vpn_bob
@comcast.net
|  FIOS and VPN
Hi Everyone,
FIOS was just setup at my house yesterday but I have run into a problem which I hope someone can solve.
I have a Netgear FVS318v3 hardware VPN running between my home and office. The old configuration was:
---> DSL modem ---> Netgear FVS318v3
The new setup is:
ONT --> Actiontec MI424WR --> Netgear FVS318v3
Coax not Ethernet to Actiontec router; we have the TV service as well with Video On-Demand
The Actiontec router uses the default 192.168.1.x /24 IP addressing scheme. Our offices utilize 172.21.16.x /27 scheme.
I need to either A) get rid of the Actiontec router altogether, or B) figure out a way to make the Actionec router invisible so that the Netgear router can be the primary router.
Does anyone have any suggestions? |
|
darcilicious
Cyber Librarian
Premium
join:2001-01-02
Forest Grove, OR | See the FAQ »Verizon Online FiOS FAQ under Actiontec on how to bridge the Actiontec. |
|
More Fiber
Premium,MVM
join:2005-09-26
West Chester, PA
 ·Bay Area Internet ..
| reply to vpn_bob
You can't get rid of the Actiontec all together, since you need it as a MOCA bridge for the STBs. There are however, several ways to run your own router. Review the trade-offs in this FAQ. It contains links to specific instructions.
»Verizon Online FiOS FAQ »What are the tradeoffs between the various router configurations |
|
jlenkows
join:2001-10-30
Wappingers Falls, NY
| reply to vpn_bob
By having the FVS318 behind the Actiontech, you are doing something called Double-NAT'ing. This causes lots of issues when using VPN software, and sometimes when just plain old surfing the Internet.
Are you using Cisco, Microsoft, or another VPN client?? |
|
vpn_bob
@comcast.net
| reply to vpn_bob
jlenknows:
The Netgear FVS318v3 is a hardware VPN device. It does not require client software. Combined with another FVS318 it creates a VPN across a WAN.
Could I just forward all traffic to the FVS318?
--or---
How do I get rid of the Coax? Do I need Verizon to wire my whole house for ethernet? |
|
More Fiber
Premium,MVM
join:2005-09-26
West Chester, PA
·Bay Area Internet ..
| Did you read the FAQs linked above?
They answer exactly what you are asking.
You have two basic options.
1) Put the Actiontec in transparent bridge mode (see the FAQ for the link).
2) Run cat5 between the ONT and your router and have VZ switch your WAN provisioning from coax to cat5. (see the FAQ for details).
You can't get rid of the Actiontec altogether, you need it to provide a MOCA bridge for the STBs (the STBs to not support cat5). |
|
vpn_bob
@upenn.edu
| reply to vpn_bob
More Fiber:
I did read the FAQs above, specifically the post on Replacing the Actiontec (part 1): Coax to Ethernet
(»Verizon Online FiOS FAQ »Replacing the Actiontec (part 1): Coax to Ethernet)
However, that FAQ says to post a topic in this forum if the router is connected through PPPoE.
What I need to know essentially is how to make my Netgear FVS318v3 the router that traffic goes to instead of the Actiontec, and my router should get the DHCP IP without messing up VOD. |
|
More Fiber
Premium,MVM
join:2005-09-26
West Chester, PA
·Bay Area Internet ..
1 edit | The only difference if you have PPPOE is that your router must support PPPOE in order to use it as the primary router. According to the NetGear specifications for the FVS318v3, it does support PPPOE, so there should be no problem. VZ uses open PPPOE, so any username and password will work. When birdfeedr  wrote that FAQ, he was only able to test with DHCP, and did not want want to post instructions he had not tested.
Quick steps (from FAQ):
•Connect a cat 5 cable from the ONT to the ethernet WAN port of the Actiontec.
•Call the FSC, or post a request in »/forum/vzdirect It may take several attempts to get the FSC to switch you. The VZ Direct forum is 9-5 M-F only, and may take a day or two, but will switch you without question.
•The Actiontec will come up on the cat5 connection automatically when you have been switched.
•Once that happens, move the cat5 WAN cable to your router.
•No need to release DHCP address from the Actiontec, because you are on PPPOE.
•Then follow the instructions in »Verizon Online FiOS FAQ »Replacing the Actiontec (part 3): WAN-to-LAN keeps Guide and VOD (easier) to connect the Actiontec behind your router. |
|
birdfeedr
Premium,MVM
join:2001-08-11
Warwick, RI
 ·Verizon FIOS
| said by More Fiber :... it does support PPPOE, so there should be no problem. VZ uses open PPPOE, so any username and password will work. When birdfeedr wrote that FAQ, he was only able to test with DHCP, and did not want want to post instructions he had not tested. [steps trimmed] •Once that happens, move the cat5 WAN cable to your router. •No need to release DHCP address from the Actiontec, because you are on PPPOE. To vpn_bob:
If your experience is like MoreFiber says, post back here what you did different because you're on PPPoE. You will probably have to manually specify PPPoE with a username and password. Verify "username" and "password" give you a connection.
Then I'll clarify that step in the FAQ.
I believe it will work as described above, but the couple of other times it was suggested, the OP didn't post back.
And yes, I didn't want to write what I couldn't verify. That's why I haven't written a bridging FAQ -- no MoCA WAN. |
|
jlenkows
join:2001-10-30
Wappingers Falls, NY
| reply to vpn_bob
My mistake - I didn't read the part about hardware VPN...
Easiest way is to make the Actiontech a bridge and the FVS318 your router AND firewall...
There is substantially more effort involved in passing the IP protocols required for a L2L tunnel through the Actiontech than there is to just make it a bridge. |
|
