I did more packet sniffing last night and wouldn't you know it, I couldn't get it to fail without intervention (such as rebooting the router without rebooting the ATA).
What's disturbing is it appears this issue could be solved by Vonage and it would probably lead to a much more stable product for everyone.
Once the ATA registers with the SIP Proxy (in my case something like proxy4.vonage.net), every few seconds the SIP proxy requests the ATA to "NOTIFY" it. I'm assuming this is a type of heartbeat. The trouble is, if the ATA stops receiving the heartbeat, it doesn't bother to assume that it needs to reregister to get it going again. It just sits there. What the ATA is really good at is ARPing for its own IP address. It's constantly worried about another device on the network with the same IP address.
I have sniffed both sides of the router and if you reboot the router without rebooting the ATA (self-induced failure), the Port Address Translation (PAT) is broken in that Vonage's proxy server is trying to request a NOTIFY from port 5061 to say port 1200 but it's never passed to the ATA because the router has lost track of the fact that it should send port 1200 requests to port 5061 on an inside (behind the router) address.
This would certainly be enough to break incoming calls because Vonage can no longer contact the ATA to initiate an incoming session. However, now that the PAT is broken, the ATA is completely unable to initiate an outgoing session. It sends the INVITE (SIP jargon to START a call) and based on my sniffing, the router passes the INVITE through and on to Vonage but the Vonage proxy server ignores it. I can only assume that it ignores the ATA's request because it's expecting the INVITE to come from a particular registered port for every particular IP. That port is the port that the ATA and the Vonage proxy setup whenever the ATA REGISTERS with the Vonage proxy. It does this when you reboot the ATA and seemingly on a timed basis thereafter. I haven't done enough sniffing to determine if this is random or at predictable intervals.
The bottom line is that I don't know why Vonage would ignore an INVITE from an IP that's registered but a port that is not registered. You'd think it would send back a BAD REQUEST message and cause the ATA to reregister and establish the call. Instead, the ATA repeatedly begs by sending a stream of INVITE commands which are all ignored. Eventually the ATA punts and gives a fast busy signal.
Last night was interesting in that I actually double-NATted my Vonage setup and I could not get it to fail. Here's the layout:
Internet = Charter Pipeline + 3COM Cable modem XPICS = Internet Connection Sharing, two-NIC Windows XP desktop
The XPICS machine became my first "router" to which I patched my WGT624. I also patched my laptop to the hub. I used the XPICS machine to sniff "outside" the WGT624 so that I could understand how it's NAT is working. I used the laptop to sniff what's going on "inside" the WGT624. The laptop yielded the original request from the ATA and the XPICS machine monitored what came out of the router. I actually had three Ehtereal sessions. One to monitor behind the WGT624 (laptop) and one for each of the XPICS NICs.
Unfortunately, I could not get this setup to fail outside of self-induced failure where I reboot the router and do not reboot the ATA.
For the moment, I am leaving this configuration in tact with all three monitors going. I told my wife to keep track of failures.
The only problem with this setup is that it's not exactly the same as connecting the WGT624 directly to my cable modem. It's a double NAT. However, I tried to put another hub between my cable modem and my router and I couldn't get it to work. I really wanted to sniff packets without introducing another router. Because I could not get it to fail last night, I'm starting to wonder if it's something the WGT624 receives via unprotected Internet traffic that's causing some SPI/Firewall logic to kick in and invalidate the PAT between the ATA and the Vonage SIP proxy.
Does anyone know how to get a hub working between the cable modem and the router so I can more accurately duplicate the setup with which I have experienced failures?
