dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
4647
javi404
join:2014-01-05
Rutherford, NJ

1 recommendation

javi404

Member

[Networking] non verizon router + quantum TV/dvr and port forwarding.

Upgraded from old DVR package to Quantum TV last night.

I am using my own router and a moca adapter so that the cable boxes can get online for VOD etc.

I couldn't find this last night (and obviously Verizon support at 1am was no help) so I thought I would publish this here.

I swapped my old dvr and boxes for quantum tv (new arris boxes instead of motorola)

I had trouble activating the boxes so here is what I would do if I could do it again.

note that with the arris boxes (quantum tv) the ports are different than before.

unplug all boxes.
Plug in only DVR
Make sure you see dvr in your dhcp leases on your router.
Make a static mapping for the DVR.
Reboot the DVR
ping DVR to make sure it took that static dhcp mapping (you don't want the ip to keep changing on you hence why the static mapping)

Create the follow port forward rules for the DVR
Hopefully you can activate it (this is where i got stuck)

After it is activated repeat the same process for STB1 STB2 etc.
Here is what my current port forwarding rules look like. Note the ports are different.
I had to break out the actiontec to see what ports were being forwarded and then set static mappings on my own router after the fact.

Hopefully this helps someone else since it was a 2 hour process for me to swap routers, reset actiontec, activate dvr, copy settings, set mapping on my router, swap my router back in etc.
VOD works but I haven't tested anything else (I don't care about caller ID.)

Port Forwards:

TCP:
35000 -> 9001 on DVR
35001 -> 9001 on STB1
35002 -> 9001 on STB2

UDP:
63145 -> 63145 on DVR

- J
hubrisnxs
join:2009-12-30
Fountain Valley, CA

hubrisnxs

Member

impressive. most impressive
pvc00
join:2001-03-10
Hampton, VA

pvc00 to javi404

Member

to javi404
Just curious , what type of Moca device did you use?
buckweet1980
join:2011-12-31
Saint Petersburg, FL

buckweet1980 to javi404

Member

to javi404
So this is very interesting.. I returned my FIOS router as I didn't want to pay for the rental fee and I picked up an Actiontec 2200B MOCA bridge off ebay. This worked great day-to-day, but I never received the new software update on my Quantum DVR.

I tried setting up the port forwardings just like you have, but it wouldn't take the update and it wouldn't activate again via the cold-boot process. I ended up buying a FIOS router off ebay for 35 bucks and then set out to activate it again. At first I just put the FIOS router on the internet directly and left the STB connected to my moca bridge (FIOS router was just connected via LAN) and that didn't work either. The only way I could get it to activate was to have the STB moca connected to the FIOS router. So I came to the conclusion that it had to see the STB via MoCA connection.

Very weird in that it required the FIOS router for it to work for me, but not you.. Thanks for the info!
kevnich24
join:2006-04-19
Mulberry, FL

kevnich24

Member

I don't think you did anything different than the OP. I do think for everyday things, what the OP did will work but I do think that for software updates and such, he may still have issues the same as you did. Verizon seems to only communicate CORRECTLY with the DVR's, when you use the verizon provided router. I'm guessing there is some coding in the verizon router's that calls home and establishes communication and maps up via the MAC address on the Fiber ONT and does some linking with your account.

This is how if you login to your verizon account and have a verizon provided router, it will show your SSID, wifi password, etc. All your DVR's will work correctly, etc. However, if you use a non-verizon router, your my verizon profile will not show any of this information. If you have the proper ports forwarded, your DVR's will show guide info and work ok for day to day items but things like scheduling DVR recording's through the web will not work and I'm guessing software updates also won't work, because Verizon isn't communicating properly because whatever is installed in verizon router to call home...isn't there.

nycdave
MVM
join:1999-11-16
Melville, NY

nycdave

MVM

Trust me - for all those who think they will get their VMS's to take new code behind a non-Verizon approved router - you won't. That's part of the requirement for a Verizon-issued and approved router on the WAN side for all VMS customers.
fcfc2
join:2014-05-17

fcfc2

Member

said by nycdave:

