How does port triggering work?

I'm using a voip application (cqphone) that requires me to forward ports.
Port forwarding works, but only for one computer. I'd like to use that
application on multiple wireless computers, but only one at a time.
The router is a Westell 327W.
If I set port triggering, the first use of cqphone on one computer works.
But if I turn off the application on one computer and on on the second
machine, the ports do not get forwarded. Resetting the router
lets me use the program from any one computer.
I expected the ports to get re-forwarded when the application
addresses the trigger port from a different computer. This does not
appear to be the case.

How do I get the ports un-triggered or re-triggered or whatever
it takes to make the applications work on any single computer?
Resetting the router is not an option.

Thanks, mike

On Fri, 26 Feb 2010 12:49:05 -0800, mike <(E-Mail Removed)> wrote:

>I'm using a voip application (cqphone) that requires me to forward ports.
>Port forwarding works, but only for one computer. I'd like to use that
>application on multiple wireless computers, but only one at a time.
>The router is a Westell 327W.
>If I set port triggering, the first use of cqphone on one computer works.
>But if I turn off the application on one computer and on on the second
>machine, the ports do not get forwarded. Resetting the router
>lets me use the program from any one computer.
>I expected the ports to get re-forwarded when the application
>addresses the trigger port from a different computer. This does not
>appear to be the case.
>
>How do I get the ports un-triggered or re-triggered or whatever
>it takes to make the applications work on any single computer?
>Resetting the router is not an option.

To my knowledge, your behavioral description is exactly what I would
expect. When you manually forward ports, you have to select *one* LAN
IP address as the destination. Likewise, when you use port triggering,
which I think of as 'auto port forwarding', the first LAN IP to
trigger the forwarding will be recognized as the destination IP. I
have never seen a feature where a second LAN IP can take over as the
destination IP.

I'll watch this thread to see if I'm missing anything. Hopefully I'm
completely wrong.

Alternatively, a quick google search reveals that port forwarding
generally isn't necessary for the cqphone and its related video app.
Apparently your case is one of the exceptions, unfortunately. I assume
you've tried it without any forwarding at all and it didn't work.

Char Jackson wrote:
> On Fri, 26 Feb 2010 12:49:05 -0800, mike <(E-Mail Removed)> wrote:
>
>> I'm using a voip application (cqphone) that requires me to forward ports.
>> Port forwarding works, but only for one computer. I'd like to use that
>> application on multiple wireless computers, but only one at a time.
>> The router is a Westell 327W.
>> If I set port triggering, the first use of cqphone on one computer works.
>> But if I turn off the application on one computer and on on the second
>> machine, the ports do not get forwarded. Resetting the router
>> lets me use the program from any one computer.
>> I expected the ports to get re-forwarded when the application
>> addresses the trigger port from a different computer. This does not
>> appear to be the case.
>>
>> How do I get the ports un-triggered or re-triggered or whatever
>> it takes to make the applications work on any single computer?
>> Resetting the router is not an option.
>
> To my knowledge, your behavioral description is exactly what I would
> expect. When you manually forward ports, you have to select *one* LAN
> IP address as the destination. Likewise, when you use port triggering,
> which I think of as 'auto port forwarding', the first LAN IP to
> trigger the forwarding will be recognized as the destination IP. I
> have never seen a feature where a second LAN IP can take over as the
> destination IP.

Depends on what you mean by "take over". If the first computer is no longer
using the port, why shouldn't the second one be able to trigger it?
Yes, it would cause conflicts if you tried to use both at the same
time, but I'm not. Having to reset the modem to get the port back
seems like the wrong thing to do.
>
> I'll watch this thread to see if I'm missing anything. Hopefully I'm
> completely wrong.
>
> Alternatively, a quick google search reveals that port forwarding
> generally isn't necessary for the cqphone and its related video app.
> Apparently your case is one of the exceptions, unfortunately. I assume
> you've tried it without any forwarding at all and it didn't work.