Also, should I open a trouble ticket with Vonage and ask them why the INVITE is ignored if the registration is broken? Wouldn't one think they should be issuing some kind of BAD RESPONSE to the ATA that triggers it to reregister? This would seem much more robust than simply ignoring it and allowing the ATA to fail. And it doesn't seem to matter how many calls fail, the ATA DOES NOT REREGISTER. It does do a few things like query DNS to ensure that it has the right address to the Vonage proxy. It queries DNS to make sure it has the right TFTP (trival FTP) IP and it ARPS the gateway to make sure it's still alive and it has the right MAC address. But it doesn't bother to REGISTER with the Vonage proxy. I have no idea why it queries for the TFTP server. Is it thinking that it might want to upgrade the firmware when a call fails? If so, it certainly doesn't try to get a new config file or firmware. It only seems to do that when it boots -- to which it gets a FILE NOT FOUND twice from the Vonage servers. It seems odd that it wouldn't try to REGISTER again. Is Cisco and/or Vonage missing an opportunity to enhance the robustness of Voip?
Well rradina, you've done a lot more work than I have to try to isolate this. I've spent lots of time trying different configurations, and have had no luck (the Vonage reps have been really helpful and attentive tho).
I did just figure out that you're using the Cisco MTA, and my similar problems occur between Netgear Firewall FWAG114 and the MOTOROLA MTA. Given the we're using different hardware, it surely sounds like there's some sort of problem with the Netgear software. I haven't been able to find anybody who can get the MTA to work behind the FWAG114 for more than 30 minutes or so.
It's definitely worth opening a ticket with Vonage though and giving them the information you have, imoh.
Yes, I am using the Cisco ATA-186. It's probably one of the first versions, if that makes a difference. (I've had Vonage for more than a year.)
I'm still running the same double-NAT setup and other than an HSI failure, which I detected via the sniffing, I have not had one single WGT624 failure. It's been rock solid with SPI enabled and no port forwarding. Of course it's enjoying a nice quiet ride because it's behind my XP box that is providing NAT and firewall services for it.
The only other thing I changed on my WGT624 which might explain why it's not failing is I went to the port trigger page and increased the timeout to 600 minutes. By default it's set at 20 minutes. Although one would think that this would only apply to specific port triggers that you enable in the port triggering screen, the timeout value may be a general timeout value that applies to the WTG624's routing tables. It may only keep information about PAT for the length of this period. The only thing odd is that doesn't explain the behavior because the Vonage SIP Proxy and the ATA constantly talk to each other. (Every 10 seconds the Vonage's proxy requests a notification from the ATA). That should be enough to keep any PAT relationship alive.
Here are some interesting things about some of the failures I sniffed yesterday surrounded a DHCP NAK. (... this wasn't a WGT624 failure, this was a PAT failure within Windows XP Internet Connection Sharing In this mode, XP is just like a router and if you turn on the firewall feature, it's not too far from being much like the WGT624. However, I don't know if Windows has stateful packet inspection.) When XP received a NAK from my HSI provider's DHCP server (I have HSI with a DHCP IP, not a static IP), it refused to pass outbound packets although inbound was still alive. (Odd, I know). The Vonage SIP proxy was still requesting a NOTIFY from the ATA, the NOTIFY was reaching the ATA, the ATA was resopnding, the response passed through the WGT624 (it was still OK) but XP didn't pass the response out to the internet. This could be a failure of my cable modem more than XP. I suspect the cable modem had taken itself off-line with respect to outbound traffic -- since it thought it lost its lease on my IP. However, it was still listening to traffic for my IP and apparently still passing it through to XP. Very odd behavior -- to say the least.
Of course, now I'm diagnosing XP NAT/Firewall issues, not WGT624 issues.
I'm still searching for a way to put the WGT624 behind my cable modem and sniff what goes on between them. This is where I think I'll find answers to what's really going down. What I have now, with XP between the cable modem and the WGT624, is fascninating but it's to contrived to allow me to make statements about what might be causing the WGT624 to not work properly with Vonage. If anyone knows how to do this, I'm all eyes (ears).
By the way, I have a WGT624 V2 with the latest firmware and a Cisco ATA-186 from Feb of 2003 (whatever version that might be...)
