Sign up
 Vonage  

       
 
Vonage Forum Menu

Vonage Forums
Vonage VoIP Forum
massrman Posted:
The devices are
available at
different price
margins , please
share your
estimated
...

In The Forum:
Vonage
Topic:
IP PBX for small business
On Sep 30, 2016 at 00:48:03

massrman Posted:
Hi these are most
commonly used SIP
PBX interops and
their
configuration
guides,
...

In The Forum:
Vonage
Topic:
IP PBX for small business
On Sep 30, 2016 at 00:37:45

Sammy00 Posted:
Has anyone setup a
W52p phone for
vonage? I have
a W52p with two
wireless handsets,
...

In The Forum:
Hard Wiring - Installation
Topic:
W52p Setup
On Aug 30, 2016 at 10:38:01

James44 Posted:
Hi, I am
looking for a good
Sip Trunking
provider in
Canada. they
should offer
...

In The Forum:
Vonage
Topic:
A good sip trunking provider
On Jul 17, 2016 at 23:42:46

James44 Posted:
Which network
connection do you
use?
...

In The Forum:
Vonage
Topic:
Wireless Access Point plugged into switch
On Jul 13, 2016 at 22:55:00

jjatsk Posted:
We are renting a
few offices right
next door to our
main building. I
have a wireless
...

In The Forum:
Vonage
Topic:
Wireless Access Point plugged into switch
On Jul 09, 2016 at 12:00:54

Pman Posted:
Hello, While
Vonage has been a
great service over
the years, it is
time to part
...

In The Forum:
LNP – Local Number Portability
Topic:
Cannot port phone number to new carrier - repeated failures
On Jul 05, 2016 at 09:12:07

jbugz67 Posted:
We recently
purchased 5
Polycom VVX 300
phones from
Vonage, and have
regretted
...

In The Forum:
Vonage
Topic:
Nothing but problems with VVX300
On Apr 15, 2016 at 14:58:07

RichardPi Posted:
Hello, does
anybody recollect
how to get into
wifi password from
diggings router?
...

In The Forum:
Hard Wiring - Installation
Topic:
How to arrive at wifi password?
On Mar 31, 2016 at 02:39:07

RichardPi Posted:
Hello, does
anybody know how
to get into wifi
watchword from
home router?
...

In The Forum:
Hard Wiring - Installation
Topic:
How to be noised abroad wifi password?
On Mar 30, 2016 at 18:48:05


Vonage VoIP Forums

Vonage In The News
Vonage Holdings Corp. Reports Fourth Quarter and Full Year 2013 Results

Carolyn Katz Elected to Board of Directors of Vonage Holdings Corp.

Syndication

Vonage Customer Reviews
Vonage vs. Time Warner Cable SoCal
Vonage vs. Time Warner Cable SoCal



Vonage UK Review
Vonage UK Review



Vonage Pros and Cons for 2006
Vonage Pros and Cons for 2006



Vonage, a VT2142 and a RTP300, My Experiences - A Detailed Review
Vonage, a VT2142 and a RTP300, My Experiences - A Detailed Review



Salt Lake City: impressions after several months
Salt Lake City: impressions after several months




Vonage Reviews


Post new topic   Reply to topic  Vonage® VoIP Forum - Vonage News, Reviews And Discussion » Vonage
Author Message
pianoman
New Forum Member
New Forum Member


Joined: Nov 01, 2008
Posts: 2

PostPosted: Sat Nov 01, 2008 5:29 pm    Post subject: V-Portal - Port 22? Reply with quote Back to top

Hello,

After a series of tests I've concluded that the issue I'm having is with my V-Portal. My probe tests show port 22 closed as opposed to stealth. I thought it may have been my cable modem or my WiFi router, yet it appears to be on the Vonage end.

Does Vonage use port 22 (SSH) for something? Could some tell me how to stealth this port? If this is not possible could someone go over how to block or forward this port to a non working address? I know nothing about the V-Portal.

Thanks
View user's profile Send private message
VonTechMgr
Vonage Forum Evangelist
Vonage Forum Evangelist


Joined: Jan 02, 2008
Posts: 656
Location: NJ

PostPosted: Sat Nov 01, 2008 8:12 pm    Post subject: Reply with quote Back to top

Port 22 is used for secure shell for troubleshooting purposes but is disabled on all Vonage devices by default. Only you as the customer would be able to enable it when working with a Vonage tech.

