After seeing so many people posting UMA questions and problems I figured it was time to create a how-to thread explaining the setup.
These settings are for newer Linksys routers. I hope this revision helps. I am not planning on any tutorials for any other brand of router since I only use Linksys and would only recommend them. I have used Linksys for over 15 years and have never had any problems and if it ain't broke...don't fix it.
So here it goes.
- Port Range Forwarding needs to be enabled to allow port 4101 (to and from) for both TCP and UDP and QoS should also be enabled to allow for high or highest priority to your Curve's MAC address. See example below:
Port Range Forwarding
**Also, as seen in the example above, if your router has a 'WMM' option (Wi-Fi MultiMedia), enable it as well. This helps your router determine which network traffic takes priority.
The HotSpot@Home service relies on the IPSec security protocol to provide secure calling over Wi-Fi. T-Mobile-branded wireless routers are configured to permit IPSec communications by default, but other devices can / may be configured to block IPSec. The firewall policy on your router may have been configured (intentionally or otherwise) to prevent IPSec communications.
In order for IPSec to work, the following ports need to be allowed through the firewall in both directions:
(Note: these only need to be configured manually if you do not have the IPSec Passthrough option on your router)
- UDP port 500 (Internet Key Exchange or “IKE”)
- UDP port 4500 (IPSec/IKE NAT-T)
Many consumer-grade routers, including the T-Mobile branded Wi-Fi router, include a simple check-box that will enable IPSec communications. This option is typically named ‘Enable IPSec passthrough’ or something similar.
- Next you need to configure the Blackberry Device Manager. You can find this by right clicking on 'Blackberry Device Manager' which should be located next to the DM icon in your system tray. Choose 'Properties' then go to the 'Blackberry Router Configuration', click 'Add Router' and type in as shown in the example below.
- Last, if there is more than one access point or wireless router and your phone can pick up more than one signal, it may be constantly trying to switch between them. You should go into your Wi-Fi options and UNCHECK allow inter-access point handover.
Following these settings should provide you with the 'seemless' UMA calling as advertised. I have been using these settings since the 8320 was released along with my 8900 and I have never experienced any UMA calling problems.
Some of you may be questioning where I came up with port numbers mentioned in the post. They came from an extensive knowledge of ports and protocols and network engineering experience.
**Explanation about Port 4101**
The port number 4101 is identified with the execution of the BlackBerry Enterprise Server (BES) used by the mobile device to communicate with the users computer. This software is used for synchronization of data between the two devices. It also allows the user to perform various functions such as emailing and management of contacts, folders and calendars.
NewOak, prior to its acquisition by Bay Networks, has also been identified to utilize this network communication port in relation to its VPN (Virtual Private Networking) implementation.
This system was in place before the VPN products of NewOak that catered to the IPSec connections.
Port 4101 is still utilized by Blackberry devices for certain data protocols and therefor I still implement it on my network. The settings that I use may or may not work for every user but as a network professional, I find all the settings used have provided me with flawless UMA since T-Mo rolled out the service. I make no guarantees or promises, I simply provide advice (free of charge mind you).
I am adding some screen shots from a newer Linksys router (WRT310N) since there have been some questions about the Blackberry and 'N' routers. In most of the newer Linksys routers, you have an option to allocate an IP address for certain device MAC addresses on the network once connected. You should set one up for your BB so that acquiring an IP address will be smooth when Wi-Fi is turned on.
Here is the first example:
Next is the Basic wireless section. Here is where you'll select G-only for the network mode:
Next is the wireless security. In orer for the Blackberry to operate correctly and securely, the best method of encryption is AES (Advanced Encryption Standard). I use WPA2 Personal on my network:
Last is the QoS section. The newer Linksys routers have several new settings that older models do not. You can now specify specific MAC address for bandwidth allocation. Your BB MAC can be found under
Option --> Status --> WLAN MAC
One other thing you can do if you experience interference or calls dropping is to change the broadcast channel on your router. Most are set to six (6) by default but you can change that and try 11, or any other channel.