That's odd. What I've read says you need to forward 24960-24962.
If I don't, it don't work, and neither does it work for anybody I talk with.

If you plug your computer directly into a modem without a router, you
don't have anything to forward and it should work fine. That should
work for anybody on dialup or the stock router-less modem you get with DSL.
>
ON a related topic, what's UPNP?
I managed to get skype to work on different machines without explicit
port forwarding by turning on
upnp, but that didn't help cqphone.

On Fri, 26 Feb 2010 18:49:33 -0800, mike <(E-Mail Removed)> wrote:

>Char Jackson wrote:
>>
>> To my knowledge, your behavioral description is exactly what I would
>> expect. When you manually forward ports, you have to select *one* LAN
>> IP address as the destination. Likewise, when you use port triggering,
>> which I think of as 'auto port forwarding', the first LAN IP to
>> trigger the forwarding will be recognized as the destination IP. I
>> have never seen a feature where a second LAN IP can take over as the
>> destination IP.
>
>Depends on what you mean by "take over". If the first computer is no longer
>using the port, why shouldn't the second one be able to trigger it?
>Yes, it would cause conflicts if you tried to use both at the same
>time, but I'm not. Having to reset the modem to get the port back
>seems like the wrong thing to do.

I suspect the problem is that there may not be a mechanism in your
router for releasing the current forwarding rule, and it likely can't
be retriggered until it has been released.

I think you need something like this, although this exact solution
likely won't work with your hardware:
http://pages.cs.wisc.edu/~sschang/fi.../dpf/basic.htm
Also click the next page, "How DPF Works".

>> Alternatively, a quick google search reveals that port forwarding
>> generally isn't necessary for the cqphone and its related video app.
>> Apparently your case is one of the exceptions, unfortunately. I assume
>> you've tried it without any forwarding at all and it didn't work.
>
>That's odd. What I've read says you need to forward 24960-24962.
>If I don't, it don't work, and neither does it work for anybody I talk with.

Thanks for confirming that you're one of the exceptions that requires
port forwarding. Bummer.

>If you plug your computer directly into a modem without a router, you
>don't have anything to forward and it should work fine. That should
>work for anybody on dialup or the stock router-less modem you get with DSL.

This is a stretch, but if by chance your ISP allows you to use
multiple IP's, then you could connect each PC directly (via a switch)
to the DSL modem. That would solve the cqphone issue, but you'd have
to rebuild the LAN, for example by adding a second NIC to each PC.
That's not very elegant.

>ON a related topic, what's UPNP?
>I managed to get skype to work on different machines without explicit
>port forwarding by turning on upnp, but that didn't help cqphone.

http://en.wikipedia.org/wiki/Upnp
It looks like UPNP has some of what you're looking for, but I think it
has to be explicitly supported in order to work. Not sure...

mike wrote:
> I'm using a voip application (cqphone) that requires me to forward
> ports. Port forwarding works, but only for one computer. I'd like to
> use that application on multiple wireless computers, but only one at
> a time. The router is a Westell 327W.
> If I set port triggering, the first use of cqphone on one computer
> works. But if I turn off the application on one computer and on on
> the second machine, the ports do not get forwarded. Resetting the
> router lets me use the program from any one computer.
> I expected the ports to get re-forwarded when the application
> addresses the trigger port from a different computer. This does not
> appear to be the case.
>
> How do I get the ports un-triggered or re-triggered or whatever
> it takes to make the applications work on any single computer?
> Resetting the router is not an option.
>
> Thanks, mike

This may or may not be of help but two things come to mind with regards to
your problem.

1. Is your router using the latest version of it's operating software?
Possibly a software upgrade might alleviate your problem.