There is no secuirty risk because the device is not listening on port 22 until you enable it and cannot be accessed until then.
View user's profile Send private message
pianoman
New Forum Member
New Forum Member


Joined: Nov 01, 2008
Posts: 2

PostPosted: Sat Nov 01, 2008 8:43 pm    Post subject: Reply with quote Back to top

Could someone please go over with me the procedure for forwarding Port 22? I did not have anything to do with enabling this port, yet it is enabled. I would like to forward it to a null IP, as trying to figure out how/why it is open seems to be futile.

Thanks.
View user's profile Send private message
VonTechMgr
Vonage Forum Evangelist
Vonage Forum Evangelist


Joined: Jan 02, 2008
Posts: 656
Location: NJ

PostPosted: Sat Nov 01, 2008 9:07 pm    Post subject: Reply with quote Back to top

The port is not enabled. If it were enabled, when sniffing for this port, it would show as Open not Closed. All this tells someone is that a host exists at this IP. If all ports were stealth, then you would be almost invisible to the internet. Having closed ports in in no way a bad thing. The VDV21 by default will also not respond to IMCP so a ping sweep would not reveal you. Only someone who is sniffing for known ports on your IP or subnet would be able to verify your existence.

Open ports are visible and respond to probes. This could be highly dangerous because it will allow hackers to gain access to your system if they really wanted to.

Closed ports are visible but not open. Meaning that the ports are not in use. Applications cannot access to the network if the required ports are closed and therefore will not respond to requests.

Stealth ports are not visible and do not respond to probes.

If you are the paranoid type that insists on all your ports, being stealth, it requires the use of a real firewall. You can purchase a router and place the VDv21 behind it. However, if someone was to sniff your IP for all service ports, the person would still know that a host exists at this IP as your SIP port 1000 would be open making your host visible.

If you want to set up sudo 'Honey Pot" which is port forwarding to a dummy IP, just go to the Advanced Section in the VDV21 interface, then port forwarding and set TCP port 22 to forward to 192.168.15.254 which I am sure nothing on your network is using. A true 'Honey Pot' is forwarding to another machine hosting the service which allows the hacker to play around in a machine that has absolutely nothing on it and no connectivity to the rest of your LAN.

Just remember by doing this, if you ever had to work on an issue with Tech Support which required them to ssh to your device to capture data needed by the device Vendor, you would need to remove the port forwarding.
View user's profile Send private message
Anarchist
New Forum Member
New Forum Member


Joined: Nov 27, 2009
Posts: 1

PostPosted: Fri Nov 27, 2009 6:40 pm    Post subject: V Portal - Port 22 Reply with quote Back to top

OK, you did a good job telling us that port 22 can only be enabled by the used when talking to tech support. Why don't you just say how to make it stealth and get it over with, rather than going on and on about how it's not dangerous? How do you make port 22 stealth? Do you actually know? I've been all through the settings @ v-configure.com and I see nothing out of the ordinary that would indicate that port 22 was at one time made closed as opposed to stealth. Can you tell us interested parties, or not?
View user's profile Send private message
VonTechMgr
Vonage Forum Evangelist
Vonage Forum Evangelist


Joined: Jan 02, 2008
Posts: 656
Location: NJ

PostPosted: Fri Nov 27, 2009 6:47 pm    Post subject: Reply with quote Back to top

If you want it stealthed then you need to put it behind another router or firewall otherwise it will remain a Closed port.. In addition, I would love to know if all the Network so-called geniuses that ask these questions are actually running probes from outside the local network or to the LAN side of the VDV21. I don't believe that port 22 will show up in a port scan from the WAN side unless it is enabled. If you probe from the LAN then yes it will show up as closed port on the private interface.
View user's profile Send private message
ScottZ013
Vonage Forum Associate
Vonage Forum Associate


Joined: Aug 15, 2008
Posts: 11

PostPosted: Fri Nov 27, 2009 9:27 pm    Post subject: Reply with quote Back to top

tchmgr I don't know why you are wasting your time. You answered his question 3 times and he doesn't get it. You were trying to help him and he snapped at you for offering advice. He just wanted to hear what he wanted to hear. Thanks for your help. Its refreshing to hear someone who knows what he is talking about.
View user's profile Send private message
VonTechMgr
Vonage Forum Evangelist
Vonage Forum Evangelist


Joined: Jan 02, 2008
Posts: 656
Location: NJ

PostPosted: Fri Nov 27, 2009 10:01 pm    Post subject: Reply with quote Back to top

Well I did not answer his question in the original post since it was posted by someone else 1 year ago and he reopened it today. It is fine that people are curious and want to better understand why things are the way they are especially those who are security conscious. As long as those who are security conscious are network professional themselves and are not just going off of hear say by someone who believes they are a network professional..

