Third Party Routers
ehidle
Newbie

A long time ago when my parents got FIOS, I set them up with a VMWare-based machine that runs an IPCop virtual machine for their router (mainly so I could support their PCs via VPN). They recently got some new STBs and were told that because they did not use Verizon's router, they would not be able to get them initialized, and also that they would not be able to use Home Control or other FIOS features.

Is this simply an issue of opening certain ports to make the STBs accessible to verizon's technical center? If so, what ports and/or protocols need to be opened or forwarded to enable them to use all of their FIOS features?

Thanks in advance.

0 Likes
Re: Third Party Routers
Hubrisnxs
Legend

The stb's don't use ethernet.   So you can't connect them to your router, unless you have a moca capable router.   They connect via a Coax MOCA connection to one of the Verizon Supplied Routers. Actiontec and Westell.  The below links will let you explore different configurations, and you can do so and find which one suits your needs the best.  I would slap the vmware machine in the actiontec's DMZ and call it a day.   The vmware machine has it's own built in firewall, so it wouldn't be an issue.  

0 Likes
Re: Third Party Routers
ehidle
Newbie

The VMWare management interface is on the internal LAN anyway. Only the IPCop VM has an interface on the outside. I've put VPN servers behind the Actiontec DMZ before and it is a universal failure. The Actiontec mangles the IKE messages needed to successfully re-key the connection, so connections always fail at the expiration of the first re-key period after the inital connection is established. So, the Actiontec cannot be the edge device. 

They do have an Ethernet-MOCA adapter on the LAN. Apparently the Verizon tech who installed their service a while back has the TV network fed from the ONT for video and from this Ether-MOCA adapter to give the STBs networking - and then their LAN is fed from the Ethernet port on the ONT.

I'll try to get a more detailed drawing put together so the network topology there is clear. I'm not entirely sure myself how exactly it is set up (I'm 500 miles away so I don't often get to put my hands on it)

Thanks

0 Likes
Re: Third Party Routers
Hubrisnxs
Legend

It's very possible to have a third party device first and then the actiontec and or moca/bridge device in play.  Take a look at the link that i provided and it gives step by step for an advanced config like that. 

0 Likes
Re: Third Party Routers
ehidle
Newbie

Okay, after looking at the "10 options," I think the one that resembles closest what they have is number 7. They do have an actiontec, and it's basically just used as a switch/WAP in their home office. The MOCA Bridge is plugged into one of its LAN ports and to the coax network.

What I had him do was move the MOCA bridge down to the basement, so that all he has to do is move the Ethernet cable for the bridge from the internal LAN switch to the ONT switch when he needs Vz to be able to initialize a STB or something.

I just spoke with him and he said everything is actually working except for VOD, using the bridge on the ONT's switch.

0 Likes
Re: Third Party Routers
Anti-Phish1
Master - Level 1

@ehidle wrote:

They recently got some new STBs and were told that because they did not use Verizon's router, they would not be able to get them initialized, and also that they would not be able to use Home Control or other FIOS features.


Not true.  STBs are initialized through an OOB signal, not through the router.

Hubrisinxs has already provided you with the link to the trade-offs FAQ which explains what features are supported or not supported with each option.


@ehidle wrote:

their LAN is fed from the Ethernet port on the ONT. 


The ethernet port on the ONT is a WAN connection, not a LAN connection.


@ehidle wrote:

What I had him do was move the MOCA bridge down to the basement, so that all he has to do is move the Ethernet cable for the bridge from the internal LAN switch to the ONT switch when he needs Vz to be able to initialize a STB or something.

I just spoke with him and he said everything is actually working except for VOD, using the bridge on the ONT's switch.


You can't put a switch on the ONT (unless you have multiple static IPs assigned by VZ).

If VOD is not working, you're not bridged correctly.  Also, you will lose guide data.  You may be seeing guide data now, but that is only because the STB stores up to 2 weeks of guide data,.

Please post the diagram you promised.  You configuration is very confusing.

0 Likes
Re: Third Party Routers
ehidle
Newbie

https://docs.google.com/file/d/0B7NZMkdaSaujZUJxZ3BIMHBBZkU/edit?pli=1

Obviously, what he did doesn't work with a commercially available switch. What was mostly working before (sans support and web DVR control) is, I believe, similar to Option 7 in the list.

It turns out that the option that actually works and enables all verizon services is not among the "10 options," probably because it requires a little network sorcery that is beyond what can be done with COTS routers.

In any case, the problem is solved and everything is working now.

0 Likes
Re: Third Party Routers
smith6612
Community Leader
Community Leader

@ehidle wrote:

It turns out that the option that actually works and enables all verizon services is not among the "10 options," probably because it requires a little network sorcery that is beyond what can be done with COTS routers.

In any case, the problem is solved and everything is working now.


Of course, keep that option on the low down so someone doesn't find out and patches it 😉

All jokes aside, it is true the option that makes everything work including Remote DVR and Caller ID without a Verizon router does require some under the hood networking tricks. Quite simple once you get the main portions of things set up, it's just not on the DSLReports FAQ. I think More Fiber over at DSLReports wrote it up if you want to drop some feedback into it. The trick involves a concept of a MITM Attack as a start.

0 Likes