2. From reading the CQPhone web site "Problems" sectopm. they state "Tests
with popular home type routers (LinkSys, Netgear, Belkin) show there is no
need to configure ports for these routers." With that in mind, you might
want to try placing your Westel in it's "Bridging" mode (basically turning
off all of it's router and PPPo? functions) and adding an external router,
like a Linksys, in series with the Westel. The external router would be
configured to provide the PPPoE or A data to the ISP and you would then use
the router functions of the Linksys to run your network. Check your Westel
router prior to acquiring an external router to make sure your link is using
PPPoE or PPPoA as not all routers support both options. Qwest in my local
area has people on both PPPoE and PPPoA with them migrating over to PPPoE
when Qwest forces a software upgrade into the router they own or replaces a
bad box. It sure surprised me when I replaced a bad box that had been using
PPPoA and the new one came up as PPPoE and actually worked.

True you have to get your hands on a compatible box to test with but they
can be purchased new on TigerDirect or Newegg for around $15. or less so if
you choose eBay don't pay too much for a used one. Small used computer
shops have been known to acquire them from time to time and sell them at
give-a-way prices. Just be sure to plug it in at their place in case they
have the wrong power transformer. (quite common on used equipment that use
transformers)

If your ISP is like mine they most likely not support your use of bridging
but they won't actively stop you either. It adds another layer of confusion
(your external router) that they have not scripted into the troubleshooting
manual they provide to the foreign nationals at the help desk.

GlowingBlueMist wrote:
<< snip >>
Ok for those who are unable to translate, the misspelled word "sectopm"
should have read "section" in the following section.

2. From reading the CQPhone web site "Problems" sectopm. they state "Tests
with popular home type routers (LinkSys, Netgear, Belkin) show there is no
need to configure ports for these routers."

<< snip >>

GlowingBlueMist wrote:
> mike wrote:
>> I'm using a voip application (cqphone) that requires me to forward
>> ports. Port forwarding works, but only for one computer. I'd like to
>> use that application on multiple wireless computers, but only one at
>> a time. The router is a Westell 327W.
>> If I set port triggering, the first use of cqphone on one computer
>> works. But if I turn off the application on one computer and on on
>> the second machine, the ports do not get forwarded. Resetting the
>> router lets me use the program from any one computer.
>> I expected the ports to get re-forwarded when the application
>> addresses the trigger port from a different computer. This does not
>> appear to be the case.
>>
>> How do I get the ports un-triggered or re-triggered or whatever
>> it takes to make the applications work on any single computer?
>> Resetting the router is not an option.
>>
>> Thanks, mike
>
> This may or may not be of help but two things come to mind with regards to
> your problem.
>
> 1. Is your router using the latest version of it's operating software?
> Possibly a software upgrade might alleviate your problem.
>
> 2. From reading the CQPhone web site "Problems" sectopm. they state "Tests
> with popular home type routers (LinkSys, Netgear, Belkin) show there is no
> need to configure ports for these routers." With that in mind, you might
> want to try placing your Westel in it's "Bridging" mode (basically turning
> off all of it's router and PPPo? functions) and adding an external router,
> like a Linksys, in series with the Westel. The external router would be
> configured to provide the PPPoE or A data to the ISP and you would then use
> the router functions of the Linksys to run your network.

I ran this configuration initially. I can't remember what I didn't like
about it, but I went back to the 327W.

I currently have a D-link DI-624 on a separate subnet with it's wan port
plugged into the westel. The D-link wireless port is unsecured for
testing and
allows me to surf the web with some isolation from my primary secured
subnet. Comes in handy for old PDA's that don't support WPA. I don't
expect the subnet isolation is very secure, but I only power it up when
I need it.

I tried to access cqphone thru the second router without port forwarding.
It didn't work. I don't understand
how the double NAT process works to know if I should expect it to work
at all.
Check your Westel
> router prior to acquiring an external router to make sure your link is using
> PPPoE or PPPoA as not all routers support both options. Qwest in my local
> area has people on both PPPoE and PPPoA with them migrating over to PPPoE
> when Qwest forces a software upgrade into the router they own or replaces a
> bad box. It sure surprised me when I replaced a bad box that had been using
> PPPoA and the new one came up as PPPoE and actually worked.

