Verizon 4G LTE with Pantech UML 290 NAT breaks VoIP with mobile routers.
corydzbinski
Newbie

LONG story short.  I run a training class once a month (8 road, 4 home) called FreedomVoice University where we train our dealer network on our hosted VoIP phone system called FreedomIQ.  I'm looking to provide my own Internet solution for these classes since most hotels have inadequate (or non-working) wifi and internet.  They typically also lack a wired connection, something that would allow us to connect Polycom (RJ45 connection) VoIP phones for training purposes.  My idea was to use a Verizon 4G USB device that interfaces with a Cradlepoint CBR400 router to provide Internet to a switch that connects multiple VoIP phones.  It turns out that this scenario is impossible to use with hosted VoIP because Verizon has the 4G connection NAT'd.  When you use another router to connect the phones, now a double NAT scenario exists (premise based router providing NAT and 4G connection NAT'd) and that breaks nearly all flavors of hosted VoIP.  Verizon refuses to disable the NAT on their end, citing "security reasons" but I think it's more of a "we don't want you using VoIP instead of our minutes" reason.  Anyway, their 4G LTE service is completely useless to me in this scenario.  Verizon suggested that I turn off NAT on my end.  Apparently they are clueless as to the purpose of NAT.  Multiple devices need unobstructed internet access here guys!!!

0 Likes
1 Solution

Correct answers
Re: Verizon 4G LTE with Pantech UML 290 NAT breaks VoIP with mobile routers.
Cour1988
Enthusiast - Level 1

I feel your pain. At this point, there is no way to open the NAT. I called Novatel to see if they had a solution but I got through just after hours so I'll have to wait till Monday. Verizon says it's not their problem and to call the device provider (in my case it's Novatel).  So I'll find out who really is responsible for the NAT settings.

View solution in original post

0 Likes
Re: Verizon 4G LTE with Pantech UML 290 NAT breaks VoIP with mobile routers.
John_Getzke
Champion - Level 1

The entire 4G LTE network and all SIM devices are using NAT.  There is only one way around that feature and that is to pay for a static IP address from VZW for several hundered dollars per IP.  NAT is not going away and will continue to be an issue for anyone who needs a publicly routable IP address.  Security webcam, VOIP and video game console devices tend to feel the limitations more than anything else.   

While you may believe that VZW is using NAT specifically to block your VOIP devices, it likely has more to due with the natural shortage of IPv4 addresses.  There simply are not enough to go around.  NAT allows VZW to route to more devices across thier network since public IP's are hard to come by.  IPv6 would be the natural solution to this problem and allow everyone to have public IP's.  However, VZW does not appear to be embracing that technology standard with any of thier mobile broadband devices.

The first level VZW contacts do not appear to be trained on IPv6 or NAT.  Any questions in that area are better suited for this forum where fellow technologists can share what has been learend.

0 Likes
Re: Verizon 4G LTE with Pantech UML 290 NAT breaks VoIP with mobile routers.
Cour1988
Enthusiast - Level 1

I feel your pain. At this point, there is no way to open the NAT. I called Novatel to see if they had a solution but I got through just after hours so I'll have to wait till Monday. Verizon says it's not their problem and to call the device provider (in my case it's Novatel).  So I'll find out who really is responsible for the NAT settings.

0 Likes
Re: Verizon 4G LTE with Pantech UML 290 NAT breaks VoIP with mobile routers.
John_Getzke
Champion - Level 1

Best of luck to you Cour, it has always been thrown around that VZW is responsible for the NAT.  If you learn otherwise it would be very helpful for us to know.

0 Likes
Re: Verizon 4G LTE with Pantech UML 290 NAT breaks VoIP with mobile routers.
corydzbinski
Newbie

Followup:  I fired up my AT&T iPhone tethering and enabled the WIFI tether.  I set the Cradlepoint CBR400 to "WIFI to WAN" mode and picked up the AT&T iPhone WIFI.  The CBR400 is connected to my POE switch which also has 5 Polycom IP550 phones connected to it.  All phones work great.  It's something funky going on with the Verizon network in the way they handle VoIP packets.  They seem to be manipulating them differently in different scenarios.  If I connect the Verizon Pantech UML 290 4G LTE device directly to my laptop via USB and run x-lite (SIP Softphone), calls work fine.  Any connection to a router (even with the CBR400 in DMZ or IP pass-through mode) breaks the hosted VoIP connection through Verizon.  Also tried the 4G LTE to Cradlepoint and then DMZing and IP pass-through to my laptop (wired and WIFI) to run x-lite and same thing through VZ, SIP is broken.  AT&T works fine in a tether or WIFI mode.

0 Likes
Re: Verizon 4G LTE with Pantech UML 290 NAT breaks VoIP with mobile routers.
John_Getzke
Champion - Level 1

Do you know if it is possible to update the firmware on your router?  If so that would be an easy task to perform and then retest for improvements.  Perhaps this is more of a limitation of the CBR400 where traffic is getting reshaped and not recognized. 

Double NAT was mentioned before.  Wouldn't disabling NAT on the CBR400 work around the issue?  Perhaps NAT on the router is a requirement for the multiple VoIP phone enviornment and that is not possible.    

0 Likes
Re: Verizon 4G LTE with Pantech UML 290 NAT breaks VoIP with mobile routers.
corydzbinski
Newbie

The firmware is up to date on the Cradlepoint CBR400.  It's definitely not in the CBR400, i've already pursued that.  Even though NAT is required on my end for multiple phones, disabling NAT by setting the CBR400 to IP passthrough mode to allow the phone to pickup the DHCP address from Verizon didn't work either.  This works on a SIP softphone (Bria by Counterpath) and a laptop but not directly to a Polycom phone.  Very odd scenario... The traffic coming from the Bria app on the laptop probably looks slightly different (no QoS tagging for one) than the traffic directly from the Polycom phone, which leads me to believe Verizon is doing some specialized handling of SIP traffic when they see it (probably SIP ALG of some sort) which is breaking hosted VoIP.  For premise based VoIP it might work but a hosted VoIP scenario is different.  Since the server is in the cloud, if Verizon is manipulating those packet headers before it reaches the server (re-writing a real IP with a LAN IP for example), the hosted server won't know where the traffic came from to be able to communicate back and establish the call (SIP signal or audio session).  This is very common (SIP ALG) in today's routing devices.  This is a whole separate scenario to double NAT which I believe they are also doing.  This would explain why the SIP softphone Bria won't work with Verizon 4G LTE behind the NAT of the Cradlepoint CBR400.

Bottom line is that over the past week i've tested over a dozen scenarios with the 4G LTE and the Cradlepoint CBR400 and determined Verizon is breaking it.  AT&T iPhone tether actually shows some promise except that the Cradlepoint CBR400 isn't compatible with it via USB.  I'd be very curious to know if a compatible AT&T USB device would suffer from the same issues.  In light of my iPhone tether testing i'd have to say no.

0 Likes