My primary RTP UDP packets seem to always arrive from Chicago even though I'm in St. Louis. I'm guessing Vonage has a reasonably large contract/arrangement with this firm. I forget who the IP is actually registered to but it isn't Vonage.
Another curious discovery -- it seems that Caller ID is resolved in NYC -- at least that's what incoming SIP INVITE headers seem to suggest. Not that this is bad but just curious. If you don't live in NYC, brand new numbers might not have caller ID in your area until they've had a chance to propagate to the NYC lookup service that Vonage is using. Again, this is just an assumption based on the SIP INVITE header and how the Caller ID is stored and what looks to be some sort of address identifying where the Caller ID name lookup came from.
NetGear support just e-mailed me Firmware 3.0.5_1.0.1
The problem is the file's full name is:
WGT624v1_v3.0.5_1.0.1.zip
I have a WGT624V2. I'll try it but I'm concerned that this is for V1 hardware. Oh well, I'm still within my 14 day return policy at CompUSA. If it trashes my V2, I'll return it and either get a different router all together or another WGT624V2 router.
I'll keep folks posted on whether or not this solves my problems.
I applied the new firmware. It didn't trash my WGT624V2. I'm monitoring...
I don't know what the policy is regarding distributing this firmware. The NetGear tech didn't say much other than:
Quote:
WGT624 Firmware Version 3.0.5 Please use this firmware on your WGT624, as it should resolve your issue - see attachment (WGT624v1_v3.0.5_1.0.1.zip) *** NOTE: Please write down all of your ISP (Basic Settings) configuration information BEFORE upgrading. AFTER upgrading, you must use the Default Reset button on the rear panel of the router. (1. Press and hold the Default Reset button until the Test LED turns on (about 10 seconds). 2. Release the Default Reset button and wait for the router to reboot.) ***
Please help us serve you better by clicking here mailto:support@netgear.com?subject=Feedback_us if you would like to provide any other valuable feedback. (Note: this feedback is not sent to an agent so you will not receive a reply.)
--Original Message-- ----- Wrote ----- WEBCASE Website: my.netgear-support.com Product: WGT624v2 Customer Name: ----------- ----------------- Email: -------------------- O/S: Windows XP Option: None - Email Tech ISP: VPN: Problem Category: Network Connection Issues Occured: After first Installation of product Details: My Vonage phone adapter works intermittently through the WGT624. I have forwarded recommended ports and tried everything. I've had the service for a year and I replaced my D-Link 614+ which worked flawlessly with Vonage. Can you offer any insight as to why the WTG624 keeps failing? I know the ATA opens outbound ports through the firewall which it expects to stay open. Does the WTG624 have an agressive timeout on those ports? Can you offer a firmware version which allows me to specify this? Does the router have Telnet capabilities where I can tune these settings? I have seven more days to make this work before I must return the unit to the store and purchase an alternative.
If someone wants this version, send me a private message and we can work out a transfer mechanism.
Thanks for the firmware. I applied the firmware and I really didn't see much different in my issues. I have done the following:
Failed: 1) DMZ'ed the MTA 2) Assigned Static IP to the MTA w/ Port Forwards 3) Disabled SPI & rebooted both MTA & Netgear 4) DHCP Assigned IP
THe last thing I tried was allowing the MTA to request an IP from the Netgear DHCP....I tried for hours and it never did aquire an IP Address. This was frustrating. So I switched it back to a static IP address (this seems to be the only way Vonage will work any more...at least behind the Netgear. At any rate, I"m getting a bit frustrated but Like you said I am really liking the Netgear router with the exception of Vonage. I would really like to keep it however I really don't want to have to put the MTA in front of the router. It decreases performance and flexibility IMO.
I haven't gone so far as to moitor any of the packet information but I am running out of things to try here. I guess I will attempt to get on the phone with Netgear and/or Vonage. I have been in contact with Vonage support via email and they have been pretty quick to respond, however no suggestions I haven't tried or heard about in this thread.
Any help you could give would be much appreciated!