Years ago, when I first signed up with Verizon DSL, I had a lot of
hassle with PPPoE and passwords and such. Now, I just plug in the phone
line, wait for it to figure out that it has a new modem then it just works.
>
> True you have to get your hands on a compatible box to test with but they
> can be purchased new on TigerDirect or Newegg for around $15. or less so if
> you choose eBay don't pay too much for a used one. Small used computer
> shops have been known to acquire them from time to time and sell them at
> give-a-way prices. Just be sure to plug it in at their place in case they
> have the wrong power transformer. (quite common on used equipment that use
> transformers)
I have half a dozen routers. I don't remember any of them working with
cqphone
without port forwarding, but it's been a long time...
The person I talk with most on cqphone is adamant that he never needed to
forward ports. Every time he calls me up and says it quit working,
we go in and forward the ports to make it work again.

I don't understand how we could expect it to work without port forwarding.
For outgoing calls, the computer sends data to the router. The router
has only one place to send it, out the modem. That works.
But for incoming calls, the incoming data sees several computers. Without
forwarding, how does the router know which computer to ring?

>
> If your ISP is like mine they most likely not support your use of bridging
> but they won't actively stop you either. It adds another layer of confusion
> (your external router) that they have not scripted into the troubleshooting
> manual they provide to the foreign nationals at the help desk.
>
>

mike wrote:
> GlowingBlueMist wrote:
>> mike wrote:
>>> I'm using a voip application (cqphone) that requires me to forward
>>> ports. Port forwarding works, but only for one computer. I'd like
>>> to use that application on multiple wireless computers, but only
>>> one at a time. The router is a Westell 327W.
>>> If I set port triggering, the first use of cqphone on one computer
>>> works. But if I turn off the application on one computer and on on
>>> the second machine, the ports do not get forwarded. Resetting the
>>> router lets me use the program from any one computer.
>>> I expected the ports to get re-forwarded when the application
>>> addresses the trigger port from a different computer. This does not
>>> appear to be the case.
>>>
>>> How do I get the ports un-triggered or re-triggered or whatever
>>> it takes to make the applications work on any single computer?
>>> Resetting the router is not an option.
>>>
>>> Thanks, mike
>>
>> This may or may not be of help but two things come to mind with
>> regards to your problem.
>>
>> 1. Is your router using the latest version of it's operating
>> software? Possibly a software upgrade might alleviate your problem.
>>
>> 2. From reading the CQPhone web site "Problems" sectopm. they state
>> "Tests with popular home type routers (LinkSys, Netgear, Belkin)
>> show there is no need to configure ports for these routers." With
>> that in mind, you might want to try placing your Westel in it's
>> "Bridging" mode (basically turning off all of it's router and PPPo?
>> functions) and adding an external router, like a Linksys, in series
>> with the Westel. The external router would be configured to provide
>> the PPPoE or A data to the ISP and you would then use the router
>> functions of the Linksys to run your network.
>
> I ran this configuration initially. I can't remember what I didn't
> like about it, but I went back to the 327W.
>
> I currently have a D-link DI-624 on a separate subnet with it's wan
> port plugged into the westel. The D-link wireless port is unsecured
> for testing and
> allows me to surf the web with some isolation from my primary secured
> subnet. Comes in handy for old PDA's that don't support WPA. I don't
> expect the subnet isolation is very secure, but I only power it up
> when I need it.
>
> I tried to access cqphone thru the second router without port
> forwarding. It didn't work. I don't understand
> how the double NAT process works to know if I should expect it to work
> at all.
> Check your Westel
>> router prior to acquiring an external router to make sure your link
>> is using PPPoE or PPPoA as not all routers support both options. Qwest in
>> my local area has people on both PPPoE and PPPoA with them
>> migrating over to PPPoE when Qwest forces a software upgrade into
>> the router they own or replaces a bad box. It sure surprised me
>> when I replaced a bad box that had been using PPPoA and the new one
>> came up as PPPoE and actually worked.
>
> Years ago, when I first signed up with Verizon DSL, I had a lot of
> hassle with PPPoE and passwords and such. Now, I just plug in the
> phone line, wait for it to figure out that it has a new modem then it
> just works.
>>
>> True you have to get your hands on a compatible box to test with but
>> they can be purchased new on TigerDirect or Newegg for around $15.
>> or less so if you choose eBay don't pay too much for a used one. Small
>> used computer shops have been known to acquire them from time
>> to time and sell them at give-a-way prices. Just be sure to plug it
>> in at their place in case they have the wrong power transformer.
>> (quite common on used equipment that use transformers)
> I have half a dozen routers. I don't remember any of them working
> with cqphone
> without port forwarding, but it's been a long time...
> The person I talk with most on cqphone is adamant that he never
> needed to forward ports. Every time he calls me up and says it quit
> working, we go in and forward the ports to make it work again.
>
> I don't understand how we could expect it to work without port
> forwarding. For outgoing calls, the computer sends data to the
> router. The router has only one place to send it, out the modem. That
> works.
> But for incoming calls, the incoming data sees several computers. Without
> forwarding, how does the router know which computer to ring?
>
>>
>> If your ISP is like mine they most likely not support your use of
>> bridging but they won't actively stop you either. It adds another
>> layer of confusion (your external router) that they have not
>> scripted into the troubleshooting manual they provide to the foreign
>> nationals at the help desk.

