Whether you need to trade-up to a shiny new Firebox or just ready to upgrade from whatever appliance you're using now, WatchGuard has the right appliance for you! Find your perfect Firebox today with appliance sizing tool!
Course Of The Month
Become a Premium Member and unlock a new, free course in leading technologies each month.
Solved
FIOS Sonicwall and Guide listings.
Posted on 2010-09-08
So I have a client that has fios internet and TV. The way it is setup, the fios router is in bridged mode and the sonicwall is handling everything. So a coax goes into the fios router and then the sonicwall is behind it. All the tvs are connected with coax.
There is a vpn tunnel setup on the sonicwall along with some sonicpoints. The problem is, since the fios router is in bridged mode none of the tv boxes are able to get IPs from verizon(They need to do this to be able to get the guide listing for all the channels). All the tv boxes get dynamic ips so I can't just put them as address objects in the sonicwall, although i do have all the mac addresses for the boxes. Would I be able to put the mac addresses of the tv boxes on the dmz and hopefully they'll be able to get ips from sonicwall? Anyone tried anything like this before?
I forgot to mention, each of these boxes are Motorola and they also have ethernet ports on the back as well, although verizon says they're all disabled.
There is a vpn tunnel setup on the sonicwall along with some sonicpoints. The problem is, since the fios router is in bridged mode none of the tv boxes are able to get IPs from verizon(They need to do this to be able to get the guide listing for all the channels). All the tv boxes get dynamic ips so I can't just put them as address objects in the sonicwall, although i do have all the mac addresses for the boxes. Would I be able to put the mac addresses of the tv boxes on the dmz and hopefully they'll be able to get ips from sonicwall? Anyone tried anything like this before?
I forgot to mention, each of these boxes are Motorola and they also have ethernet ports on the back as well, although verizon says they're all disabled.
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
7-
7
14 Comments
I think of two things: 1. Put the boxes in the DMZ. 2. Forward ports WAN > LAN for the boxes.Regarding the DMZ, these boxes aren't on the wireless are they? You could put a switch in and put these devices into a DMZ. Then make the DMZ operate in transparent mode. This might fix your issue. With multimple boxes, I don't see how Veriozon would expect all these boxes to get a public IP address.Regarding the port forwarding, it may be that Verizon just needs to communicate with these specific boxes from the WAN over specific ports. Being on a DMZ would allow this, but if you new the ports you could run the Public Server Wizard to open these ports on the sonicwall directly to these devices. Once the devices can get static IPs internally, you can create address objects for each, put them into an address group, and have the port forward to that group.
The boxes aren't wireless and are only connected via coax. And the TVs do work, it is just the guide listings that don't work. Verizon said they have to get online to be able to download the guides.
I guess I forgot to mention, I called Verizon 3 times and asked the same question, what ports do I need to open for these boxes and no one there knew. Apparently people don't use their own firewalls with fios. O.o
Perhaps the reason they're not getting an IP is because they're trying to connect to a pre-specified default gateway and the DHCP request is getting blocked by the sonicwall? Or perhaps it is only trying to connect to the FIOS router and since it's in bridged mode its not accessable? I wonder if I enabled DHCP on the fios router and then put it in bridged mode, would it still pass out IPs?
I guess I forgot to mention, I called Verizon 3 times and asked the same question, what ports do I need to open for these boxes and no one there knew. Apparently people don't use their own firewalls with fios. O.o
Perhaps the reason they're not getting an IP is because they're trying to connect to a pre-specified default gateway and the DHCP request is getting blocked by the sonicwall? Or perhaps it is only trying to connect to the FIOS router and since it's in bridged mode its not accessable? I wonder if I enabled DHCP on the fios router and then put it in bridged mode, would it still pass out IPs?
it won't through the sonicwall. dhcp isn't routable. where does the coax terminate, to the FIOS router?
This is the network graph we here have conceptualized since we don't have info from Verizon.
From the street, one coax comes to the house and goes into a splitter. This splits off 5 ways. 4 to each box and one to the FIOS router. The router LAN is plugged into the Sonicwall WAN.
From the street, one coax comes to the house and goes into a splitter. This splits off 5 ways. 4 to each box and one to the FIOS router. The router LAN is plugged into the Sonicwall WAN.
What is the fios modem/router being used?
Review this page: It discusses some of the configurations you can have with their gear and your own firewall while maintaining some of the features you want, Guide Listings.
http://www.dslreports.com/faq/verizonfios/3.0_Networking#16077
Review this page: It discusses some of the configurations you can have with their gear and your own firewall while maintaining some of the features you want, Guide Listings.
http://www.dslreports.com/faq/verizonfios/3.0_Networking#16077
It is the westtell, but all interfaces on the Sonicwall are used. I've been reading into L2 Bridged Mode/Transparency mode for the sonicwall and it looks like the more viable solution.
I will try this sometime this week and post my results.
I will try this sometime this week and post my results.
i just don't see how the sonicwall would keep the guide from working. either putting the boxes on an interface and configuring transparent on the sonicwall or take the fios off bridge mode. perhaps the fios is pulling the information and putting it on the coax?
Basically the Sonicwall won't let anything out of the WAN port, but the FIOS router does because their coax goes two ways. I'm guessing the Sonicwall doesn't know how to see the cable boxes on the left side of the diagram.
http://www.dslreports.com/r0/download/1517131~648868df3b410359fd9aca5bd677b60a/DoubleBridge.jpg
One of my coworkers noticed a month ago when this went down that the fios has 3 types of connections: Ethernet, Coax WAN and Coax LAN. Perhaps this is why the Westell cannot be in bridged mode so it can handle these 3 types of connections.
http://www.dslreports.com/r0/download/1517131~648868df3b410359fd9aca5bd677b60a/DoubleBridge.jpg
One of my coworkers noticed a month ago when this went down that the fios has 3 types of connections: Ethernet, Coax WAN and Coax LAN. Perhaps this is why the Westell cannot be in bridged mode so it can handle these 3 types of connections.
that's what i'm leaning toward. because the modem is in bridge mode, it's not routing traffic through the coax to the boxes. i don't think there has anything to do with the sonicwall blocking traffic. i think it's the modem isn't routing. what's the modem model?
i haven't had a chance to review the hardware, but another discussion has been going that's similar to your situation. You should post to it and see what they are doing about the guide listing. Here's the link:
http://www.experts-exchange.com/viewQuestion.jsp?qid=26464336
http://www.experts-exchange.com/viewQuestion.jsp?qid=26464336
This was right, but the reason it wasn't working is because the FIOS router was broken. I was dropping 40% packets after I checked it. I had a new router sent out and it worked perfectly as above, although I didn't put the sonicwall on the DMZ anymore.
I just went and put the Sonicwall's wan to the lan port of the fios router, forwarded UDP 500 & 4500 to the sonicwall and the tunnel came up.
I just went and put the Sonicwall's wan to the lan port of the fios router, forwarded UDP 500 & 4500 to the sonicwall and the tunnel came up.
Featured Post
Veeam is a VMworld 2017 US & Europe Platinum Sponsor. Enter the raffle to get the full conference pass. Pass includes the admission to all general and breakout sessions, VMware Hands-On Labs, Solutions Exchange, exclusive giveaways and the great VMworld Customer Appreciation Part
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
Before I go to far, let's explain HA (High Availability) and why you should consider it.  High availability is the mechanism used to provide redundancy to any service at the same site and appears as a single service to the users of that service.  As…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market. Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses
Earn Certification
HTML5 Specialist - Certification
Free withPremium
Course of the Month5 days, 19 hours left to enroll
626 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.