email me your Dad’s phoneno.

Only differences I see with your Dad’s config are:

  • there’s a port forwarding rule
  • you’re using a different subnet for the LAN (172.27.88.x instead of 172.27.35.x)

Have you tried making it exactly the same as your setup?

I put the port forwarding rule in there because I thought it might fix it, it didn’t so I’m planning to remove it.

As for the subnet, I didn’t think that would matter since I’ve matched the subnet on my router’s WAN. I guess I can try the default .35.xxx subnet but I highly doubt it’s going to make a difference.

Any other ideas?

If you have the same subnet on the WAN and the LAN it will not work. The subnets must be different for routing to be possible.

The subnet of my router’s WAN is the same as the OOMA’s LAN, and that is the right thing to do. I really think the firmware on the OOMA, regarding the DMZ, is a highly probable suspect in this situation, unless you have some other tips or tricks I can try.

I guess you have Ooma in front of the router. In that case you are correct.

My Hub and Telo have been behind my router since 2009. That location will solve your VPN problem since Ooma is no longer involved. I run that way because my LAN is a gigabit LAN and I don’t want the 10/100 Ooma devices in the way.

The Ooma devices do not support loopback so the only way to test external connections is from outside of your network when Ooma is in front of the router.

Did a little more research, my best guess is that my Dad’s Telo, with its DMZ enabled, doesn’t pass through IP Type 47 Generic Routing Encapsulation (GRE) packets, which is needed for incoming PPTP VPN connections. And the reason my setup works is because I have the older Telo doesn’t have this limitation. This again is just a guess but maybe an engineer at OOMA can help confirm whether this is the case or not.

I connected my ooma office yesterday 16 Sept 2015), and it prevents me from connecting to my VPN. I spent about a half hour fiddling and could not fix. Called my IT guy, and he spent about an hour before he determined that the ooma is preventing connecting to GRE.

When I configured ooma out of the system (loosingl ooma capabilty) the GRE connection was restored. Anyone with suggestions?

Only issue we know of is that L2TP VPN works, but PPTP VPN does not. This is a very low-level issue not likely to be fixed.

https://www.ooma.com/forums/viewtopic.php?f=2&t=17501

I won’t be monitoring the forum for the next few weeks. Please contact one of the other moderators (or support) if you have an urgent issue.

I’m also unable to connect to my work’s VPN (they use PPTP) using the DMZ. So, another vote to fix this. The link to the other topic looked pretty old, so decided to post here. Failing a proper fix, what up/down fulltime bandwidth reservations do I need if I turn on QOS on the router and put Ooma on the other side.