I'm sure others will tell you if I'm wrong (and I admit to being long
winded) but here is my take on your problem.

Since your DSL ISP actively tries to sell VOIP service, I don't expect them
to admit a problem exists with their router or assist you in fixing this
problem. I would not put it past some ISP's to actually cripple the
software in the routers just to cause users to give up on a freeware or 3rd
party VOIP application., especially after trying to fight your way through
their first 3 levels of tech support hell.

For most personal routers, the 4 or so physical ports , and wireless if it
exists, are nothing more than a (dumb) bridge wired directly to the built in
one port router or DSL modem/router. Inbound data from the router is copied
to all 4 ports via the bridge. Only the PC that is looking for the inbound
data in question is expected to respond. Your CQPhone application is
listening to port 24960 for inbound calls. When the program hears the
inbound "call" it then goes through the necessary procedures to verify the
inbound call. Then the program starts to use 46960-25962 according to the
call requirements.

True industrial routers don't use a bridge but have actual individual
Ethernet ports so that data can be routed directly to them using complicated
port and route tables. Some built in firewalls figure that if an IP device
starts using specific ports that those ports will continue to be used by
that IP. Hence they work for the first call but then will not allow a
second computer to later accept or properly make a call. Power cycling that
kind of router clears the stored routing and port assignments and again
allows the "first" PC that makes a connection to "own" the ports it uses. I
suspect your Westel software has this type of firewall.

One thing that can confuse things is if you have the CQPhone program
actually running on more than one computer at a time with this type of
router. The programs all hear the inbound call and all try to answer. The
problem is only the first that makes it to through the router stakes it's
claim on the needed outbound ports, which the router's firewall then later
refuses to properly release.

Other routers take a more caviler approach to individual port usage. They
allow one computer (IP) to make use of a port or group of ports but when the
computer drops the call it releases them for use by the next, or same,
computer for the next call. That is why some small routers work just fine
while others need to be power cycled.

Since your Westel is already refusing to allow ports to be dynamically be
reassigned after use by another computer (IP address) adding a second router
behind it while the internal firewall is still active does nothing to "fix"
the problem. In fact it makes it impossible to determine if the second
router also has the same kind of internal firewall.

