I can understand your frustration with this & appreciate you reaching out to us. Verizon Wireless unfortunately, wouldn’t have a way to troubleshoot firewall issues. We only have the capability to troubleshoot our own network. Contacting Apple Support or your work facilitator will be your best option at this point. Please let me know if you have any other questions or concerns besides this that we can help with.
Follow us on Twitter @VZWSupport
If my response answered your question please click the �Correct Answer� button under my response. This ensures others can benefit from our conversation. Thanks in advance for your help with this!!
We still need info from Verizon. This is not a firewall issue. This is an issue with Verizon not having published documentation showing the IP addresses that we need to allow outbound connections to.
So far, it looks like we have crowd sourced the following information.
Enable UDP 500 & 4500 outbound to the following addresses:
18.104.22.168 - 232.sub-141-207-225.myvzw.com (IP Location shows US, California, San Jose)
22.214.171.124 - 232.sub-141-207-227.myvzw.com (IP Location shows US, Florida, Miami)
126.96.36.199 - 232.sub-141-207-175.myvzw.com (IP Location shows US, Missouri, Kansas City)
I used: http://www.ip2location.com to lookup locations, they may not be accurate.
You can start to see a bit of a pattern, as far as the IP addresses, but a true list from Verizon is really needed.
vortix thanks for the info you are seeing from Ohio.
No problem. I have a couple more IPs based on activity I've seen:
188.8.131.52 - 232.sub-141-207-149.myvzw.com (IP Location shows US, Florida, Miami)
184.108.40.206 - 232.sub-141-207-199.myvzw.com (IP Location shows US, Texas, Dallas)
The pattern continues....
But as you said, Verizon needs to clarify the complete list in an official document for IT admins that want to enable (or disable) support for Wifi calling in their organizations.
The IP ranges seem to be all over the 220.127.116.11/16 space.. We've recorded the following IP's:
The only thing that seems to be consistent is the last octet is either 232 or 233 ..
The other problem is the IP ranges don't really fit within a CIDR boundary either so creating a restrictive firewall ruleset looks to be a bit troublesome.
On my firewall I see these sites:
Please let us know the names and/or IP addresses that the phone will need to communicate with so that we can add rules to our firewalls to allow this traffic.
Here's a complete list from our world wide firewall over the past few days..
Clearly they are not consistent and while adding 18.104.22.168/16 may be huge, I don't see any way to really narrow this down cleanly.
Great info, Haburi...thanks for sharing!
Verizon - I would suggest adding required IPs/ports to the Wi-Fi Calling FAQ at Wi Fi Calling FAQs | Verizon Wireless
Also, the question at the bottom of the FAQ ("Why can't I make or receive Wi-Fi calls?") should have a couple bullet points added:
- The Wi-Fi network you are connected to doesn't allow access to Verizon's Wi-Fi Calling servers
- The cellular signal is stronger than the Wi-Fi signal
Haburi That is a large list. How did you come about getting all those? They definitely break the pattern that we have been seeing as far everything ending in .232.