Trust me

I trust you. Can you clarify for those using the lower internet tiers 25/25, or 50/50 can the older Actiontec's be used for the VMS system or does it have to be the G1100 or Rev. I?
javi404
join:2014-01-05
Rutherford, NJ

javi404 to nycdave

Member

to nycdave
said by nycdave:

Trust me

Instead of just telling us to trust you, why don't you help provide any technical details we are missing so that we don't have to use a Verizon issued and approved router that also contains open ports you can't close into my network?
javi404

javi404 to kevnich24

Member

to kevnich24
said by kevnich24:

I do think for everyday things, what the OP did will work but I do think that for software updates and such, he may still have issues the same as you did.

This is correct, i can't program my dvr via the website, haven't tried via phone. There has to be a technical workaround for this, it is just a matter of finding out what it is.
CooloutAC
join:2013-02-12

1 edit

CooloutAC to javi404

Member

to javi404
I hear ya man, I just seen a supposedly verizon network address, that remote admin'd my router on Feb 4th. 206.46.209.250 It really leaves me with a sick feeling when that happens. It could be innocent, but who knows if hackers know that address and spoof it. I find it hard to believe its needed for any "maintenance" or firmware updates.

Maybe you can get your hands on an earlier model actiontec verizon fios router, when they let you block that port with the firewall? (and also let you access the UPNP and IGMP page) I think its irresponsible to not let home users, take the number 1 security step of disabling UPNP. I've called and complained to verizon about this and wrote letters. They don't care.

But with the older router you could block that port into your network, before they changed the firmware in the newer revisions. (I have 30/25)

On another note, AT&T stopped putting tracking numbers on their users using wireless mobile data, when people started complaining, but Verizon is still doing it. I'm starting to feel more and more that Verizon doesn't care one bit about our home security or privacy. Well I say that, but there is a load of less secure routers out there... And maybe we should also blame the gov't for making us less secure...

nycdave
MVM
join:1999-11-16
Melville, NY

nycdave to fcfc2

MVM

to fcfc2
Rev. I or FQG only with VMS. The older routers won't work.
nycdave

nycdave to javi404

MVM

to javi404
Because you can't get around a hard requirement. Providing technical details to hack the system isn't the answer.
kevnich24
join:2006-04-19
Mulberry, FL

kevnich24 to javi404

Member

to javi404
I don't think there is a workaround. A workaround would involve ports being forwarded but this only works IF the verizon side is trying to communicate with the DVR's on the inside, through ports. What is actually going on is the verizon provided router's have some module or API inside them that calls home and establishes a back end connection to Verizon's system that links the equipment on your network with your verizon account.

This allows things like your verizon settings, wifi password, remote DVR, software updates, etc to function correctly.

Honestly, from a security standpoint, this bothers me like nothing else. I removed their router and will deal with not having these items works. Why? Because Verizon won't release what other details may be being communicated and nycdave seems to be tight lipped as well. This is a high speed fiber connection, they could easily be transmitting a lot of data back to their own systems and tracking items I don't think they should be able to.

So I use my own router that's very locked down and they can't get to anything. Downside is that I can't really call in for support as I'm not using a "supported" design. But I haven't ever needed to and don't plan on it.

More Fiber
MVM
join:2005-09-26
Cape Coral, FL

More Fiber

MVM

said by kevnich24:

they could easily be transmitting a lot of data back to their own systems and tracking items I don't think they should be able to.

Why would VZ even bother to do this? VZ already sees every packet of yours that passes through their edge router whether you use their router or not.
buckweet1980
join:2011-12-31
Saint Petersburg, FL

buckweet1980 to kevnich24

Member

to kevnich24
I will just put the FIOS router in place if I need to get a software update going forward.. Outside of that I don't need any of the feature.. RemoteDVR never works for me even with the FIOS Router so I've just given up on it. Not that I really care to have it anyways.