After switching the Westel to bridging mode (turning off the built in
firewall among other things) or replacing it with another DSL modem/router
that has the more user friendly firewall will you be able to accept or make
individual outbound calls on more than one computer with out the reboot
issue. As for which router models have firewalls that actually release
ports after use is anyone's guess. I'd go on the CQPhone forums and ask
other users which exact model router (and software release) they are using
that is allowing consecutive calls be made on individual PC's of attached to
the router. Note I said consecutive and not simultaneous. With out an
actual industrial style router with true individual Ethernet ports (and
increased complexity of configuration) you only have one set of ports for
use at a time regardless of the IP address on the PC handling the call. It
would be up to the application program to determine the ports were already
in use and to switch to alternate ports, which CQPhone appears not to be
setup to do.

I've gone through similar witch hunts on other routers trying to clear
problems for the users that I used to support. Most times it was an actual
PC firewall problem but I did run into a few that were router specific. An
example is the VOIP company called NetTalk. On their forums they actually
have a list of routers that work rather than (block) their device so people
can locate one that will work properly. Their main competitor tries to hide
that kind of problem making it difficult to troubleshoot.
http://forum.nettalk.com/viewtopic.php?f=8&t=169. Information of this kind
really helps when trying to get a customer's device to work if there are
problems with the installation.

