Blocking/Enabling Wi-Fi calling
Maybe this is covered somewhere already, but I thought it might be worth sharing. Some mobile carriers don't require much, if any, configuration on Firewalla to allow Wi-Fi calling to work. If you wish to block Wi-Fi calling, instructions provided. Conversely, if Wi-Fi calling isn't working, check that you don't have these rules in place.
Verizon is an exception. You have to enable IPSEC for Wi-Fi calling to work.
AT&T
- Turn on IPSec ?
- Ports: 500,4500 (UDP)
- Domain(s):
- epdg.epc.att.net- sentitlement2.mobile.att.net- vvm.mobile.att.netepdg.epc.att.net sentitlement2.mobile.att.net vvm.mobile.att.net
-
Rules to block- epdg.epc.att.net:500,4500 (UDP)- sentitlement2.mobile.att.net:500,4500- vvm.mobile.att.net:500,4500
T-Mobile
- Ports: 500,4500 (UDP)
- Domain(s)/IPs: 208.54.0.0/16
- Rule to block: 208.54.0.0/16:500,4500 on [Devices you want to make sure can't use wifi calling]
Verizon
- Ports: 500,4500 (UDP)
- Domain(s): wo.vzwwo.com
- Verizon uses IPSEC so you must enable Network Manager > NAT Settings > NAT Passthrough > IPSEC. Disabling this and/or blocking the ports above will prevent Wi-Fi calling.
Thanks to Todd Norman and Oliver Davey for helping test.
-
FYI on Verizon settings.. you do NOT need to enable IPSEC for Verizon wifi calling to work... it works on Firewalla out of the box...
Blocking those ports WILL stop it but you do not need to do anything with IPSEC to make it work or not work...
Looks like Verizon WiFi goes to wo.vzwwo.com
-
Hi Shawn,
I have had multiple users test Verizon and some reported that IPSEC was required others say what you are saying. I don't know how that can be, but it was a repeatable experiment. Not sure what to do with that.
I'm assuming you tested in airplane mode with Wi-Fi turned on?
Please sign in to leave a comment.
Comments
5 comments