[77983] in North American Network Operators' Group
RE: Vonage complains about VoIP-blocking
daemon@ATHENA.MIT.EDU (Michael Hallgren)
Tue Feb 15 17:48:25 2005
From: "Michael Hallgren" <m.hallgren@free.fr>
To: "'Daniel Golding'" <dgolding@burtongroup.com>,
"'Jason L. Schwab'" <jlschwab@jlschwab.com>,
"'Martin Hannigan'" <hannigan@verisign.com>
Cc: <nanog@merit.edu>
Date: Tue, 15 Feb 2005 23:45:16 +0100
In-Reply-To: <BE37E41E.7E8D%dgolding@burtongroup.com>
Errors-To: owner-nanog-outgoing@merit.edu
ssh, or other schemes of enhanced security...?
mh
> -----Message d'origine-----
> De : owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] De=20
> la part de Daniel Golding
> Envoy=E9 : mardi 15 f=E9vrier 2005 23:39
> =C0 : Jason L. Schwab; Martin Hannigan
> Cc : nanog@merit.edu
> Objet : Re: Vonage complains about VoIP-blocking
>=20
>=20
>=20
> Is there any move on the part of providers/manufacturers to=20
> use more secure protocols for this?
>=20
> - Dan
>=20
> On 2/15/05 5:22 PM, "Jason L. Schwab" <jlschwab@jlschwab.com> wrote:
>=20
> >=20
> > Hi;
> >=20
> > I unplugged and reset my vonage Motorola MTA device, and it=20
> did tftp=20
> > to home to get its configs.
> >=20
> > -Jason
> >=20
> > -----Original Message-----
> > From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]=20
> On Behalf=20
> > Of Hannigan, Martin
> > Sent: Tuesday, February 15, 2005 3:14 PM
> > To: 'Jay Hennigan'
> > Cc: Eric Gauthier; nanog@merit.edu
> > Subject: RE: Vonage complains about VoIP-blocking
> >=20
> >=20
> >> -----Original Message-----
> >> From: Jay Hennigan [mailto:jay@west.net]
> >> Sent: Tuesday, February 15, 2005 5:10 PM
> >> To: Hannigan, Martin
> >> Cc: Eric Gauthier; nanog@merit.edu
> >> Subject: RE: Vonage complains about VoIP-blocking
> >>=20
> >>=20
> >> On Tue, 15 Feb 2005, Hannigan, Martin wrote:
> >>=20
> >>>> Something else to consider. We block TFTP at our border for=20
> >>>> security reasons and we've found that this prevents Vonage from=20
> >>>> working.
> >>>> Would this mean that
> >>>> LEC's can't block TFTP?
> >>>=20
> >>>=20
> >>> Was that a device trying to phone home and get it's configs?
> >>> Cisco, Nortel, etc. phone home and get configs via tftp.
> >>>=20
> >>> Vonage doesn't need to phone home for config. The device is=20
> >>> programmed (router) and it registers with the call manager.
> >>> If you analyze the transactions it's about 89% SIP and 11% SDP.
> >>=20
> >> Vonage devices initiate an outbound TFTP connection back=20
> to Vonage to=20
> >> snarf their configs on initial connection and also
> >> (presumably) on reboot.
> >=20
> > I tested the reboot. I didn't see it. I agree in general and think=20
> > that providers shouldn't block tftp, IMHO.
> >=20
>=20
> --
> Daniel Golding
> Network and Telecommunications Strategies Burton Group
>=20
>=20
>=20
>=20