GlowingBlueMist wrote:
> mike wrote:
>> GlowingBlueMist wrote:
>>> mike wrote:
>>>> I'm using a voip application (cqphone) that requires me to forward
>>>> ports. Port forwarding works, but only for one computer. I'd like
>>>> to use that application on multiple wireless computers, but only
>>>> one at a time. The router is a Westell 327W.
>>>> If I set port triggering, the first use of cqphone on one computer
>>>> works. But if I turn off the application on one computer and on on
>>>> the second machine, the ports do not get forwarded. Resetting the
>>>> router lets me use the program from any one computer.
>>>> I expected the ports to get re-forwarded when the application
>>>> addresses the trigger port from a different computer. This does not
>>>> appear to be the case.
>>>>
>>>> How do I get the ports un-triggered or re-triggered or whatever
>>>> it takes to make the applications work on any single computer?
>>>> Resetting the router is not an option.
>>>>
>>>> Thanks, mike
>>> This may or may not be of help but two things come to mind with
>>> regards to your problem.
>>>
>>> 1. Is your router using the latest version of it's operating
>>> software? Possibly a software upgrade might alleviate your problem.
>>>
>>> 2. From reading the CQPhone web site "Problems" sectopm. they state
>>> "Tests with popular home type routers (LinkSys, Netgear, Belkin)
>>> show there is no need to configure ports for these routers." With
>>> that in mind, you might want to try placing your Westel in it's
>>> "Bridging" mode (basically turning off all of it's router and PPPo?
>>> functions) and adding an external router, like a Linksys, in series
>>> with the Westel. The external router would be configured to provide
>>> the PPPoE or A data to the ISP and you would then use the router
>>> functions of the Linksys to run your network.
>> I ran this configuration initially. I can't remember what I didn't
>> like about it, but I went back to the 327W.
>>
>> I currently have a D-link DI-624 on a separate subnet with it's wan
>> port plugged into the westel. The D-link wireless port is unsecured
>> for testing and
>> allows me to surf the web with some isolation from my primary secured
>> subnet. Comes in handy for old PDA's that don't support WPA. I don't
>> expect the subnet isolation is very secure, but I only power it up
>> when I need it.
>>
>> I tried to access cqphone thru the second router without port
>> forwarding. It didn't work. I don't understand
>> how the double NAT process works to know if I should expect it to work
>> at all.
>> Check your Westel
>>> router prior to acquiring an external router to make sure your link
>>> is using PPPoE or PPPoA as not all routers support both options. Qwest in
>>> my local area has people on both PPPoE and PPPoA with them
>>> migrating over to PPPoE when Qwest forces a software upgrade into
>>> the router they own or replaces a bad box. It sure surprised me
>>> when I replaced a bad box that had been using PPPoA and the new one
>>> came up as PPPoE and actually worked.
>> Years ago, when I first signed up with Verizon DSL, I had a lot of
>> hassle with PPPoE and passwords and such. Now, I just plug in the
>> phone line, wait for it to figure out that it has a new modem then it
>> just works.
>>> True you have to get your hands on a compatible box to test with but
>>> they can be purchased new on TigerDirect or Newegg for around $15.
>>> or less so if you choose eBay don't pay too much for a used one. Small
>>> used computer shops have been known to acquire them from time
>>> to time and sell them at give-a-way prices. Just be sure to plug it
>>> in at their place in case they have the wrong power transformer.
>>> (quite common on used equipment that use transformers)
>> I have half a dozen routers. I don't remember any of them working
>> with cqphone
>> without port forwarding, but it's been a long time...
>> The person I talk with most on cqphone is adamant that he never
>> needed to forward ports. Every time he calls me up and says it quit
>> working, we go in and forward the ports to make it work again.
>>
>> I don't understand how we could expect it to work without port
>> forwarding. For outgoing calls, the computer sends data to the
>> router. The router has only one place to send it, out the modem. That
>> works.
>> But for incoming calls, the incoming data sees several computers. Without
>> forwarding, how does the router know which computer to ring?
>>
>>> If your ISP is like mine they most likely not support your use of
>>> bridging but they won't actively stop you either. It adds another
>>> layer of confusion (your external router) that they have not
>>> scripted into the troubleshooting manual they provide to the foreign
>>> nationals at the help desk.
>
> I'm sure others will tell you if I'm wrong (and I admit to being long
> winded) but here is my take on your problem.
>
> Since your DSL ISP actively tries to sell VOIP service, I don't expect them
> to admit a problem exists with their router or assist you in fixing this
> problem. I would not put it past some ISP's to actually cripple the
> software in the routers just to cause users to give up on a freeware or 3rd
> party VOIP application., especially after trying to fight your way through
> their first 3 levels of tech support hell.
>
> For most personal routers, the 4 or so physical ports , and wireless if it
> exists, are nothing more than a (dumb) bridge wired directly to the built in
> one port router or DSL modem/router. Inbound data from the router is copied
> to all 4 ports via the bridge. Only the PC that is looking for the inbound
> data in question is expected to respond. Your CQPhone application is
> listening to port 24960 for inbound calls. When the program hears the
> inbound "call" it then goes through the necessary procedures to verify the
> inbound call. Then the program starts to use 46960-25962 according to the
> call requirements.
>
> True industrial routers don't use a bridge but have actual individual
> Ethernet ports so that data can be routed directly to them using complicated
> port and route tables. Some built in firewalls figure that if an IP device
> starts using specific ports that those ports will continue to be used by
> that IP. Hence they work for the first call but then will not allow a
> second computer to later accept or properly make a call. Power cycling that
> kind of router clears the stored routing and port assignments and again
> allows the "first" PC that makes a connection to "own" the ports it uses. I
> suspect your Westel software has this type of firewall.
>
> One thing that can confuse things is if you have the CQPhone program
> actually running on more than one computer at a time with this type of
> router. The programs all hear the inbound call and all try to answer. The
> problem is only the first that makes it to through the router stakes it's
> claim on the needed outbound ports, which the router's firewall then later
> refuses to properly release.
>
> Other routers take a more caviler approach to individual port usage. They
> allow one computer (IP) to make use of a port or group of ports but when the
> computer drops the call it releases them for use by the next, or same,
> computer for the next call. That is why some small routers work just fine
> while others need to be power cycled.
>
> Since your Westel is already refusing to allow ports to be dynamically be
> reassigned after use by another computer (IP address) adding a second router
> behind it while the internal firewall is still active does nothing to "fix"
> the problem. In fact it makes it impossible to determine if the second
> router also has the same kind of internal firewall.
>
> After switching the Westel to bridging mode (turning off the built in
> firewall among other things) or replacing it with another DSL modem/router
> that has the more user friendly firewall will you be able to accept or make
> individual outbound calls on more than one computer with out the reboot
> issue. As for which router models have firewalls that actually release
> ports after use is anyone's guess.

