Kitz Forum
Broadband Related => Broadband Hardware => Topic started by: grumpy old man on December 13, 2019, 11:22:38 AM
-
I have been unable to use WiFi calling on my mobile phone in my house, but it connected in other locations.
The problem has been resolved by disabling IPsec in my router settings. As IPsec relates to encryption is disabling this feature a security risk?
Thank you
gom
-
Without more details on the context I think it's unlikely it's a risk. IPsec is encryption, not used in normal Internet access but used for VPNs and some other purposes. From that point of view it's not clear what "IPsec" in the router's settings is even meant to do, but it might be that with this enabled the router is trying to participate in the IPsec session rather than just letting it through.
-
Thank you for your reply.
You have advised that IPsec is not used in normal internet access so maybe this is why it was preventing WiFi calling on my phone.
gom
-
I'd assume its IPsec Passthrough to allow it to work over NAT. An odd thing to have enabled by default as hardly anyone is going to need it.
I wonder if WiFi calling uses the same port so its somehow mangling the traffic with it on? Either way, turning it off should be fine.
-
Hi
Wi-Fi calling sets up an IPSec VPN connection, this VPN connection in it's original form doesn't work across NAT, which is what we all have. So it has a work around method when it detects NAT which is to use port 500 and 4500. Port 500 is used just to setup the connection, then it is just port 4500. I suspect your router setting was a helper for IPSec VPNs to work normally across the NAT but the implementations are often buggy and unnecessary.
Turning that setting off doesn't affect security for your Wi-Fi calling. Your phone creates an encrypted VPN connection to the mobile phone companies servers, it can't create any other kind of the connection where Wi-Fi calling will still work, so no need to worry.
Regards
Phil