In a case like this, one must first understand that the code base in the VDV21 is linux based which means it uses a form of iptables. Next, one must understand how an iptables firewall works. There are drop and reject statements that can be used. Depending upon which line in the iptables uses drop / reject for each port or service is only known to the chipset developers who wrote the code. Each will provide a different result such as Closed vs Filtered.

Closed Port:
- If you send a SYN to a closed port, it will respond back with a RST.
Open Port:
- If you send a SYN to an open port, you should receive a SYN/ACK.
Filtered Port:
- The packet is simply dropped and you receive no response (not even a RST).

I have personally just run a port scan using NMAP from a linux box against the WAN port of a VDV21 and the only known ports that show up are 8080 tcp as Open because the Web Remote Management is Enabled and 10000 tcp as Closed. If I scan just tcp port 22 it shows as Filtered just as every other port that is not in use. So from what I see since the WAN port shows tcp port 22 as Filtered, this would be Stealth based upon the definition of what Filtered and Closed are.

I then ran another port scan after enabling ssh in the VDV21 and it showed as Open as expected.

After disabling ssh, I ran another scan and sure enough, it now shows up as Closed. So it looks like the ssh service was off by default until I turned it on and the iptables entry filtered the port. After turning on ssh for the first time, it turns the service on and creates an iptables entry to allow connections. After disabling ssh, it then leaves the iptables entry which will allow connections when the service is running so therefore is no longer filters port 22. This is what would cause it to show up as a Closed port since the firewall does allow it but the service is just not listening on this port because it is disabled.

It is possible that a factory reset will set it back to a filtered state if it believes the ssh service was never enabled. However, since I am remotely accessing the VDV21 right now, I cannot test this out otherwise I will lose the ability to log back into the web interface to test other things.
View user's profile Send private message
StaticIP
New Forum Member
New Forum Member


Joined: Mar 30, 2011
Posts: 1

PostPosted: Wed Mar 30, 2011 10:33 pm    Post subject: Reply with quote Back to top

VonTechMgr wrote:
Well I did not answer his question in the original post since it was posted by someone else 1 year ago and he reopened it today. It is fine that people are curious and want to better understand why things are the way they are especially those who are security conscious. As long as those who are security conscious are network professional themselves and are not just going off of hear say by someone who believes they are a network professional..

In a case like this, one must first understand that the code base in the VDV21 is linux based which means it uses a form of iptables. Next, one must understand how an iptables firewall works. There are drop and reject statements that can be used. Depending upon which line in the iptables uses drop / reject for each port or service is only known to the chipset developers who wrote the code. Each will provide a different result such as Closed vs Filtered.

Closed Port:
- If you send a SYN to a closed port, it will respond back with a RST.
Open Port:
- If you send a SYN to an open port, you should receive a SYN/ACK.
Filtered Port:
- The packet is simply dropped and you receive no response (not even a RST).

I have personally just run a port scan using NMAP from a linux box against the WAN port of a VDV21 and the only known ports that show up are 8080 tcp as Open because the Web Remote Management is Enabled and 10000 tcp as Closed. If I scan just tcp port 22 it shows as Filtered just as every other port that is not in use. So from what I see since the WAN port shows tcp port 22 as Filtered, this would be Stealth based upon the definition of what Filtered and Closed are.

I then ran another port scan after enabling ssh in the VDV21 and it showed as Open as expected.

After disabling ssh, I ran another scan and sure enough, it now shows up as Closed. So it looks like the ssh service was off by default until I turned it on and the iptables entry filtered the port. After turning on ssh for the first time, it turns the service on and creates an iptables entry to allow connections. After disabling ssh, it then leaves the iptables entry which will allow connections when the service is running so therefore is no longer filters port 22. This is what would cause it to show up as a Closed port since the firewall does allow it but the service is just not listening on this port because it is disabled.

It is possible that a factory reset will set it back to a filtered state if it believes the ssh service was never enabled. However, since I am remotely accessing the VDV21 right now, I cannot test this out otherwise I will lose the ability to log back into the web interface to test other things.



Confused I have been using a VDV21 for over a year, and recently moved to North Carolina where I was unable to get more than 1 Static IP. Therefore I set my DSL modem in Bridging Mode, and used the VDV21 behind it to take care of NAT to the house systems, and DMZ for my webserver.

