Join Director of Product Management Todd OBoyle on April 26th as he covers the key elements of a phishing protection program. Whether you’re an old hat at phishing education or considering starting a program -- we'll discuss critical components that should be in any program.
FIOS Sonicwall and Guide listings.
So I have a client that has fios internet and TV. The way it is setup, the fios router is in bridged mode and the sonicwall is handling everything. So a coax goes into the fios router and then the sonicwall is behind it. All the tvs are connected with coax.
There is a vpn tunnel setup on the sonicwall along with some sonicpoints. The problem is, since the fios router is in bridged mode none of the tv boxes are able to get IPs from verizon(They need to do this to be able to get the guide listing for all the channels). All the tv boxes get dynamic ips so I can't just put them as address objects in the sonicwall, although i do have all the mac addresses for the boxes. Would I be able to put the mac addresses of the tv boxes on the dmz and hopefully they'll be able to get ips from sonicwall? Anyone tried anything like this before?
I forgot to mention, each of these boxes are Motorola and they also have ethernet ports on the back as well, although verizon says they're all disabled.
There is a vpn tunnel setup on the sonicwall along with some sonicpoints. The problem is, since the fios router is in bridged mode none of the tv boxes are able to get IPs from verizon(They need to do this to be able to get the guide listing for all the channels). All the tv boxes get dynamic ips so I can't just put them as address objects in the sonicwall, although i do have all the mac addresses for the boxes. Would I be able to put the mac addresses of the tv boxes on the dmz and hopefully they'll be able to get ips from sonicwall? Anyone tried anything like this before?
I forgot to mention, each of these boxes are Motorola and they also have ethernet ports on the back as well, although verizon says they're all disabled.
Who is Participating?
LVL 33
I think of two things: 1. Put the boxes in the DMZ. 2. Forward ports WAN > LAN for the boxes.Regarding the DMZ, these boxes aren't on the wireless are they? You could put a switch in and put these devices into a DMZ. Then make the DMZ operate in transparent mode. This might fix your issue. With multimple boxes, I don't see how Veriozon would expect all these boxes to get a public IP address.Regarding the port forwarding, it may be that Verizon just needs to communicate with these specific boxes from the WAN over specific ports. Being on a DMZ would allow this, but if you new the ports you could run the Public Server Wizard to open these ports on the sonicwall directly to these devices. Once the devices can get static IPs internally, you can create address objects for each, put them into an address group, and have the port forward to that group.
The boxes aren't wireless and are only connected via coax. And the TVs do work, it is just the guide listings that don't work. Verizon said they have to get online to be able to download the guides.
I guess I forgot to mention, I called Verizon 3 times and asked the same question, what ports do I need to open for these boxes and no one there knew. Apparently people don't use their own firewalls with fios. O.o
Perhaps the reason they're not getting an IP is because they're trying to connect to a pre-specified default gateway and the DHCP request is getting blocked by the sonicwall? Or perhaps it is only trying to connect to the FIOS router and since it's in bridged mode its not accessable? I wonder if I enabled DHCP on the fios router and then put it in bridged mode, would it still pass out IPs?
I guess I forgot to mention, I called Verizon 3 times and asked the same question, what ports do I need to open for these boxes and no one there knew. Apparently people don't use their own firewalls with fios. O.o
Perhaps the reason they're not getting an IP is because they're trying to connect to a pre-specified default gateway and the DHCP request is getting blocked by the sonicwall? Or perhaps it is only trying to connect to the FIOS router and since it's in bridged mode its not accessable? I wonder if I enabled DHCP on the fios router and then put it in bridged mode, would it still pass out IPs?
it won't through the sonicwall. dhcp isn't routable. where does the coax terminate, to the FIOS router?
This is the network graph we here have conceptualized since we don't have info from Verizon.
From the street, one coax comes to the house and goes into a splitter. This splits off 5 ways. 4 to each box and one to the FIOS router. The router LAN is plugged into the Sonicwall WAN.
From the street, one coax comes to the house and goes into a splitter. This splits off 5 ways. 4 to each box and one to the FIOS router. The router LAN is plugged into the Sonicwall WAN.
What is the fios modem/router being used?
Review this page: It discusses some of the configurations you can have with their gear and your own firewall while maintaining some of the features you want, Guide Listings.
http://www.dslreports.com/faq/verizonfios/3.0_Networking#16077
Review this page: It discusses some of the configurations you can have with their gear and your own firewall while maintaining some of the features you want, Guide Listings.
http://www.dslreports.com/faq/verizonfios/3.0_Networking#16077
It is the westtell, but all interfaces on the Sonicwall are used. I've been reading into L2 Bridged Mode/Transparency mode for the sonicwall and it looks like the more viable solution.
I will try this sometime this week and post my results.
I will try this sometime this week and post my results.
i just don't see how the sonicwall would keep the guide from working. either putting the boxes on an interface and configuring transparent on the sonicwall or take the fios off bridge mode. perhaps the fios is pulling the information and putting it on the coax?
Basically the Sonicwall won't let anything out of the WAN port, but the FIOS router does because their coax goes two ways. I'm guessing the Sonicwall doesn't know how to see the cable boxes on the left side of the diagram.
http://www.dslreports.com/r0/download/1517131~648868df3b410359fd9aca5bd677b60a/DoubleBridge.jpg
One of my coworkers noticed a month ago when this went down that the fios has 3 types of connections: Ethernet, Coax WAN and Coax LAN. Perhaps this is why the Westell cannot be in bridged mode so it can handle these 3 types of connections.
http://www.dslreports.com/r0/download/1517131~648868df3b410359fd9aca5bd677b60a/DoubleBridge.jpg
One of my coworkers noticed a month ago when this went down that the fios has 3 types of connections: Ethernet, Coax WAN and Coax LAN. Perhaps this is why the Westell cannot be in bridged mode so it can handle these 3 types of connections.
that's what i'm leaning toward. because the modem is in bridge mode, it's not routing traffic through the coax to the boxes. i don't think there has anything to do with the sonicwall blocking traffic. i think it's the modem isn't routing. what's the modem model?
i haven't had a chance to review the hardware, but another discussion has been going that's similar to your situation. You should post to it and see what they are doing about the guide listing. Here's the link:
http://www.experts-exchange.com/viewQuestion.jsp?qid=26464336
http://www.experts-exchange.com/viewQuestion.jsp?qid=26464336
This was right, but the reason it wasn't working is because the FIOS router was broken. I was dropping 40% packets after I checked it. I had a new router sent out and it worked perfectly as above, although I didn't put the sonicwall on the DMZ anymore.
I just went and put the Sonicwall's wan to the lan port of the fios router, forwarded UDP 500 & 4500 to the sonicwall and the tunnel came up.
I just went and put the Sonicwall's wan to the lan port of the fios router, forwarded UDP 500 & 4500 to the sonicwall and the tunnel came up.
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
All Courses
From novice to tech pro — start learning today.
-
Course of the Month4 days, 12 hours left to enrollMonitoring and Operating a Private Cloud with System Center 2012 R2 273 lessons
