Update: Configuring Untangle for AT&T, Verizon, & T-Mobile WIFI calling

This is an update to the original post “Configuring Untangle NG Firewall 13.x for AT&T WIFI calling“.

Verizon WIFI calling (no specific URL, pieced together information from logs and various forums):

  • Protocol: UDP; port: 500; destination address (CIDR): 141.207.0.0/16,162.115.0.0/16
  • Protocol: UDP; port: 4500; destination address (CIDR): 141.207.0.0/16,162.115.0.0/16

Verizon e-911 registration:

  • Protocol: TCP; port: 443; destination address (CIDR): 162.115.0.0/16

T-Mobile WIFI calling (https://www.t-mobile.com/support/coverage/wi-fi-calling-on-a-corporate-network):

  • Protocol: UDP; port: 500; destination address (CIDR): 208.54.0.0/17
  • Protocol: UDP; port: 4500; destination address (CIDR): 208.54.0.0/17
  • Protocol: TCP/UDP; port: 5061; destination address (CIDR): 208.54.0.0/17

T-Mobile handset auth:

  • Protocol: TCP; port: 443; destination address (CIDR): 66.94.0.0/19
  • Protocol: TCP; port: 993; destination address (CIDR): 66.94.0.0/19
    • *TCP 993 for T-Mobile is bypassed in another section on my firewall and I did not include it in my screenshot or bypass rule set.

T-Mobile CRL check:

  • Protocol: TCP; ports: 80,443; destination address (CIDR): 206.29.177.36

 

Bypass rules for Untangle NG Firewall 15. Note that these are bypass rules and not part of the application set, therefore these rules are not checked against any application suites (firewall, application scanner, etc.). Rename .txt to .json and import. Configure each rule for your source networks as mine are GUEST, Trusted, and OpenVPN.

Leave a Reply

Your email address will not be published. Required fields are marked *

1 × 4 =

This site uses Akismet to reduce spam. Learn how your comment data is processed.