I was hoping there was a standard that determined how this works.
Silly me...

I'd go on the CQPhone forums and ask
> other users which exact model router (and software release) they are using
> that is allowing consecutive calls be made on individual PC's of attached to
> the router. Note I said consecutive and not simultaneous. With out an
> actual industrial style router with true individual Ethernet ports (and
> increased complexity of configuration) you only have one set of ports for
> use at a time regardless of the IP address on the PC handling the call. It
> would be up to the application program to determine the ports were already
> in use and to switch to alternate ports, which CQPhone appears not to be
> setup to do.
>
> I've gone through similar witch hunts on other routers trying to clear
> problems for the users that I used to support. Most times it was an actual
> PC firewall problem but I did run into a few that were router specific. An
> example is the VOIP company called NetTalk. On their forums they actually
> have a list of routers that work rather than (block) their device so people
> can locate one that will work properly. Their main competitor tries to hide
> that kind of problem making it difficult to troubleshoot.
> http://forum.nettalk.com/viewtopic.php?f=8&t=169. Information of this kind
> really helps when trying to get a customer's device to work if there are
> problems with the installation.
>
>
The Westell 327W has one feature that I really like. It allows me to
forward
a port to a hostname. I have one main computer plus a dozen or so
others for special purposes that are mostly off. Most of those have
swappable hard drives.
Forwarding to a hostname greatly simplifies talking to those machines,
independently of which wireless card or disk is currently installed.

I tried to configure the firewall on the westell.
The syntax/semantics of the rules were confusing enough, but there
are complex interactions between the rules that appear to be
largely undocumented. And there doesn't appear to be any way to
tell if the router blocked something without logging into the router and
examining
logs.

I gave up and turned it off. Comodo firewall on the computer lets me make
decisions on the fly and make them temporary or permanent. I just have
to have faith it's doing what I expect.

Thanks for the inputs. Looks like the effort to make it better is gonna
be much greater than the benefit.

mikr

<< snip >>
> The Westell 327W has one feature that I really like. It allows me to
> forward
> a port to a hostname. I have one main computer plus a dozen or so
> others for special purposes that are mostly off. Most of those have
> swappable hard drives.
> Forwarding to a hostname greatly simplifies talking to those machines,
> independently of which wireless card or disk is currently installed.
>
> I tried to configure the firewall on the westell.
> The syntax/semantics of the rules were confusing enough, but there
> are complex interactions between the rules that appear to be
> largely undocumented. And there doesn't appear to be any way to
> tell if the router blocked something without logging into the router
> and examining
> logs.
>
> I gave up and turned it off. Comodo firewall on the computer lets me
> make decisions on the fly and make them temporary or permanent. I
> just have to have faith it's doing what I expect.
>
> Thanks for the inputs. Looks like the effort to make it better is
> gonna be much greater than the benefit.
>
> mikr

One last thought is to assign your second router a fixed IP on it's WAN side
above the DHCP settings of your Westel and then tell the Westel to put the
second router's IP address into the DMZ as if it was a computer server. Let
the second router do it's NAT, DHCP and what knot. With luck it's port
handling and firewall is more friendly to devices attached to it. Having it
as a DMZ device should eliminate the Westel as the port handling boss of the
devices attached to the second router. Not sure if this would hurt your
hostname use of the Westel as you have it configured.

Oh well, another day and other problem... Good luck.