iPhone Wi-fi calling firewall rules
studerje1
Enthusiast - Level 3

It appears that the wi-fi calling feature that has finally rolled out for iPhones with iOS 9.3 will require some firewall changes for corporate firewalls.

It looks like the feature establishes a per app vpn for the calling feature. IPsec and ike protocols appear to be in use.

I'm hoping to find documentation from Verizon on what ports and addresses to enabled for this feature.

Can anyone point me in the right direction?

Labels (1)
1 Solution
Weth
Legend

Have you seen this Cisco document fo getting wifi calling working?  IPSec using UDP ports 500 and 4500. 

Wi-Fi Calling White Paper - Cisco

View solution in original post

0 Likes
25 Replies
vortix
Enthusiast - Level 2

For what it's worth, I only observed outbound network activity on port 500 going to IPs with the following pattern:

141.207.*.232


Perhaps other IPs that don't strictly follow this pattern are used outside North America?  Also not clear on when port 4500 is used vs 500 (I've only seen outbound connections on port 500).


It seems that the best way to get an official document from Verizon would be for someone to reach out to their VZW Enterprise account rep.  VZW should be happy to share this information, as it would result in better coverage inside buildings and it would prevent Verizon from spending money on repeaters that they often place inside buildings.

0 Likes
studerje1
Enthusiast - Level 3

vortix we have also only seen outbound connections on port 500 to 141.207.*.232.

I had originally tried reaching out to Verizon around the time I started this thread, but I never got a response. I'm going to try again this week.

0 Likes
Chadi3rown
Newbie

Any updates on this ? I dmz'd my cell phone , instant connect lol ...

0 Likes
MrJeff01
Newbie

I found some stuff here:

Unblock Ports / IP Addresses - Verizon Wireless Network Extender | Verizon Wireless

I believe as stated above and from testing that UDP/500 and UDP/4500 are what are used for "WiFi Calling". That page has a list of all ports/IPs the wireless extenders use..

I know its late and an old post but maybe this will help someone..

-Jeff

0 Likes
VZWh8r4life
Newbie
Such a garbage. FYI NTP needs to be allowed.
0 Likes