WiFi calling, which allows a cell phone to make and receive calls over the local wifi network, rather than using the cellular network has been a huge benefit when working in spaces that are not well served by the cellular system. It’s both a way to save on using up cellular minutes, or to allow connections where the cellular signal is too weak for consistent call quality. Android phone users on Swarthmore’s campus have had this capability for a long time, however Apple iPhone users have not had similar success. Which, perhaps obviously, has been frustrating for many. Proposed solutions have included the effort to boost cellular signals into our historic concrete and stone buildings, but that’s an expensive option, requiring equipment that’s compatible with each carrier. In particular, it was an issue in Parrish, where we can’t make certain types of changes, due to it’s historic nature.
Tri-Co involvement, expensive alternatives
Realizing that both iPhones and Android phones could use WiFi calling at Haverford, who has a similar network configuration and equipment to ours, while Bryn Mawr, with their similar set up did not have iPhone WiFi calling working, motivated our Networking team to get this figured out. Seeing few alternatives and being asked for more expensive cellular boosters into more buildings, they’ve been doggedly working on the problem since November, 2023.
Complex problem
The work involved many iterations and back and forth with engineers at Aruba, Apple, and CNI (our network equipment consultant and distributor). Many network packet captures were required to figure out what was going on. Finally, after months of chasing down leads, our team was able to hold a design session between network staff. Examining the traffic timing going out of the firewall, noting that traffic carried by the TP-link network setup at our athletics facilities and asking, why does it work there and not across the rest of campus? The team had to evaluate the operation of our switches, details of the network configuration, and look into Apple’s way of doing things, which isn’t always easy to figure out.
It turned out to be an obscure detail of the way many firewalls are configured. Traffic to and from iPhones use a different Internet protocol (IP) than Android phones. To clarify, cell phones generally use what is basically a VPN (IPSEC) connection to create a secure tunnel to the phone network provider. For the iPhone, that encapsulating security payload protocol uses an obscure method known as protocol 50 rather than more common protocols like TCP and UDP. Android phones follow “best practices” and use the UDP protocol on port 4500. Our firewall naturally blocks obscure protocols that we are not aware are in use. Once protocol 50 was permitted specifically from the phone service provider address ranges, iPhones were able to connect with their providers over our WiFi networks.
Great teamwork
This has been one of the most perplexing issues the Networking team have worked on in recent memory. Thanks to persistence, and a lot of time and effort on Martin’s part with significant effort from Aaron, and support from Denny, WiFi calling for iPhones has now been resolved.
Success!
After implementing the fix early last week, our team quickly saw over 800 iPhones build connections to their providers. Fixing WiFi calling is essentially a zero cost upgrade vs. hundreds of thousands of dollars to boost cellular across the campus, and it’s something that has been touted by some of our network equipment providers. We expect that our colleagues at Bryn Mawr will soon be able to implement the same fix on their campus.
We’d like to thank the Networking team, all of whom worked together to figure this complex issue out, while keeping our network secure.
Now that it works on campus, make sure WiFi calling is turned on for your iPhone at Swarthmore (Instructions to turn on WiFi Calling from Apple)!