But I'm sure like many have said it calls hope or there are some kind of checks that is in place with the DVR/Router. It will be interesting when I get migrated to Frontier and how things will be going forward. Maybe TIVO will finally get their UI updated enough to satisfy me once Frontier starts renting them. I actually like the FIOS DVR guide way better than the TIVO Roamio I tried the other year.
javi404
join:2014-01-05
Rutherford, NJ

javi404 to nycdave

Member

to nycdave
said by nycdave:

Because you can't get around a hard requirement. Providing technical details to hack the system isn't the answer.

First of all, who said anyone is trying to hack the system? This thread is only about using your own router and not relying on the verizon supplied router.
Second of all, if you will not help provide technical details, why are you posting? you are not contributing any useful info.

nycdave
MVM
join:1999-11-16
Melville, NY

nycdave

MVM

OK, so I know people aren't trying to hack the system...

I am providing useful information for those people who think they can get around the hard requirement of using a Verizon approved router with Quantum TV. Why else would I post that you can't use your own router with Quantum? I'm trying to save people countless hours of headaches and potential calls into tech support when they can't get their VMS's and IPC's to get new software.

Just because you don't like the answer doesn't mean it isn't true.
javi404
join:2014-01-05
Rutherford, NJ

javi404

Member

nycdave, then provide the info needed to configure a non verizon router to allow VMS and IPC to get new software without the rented/purchased verizon router. Save everyone the countless hours of headaches and potential calls into tech support. Is verizon doing some magic that only the verizon router can do? Why is it such a secret? Also, why the hell does verizon want to manage my network security(my firewall/nat) for me when many of us are more than capable of doing it ourselves? Save me the hassle of packet capturing and wireshark analysis which is my next step. As far as I am concerned the demarc is at the ethernet point on the ONT. My network is mine and I don't want anyone, including verizon on it with full access without me explicitly allowing it.

More Fiber
MVM
join:2005-09-26
Cape Coral, FL

More Fiber

MVM

said by javi404:

As far as I am concerned the demarc is at the ethernet point on the ONT.

You may consider the ONT to be the demarc, but VZ considers their router to be Customer Premises Equipment (CPE).
said by javi404:

provide the info needed to configure a non verizon router to allow VMS and IPC to get new software

It would not matter because VZ routers use TR-069 for CPE management. TR-069 is generally only supported on routers provided by ISPs. Even if your router supported TR-069 (which it does not), you would not have VZ's security certificates which would be required to accept a TR-069 session.
said by javi404:

Save me the hassle of packet capturing and wireshark analysis which is my next step.

Knock yourself out. All you are going to find is an encrypted SSL session.
Springbok
join:2002-09-13
Leander, TX

Springbok to javi404

Member

to javi404
Just connect your router WAN to the VZ router LAN and set the IP adr as DMZ. If the Quantum router does not support DMZ, trade it for or buy a Actiontec Rev I. Verizon will be happy, because they can see and control their boxes and you will have peace of mind, because your internal LAN is secure. I see 153/167 mbps with 5-6 ms latency regardless if I'm connected directly to the Actiontec Rev I or via my i386 based pfSense router. I work from home with VPN to my employer and I have SIP VOIP phones. Everything works with no issues whatsoever, day in and day out.
javi404
join:2014-01-05
Rutherford, NJ

javi404

Member

Springbok, funny after activation I have had zero need for their router with my new quantum setup. I was actually thinking of plugging in verizon actiontec rev I router's WAN into my edgerouter and putting the verizon router in the DMZ. I am currently using a 2nd moca device in the LR for my access point but I might just run cat5e (let's see how many vodkas I have tonight) and then the moca network can be verizon only equipment in DMZ behind my router.

I also work from home and run a pretty elaborate IT dev/lab so I'm curious how that would work.

BTW, I am also a pfsense user but switched to ubiquity recently for my main firewall/router. Turns out pfsense was forked btw, might want to check it out. I have pfsense boxes running strong all over the place.
javi404

javi404 to nycdave

Member

to nycdave
said by nycdave:

hard requirement

Considering I have been using my own routers, moca bridges and access points on FIOS for more than 3 years now, I wouldn't exactly consider it a "hard requirement."