Ooma Telo VOIP device can no longer connect - SOLVED

[pseudonym3k]

My Ooma Telo VOIP device (I'm a home user, this is residential service for my home phone) stopped connecting out to Ooma's servers on or about January 16th (about 2 1/2 weeks ago). It has been working for the past couple of years on the same hardware and OPNsense.

I was on 25.7 with all updates at the time it stopped working. But I just upgraded to 26.1 and it's still happening, so looking for help on this version.

A few things happened on or about the 16th:

1. ISP upgraded service in my area around that time
2. OPNsense had updates around that time
3. I migrated from ISC to DNSMasq around that time

I don't get calls every day and can't normally see the Telo device, it was another week when I realized I'd had no calls and saw the Telo was offline. Everything else had been working fine and stil is. On both 25.7 then and 26.1 now. AFAIK the Telo is the only issue.


Here's what I've done:

1. After checking basic things like swapping cables, power supply, DHCP lease gets assigned, troubleshooting using Telo's own config webpage, I called Ooma support and after several days of struggle with their various troubleshooting reports, Ooma says everything is good so if it isn't connecting the Telo is probably dead. They could not see it try to connect to their servers at all.

2. I bought a new Telo, called Ooma to activate it, we set it up, and it doesn't connect either.

3. I got referred to the next level Ooma support, they had me cable the new Telo inbetween the ISP's modem and OPNsense (it's on a protectli box), and it connected. It passes through all non Ooma traffic through. All was working again, albeit slowly, and my Ooma service was working.


I put the Telo back as a client on the LAN as it has been for years, and it doesn't connect. So I must've done something wrong on OPNsense I'm assuming, but I've no idea what since everything else works great.

I did want to try going back to ISC as a test, but on 26.1 I can't figure out how to add new devices? I don't have any plus signs anywhere to setup something new, at least not that I can see?

I do not use Unbound. DNSMasq uses the DNS servers I have under System area. I can see in the firewall logs everything is going to ones I specified and not my ISP's so I think that is working correctly. It is configured for all clients to forward all DNS queries to OPNsense (192.168.1.1) and let OPNsense handle the DNS, this way there is no client that can go around the DNS I've coded. (I think that's how it works.)

The Telo does make some DNS queries periodically, I can see that in the Firewall logs, they are going to OPNsense 192.168.1.1 just like all the other clients on my home network.

I did check that SIP ALG is still disabled and it is.

I have never done anything to use the Telo, just gave it a reserved IP address (to make it easier for me to find its setup page) and it has just worked all this time until now.

Oh, and my OPNsense configuration is very little more than the defaults, and nothing has been changed in a few years except for moving to DNSMasq. I've used a simple DNSMasq config with other routers in the past with no issue, I don't expect that's the problem now but I don't know for sure. I basically only use it to assign reserved leases and of course handle DHCP and DNS.


I am happy to try moving back to ISC for a test to narrow it down, but I need help figuring out how to add new devices. If there's anything else I can look at or try please let me know?

I don't know much about OPNsense, I'm just a home user who put it up pretty much by default a few years ago and tweaked a little over time, so please have some patience with my lack of know-how.

Thank you for any help and info on figuring this one out.

Kind regards.

[agh1701]

Are you blocking DNS request from your LAN?  I my experience telo needs to be able to send DNS requests to their own servers bypassing the routers DNS

[pseudonym3k]

telo needs to be able to send DNS requests to their own servers

Thank you for this observation. I am rerouting all DNS requests to OPNsense, to force all clients to use only the DNS servers I've configured. So yes, the Telo is making DNS queries but they are going to my DNS servers and not any hard-coded ones Telo may be requesting.

I did make this change, to have all DNS handled by OPNsense, somewhere near the time the Telo stopped connecting. I thought I had verified the Telo was still working, but perhaps it was just residual and soon wasn't. I will test this. Hopefully this is all that's wrong and I have a spare Telo.

[pseudonym3k]

It wasn't DNS, but you put me on the right path! I also configured to redirect all clients to get their NTP time from OPNsense and that was done very near the time the Telo went offline. I disabled that rule and within a minute or so, the Telo went online.

I think the DNS redirect is OK but I will check that my rule is working correctly and fix if not, and then I'll know if that is also a problem for the Telo.

Thank you so much for your insight. Marking this solved.

<rant>Ooma support levels 1 and 2 never ever mentioned any hardcoded and required servers, be them time or DNS or whatever. Not once. None of their tests and reports showed any failed connections to any time or DNS servers, all passed. Grrrrr.</rant>