I've been helping a friend on mine attempt to get his Vonage service operational. He started with a Netgear WGR614v2 wireless/router attached to a Motorola cable modem. The router absolutely would not pass UDP traffic on ports 5060 or 5061 so neither iChatAV on his Mac nor Vonage would work. ichatAV also uses SIP to set up video conferencing. He upgraded his Netgear router to the latest beta firmware and that didn't help. Doesn't matter if the firewall is on or off. Today he bought an Apple Airport Extreme along with an Asante 8 port 10/100 switch, plugged it in, and everything came up just fine and works. The network environment is a couple of PCs with 802.11 wireless cards, an Apple PowerBook with a builtin 802.11 card, an HP2300 printer with a Netgear ME101 wireless ethernet bridge, and the Motorola ATA for Vonage service. It cost more using the Apple AirPort but it works out of the box.
I've been helping a friend on mine attempt to get his Vonage service operational. He started with a Netgear WGR614v2 wireless/router attached to a Motorola cable modem. The router absolutely would not pass UDP traffic on ports 5060 or 5061 so neither iChatAV on his Mac nor Vonage would work. ichatAV also uses SIP to set up video conferencing. He upgraded his Netgear router to the latest beta firmware and that didn't help. Doesn't matter if the firewall is on or off. Today he bought an Apple Airport Extreme along with an Asante 8 port 10/100 switch, plugged it in, and everything came up just fine and works. The network environment is a couple of PCs with 802.11 wireless cards, an Apple PowerBook with a builtin 802.11 card, an HP2300 printer with a Netgear ME101 wireless ethernet bridge, and the Motorola ATA for Vonage service. It cost more using the Apple AirPort but it works out of the box.
That is the exact same setup that is causing me headaches at the moment, I'll get a dialtone, and after anything from 10 minutes to an hour later it will go down again. Before this I was using a Linksys router (with 803.11b) but wanted 803.11g, hence the upgrade to the Netgear...
Sadly this seems to be causing more problems that I had expected
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
All times are GMT - 5 Hours
Vonage Service Plans
Vonage VoIP Members
Members New HorpDrype New Today 7 Yesterday 18 Total 63405 Who Is On Site Visitors 175 Members 1 Total 176
1 Unlimited calling and other services for all residential plans are based on normal residential use by single-family household members. A combination of factors are used to determine abnormal use, including but not limited to: the number of unique numbers called, international calls forwarded, minutes used and other factors. Subject to our Reasonable Use Policy and Terms of Service.
HIGH SPEED INTERNET REQUIRED. † LIMITED TIME OFFER, VALID FOR NEW LINES ONLY. RATES EXCLUDE INTERNET SERVICE, SURCHARGES, FEES AND TAXES. As a subscriber to Vonage service, you agree to be bound by the Terms of Service. See www.vonage.com/tos for details. ¤ Where available. The number transfer process takes approximately 10 business days from the time you confirm your transfer request. Alarms, TTY and other systems may not be compatible. Vonage 911 service operates differently than traditional 911. See www.vonage.com/911 for details.
Thinking of signing up for Vonage but have questions? Business and Residential customers can call Toll Free 24 hours a day at: 1-888-692-8074 No Vonage Promotional Codes or Coupon Codes are required at www.vonage.com.
The Vonage Forum provides the Vonage sign up Best Offer Promotion Deal as a means to offset
our cost. If you are considering signing up for Vonage and have found our Vonage
News, Customer Reviews, Forums & all other parts of this site useful, please
use our Vonage FREE Month sign up offer Deal Coupon.
Vonage VoIP Phone Service is redefining communications by offering consumers & small business VoIP Internet phones, an affordable alternative to traditional phone service.
The Vonage VoIP Forum Generated This Page In: 0.49 Seconds and 375 Pages In The Last 60 Seconds The Vonage VoIP Forum
Members
New 
New Today 7
Yesterday 18
Total 63405
Who Is On Site
Visitors 175
Members 1
Total 176
+0.15