All was working fine, and I configured the Port Filtering to protect all of the systems by eliminating other than needed ports below 1000. I use Putty to communicate with my server when I am away from it, and even open port 22 when needed to allow others with webpages on my server to update their content. They phone me... I open the port, and when finished they call and I close it.

All was ok until about 60 days ago. Port 22 stayed open, and would not respond to commands.

Vonage's answer was to update the firmware... and did so with no positive results. Next I ordered a replacement VDV21, and they reluctantly replaced my 20 month old unit. But to no avail... the replacement functioned identically to the old unit.

My server responds to internal addressing on port 21, and does the cirtificate thing, and works fine, but using the public address it fails to operate even when port 22 shows open. I opened it using "Network Options" instead of the port filtering option.

Woe is me... anyone have any suggestions as to what the heck is happening?
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


All times are GMT - 5 Hours

Vonage Service Plans


Vonage VoIP Members
Members List Members
New massrman
New Today 1
Yesterday 1
Total 98576

Who Is On Site
Visitors 183
Members 1
Total 184


Vonage VoIP Forum Members:
Login Here
Not a Member? You can Register Here
As a registered member you will have access to the VoIP Speed Test, Vonage Service Announcements and post comments in the
Vonage VoIP Forums

Vonage Stock Price
Value: 6.52
Change:   N/A
Up to 15 Minute Delay

Site Search
 






†AK and HI residents pay $29.95 shipping. ††Limited time offer. Valid for residents of the United States (&DC), 18 years or older, who open new accounts. Offer good while supplies last and only on new account activations. One kit per account/household. Offer cannot be combined with any other discounts, promotions or plans and is not applicable to past purchases. Good while supplies last. Allow up to 2 weeks for shipping. Other restrictions may apply.

1Unlimited calling and other services for all residential plans are based on normal residential, personal, non-commercial use. A combination of factors is used to determine abnormal use, including but not limited to: the number of unique numbers called, calls forwarded, minutes used and other factors. Subject to our Reasonable Use Policy and Terms of Service.

2Shipping and activation fees waived with 1-year agreement. An Early Termination Fee (with periodic pro-rated reductions) applies if service is terminated before the end of the first 12 months. Additional restrictions may apply. See Terms of Service for details.

HIGH SPEED INTERNET REQUIRED. †VALID FOR NEW LINES ONLY. RATES EXCLUDE INTERNET SERVICE, SURCHARGES, FEES AND TAXES. DEVICE MAY BE REFURBISHED. If you subscribe to plans with monthly minutes allotments, all call minutes placed from both from your home and registered ExtensionsTM phones will count toward your monthly minutes allotment. ExtensionsTM calls made from mobiles use airtime and may incur surcharges, depending on your mobile plan. Alarms, TTY and other systems may not be compatible. Vonage 911 service operates differently than traditional 911. See www.vonage.com/911 for details.

** Certain call types excluded.

www.vonage-forum.com is not an official Vonage support website & is independently operated.
All logos and trademarks are property of their respective owners. All comments are property of their posters.
All other www.vonage-forum.com content is © Copyright 2002 - 2013 by 4Sight Media LLC.

Thinking of signing up for Vonage but have questions?
Business and Residential customers can call Toll Free 24 hours a day at: 1-888-692-8074
No Vonage Promotion Code or Coupon Codes are required at www.vonage.com to receive any special,
best Vonage cheap deals, free sign up offers or discounts.

[ | | | | | ]

Vonage Forum Site Maps

Vonage | VoIP Forum | How VoIP Works | Wiring and Installation Page Two | International Rate Plans 2 | Internet Phone
Promotion | Vonage Review | VoIP | Broadband Phone | Free Month | Rebate | Vonnage | Vontage | VoIP | Phone Service
Phone | llamadas ilimitadas a Mexico | Latest News | VoIP Acronyms | Deal | Philippines Globe Phone | Site Maps

The Vonage Forum provides the Vonage sign up Best Offer Promotion Deal.
If you are considering signing up for Vonage and have found our Vonage News, Customer Reviews, Forums
& all other parts of this site useful, please use our Vonage Sign up page.


Vonage VoIP Phone Service is redefining communications by offering consumers
& small business VoIP Internet phones, an affordable alternative to traditional phone service.
The Vonage VoIP Forum Generated This Page In: 0.78 Seconds and 151 Pages In The Last 60 Seconds
The Vonage VoIP Forum