Verizon Network Extender firewall config in DD-WRT

Post new topic   Reply to topic    DD-WRT Forum Index -> General Questions
Author Message
lemming
DD-WRT Novice


Joined: 01 Jul 2009
Posts: 1

PostPosted: Wed Jul 01, 2009 4:31    Post subject: Verizon Network Extender firewall config in DD-WRT Reply with quote
This info may not be new for some or many people. But for the other newbs like myself, I hope this helps.

If you bought a Verizon Network Extender (US Only) and hooked it up behind your router but find that the GPS and the SYS light are still red. You may need to open some ports in the Applications and Gaming tab.

First, assign a static IP to your Verizon Network Extender. Then in "Applications and Gaming", choose Port Range forward and open UDP ports: 53, 52428, 500 and 4500 and enter the static IP of the device in the IP field. The application name is arbitrary. See attachment.



VNE ports.png
 Description:
 Filesize:  10.03 KB
 Viewed:  40332 Time(s)

VNE ports.png


Sponsor
MGotcha
DD-WRT Novice


Joined: 07 Aug 2009
Posts: 1

PostPosted: Fri Aug 07, 2009 21:14    Post subject: Verizon network extender Reply with quote
How do you cfg the Verizon network extender to use a static IP addr?
Slione
DD-WRT User


Joined: 05 Dec 2007
Posts: 215
Location: Michigan

PostPosted: Fri Aug 07, 2009 22:22    Post subject: Re: Verizon network extender Reply with quote
MGotcha wrote:
How do you cfg the Verizon network extender to use a static IP addr?


This is how I did a static IP address on mine. After setting it up I accessed my routers LAN Status page and I could see the MAC address of it in there. I then took the MAC address and entered it in Static Leases under the Services tab. You can give it any name you want.



Static.jpg
 Description:
 Filesize:  83.89 KB
 Viewed:  40125 Time(s)

Static.jpg



_________________
WRT1900AC v1-build r30731
kent7854
DD-WRT Novice


Joined: 11 Jun 2010
Posts: 3

PostPosted: Fri Jun 11, 2010 18:53    Post subject: Verizon Network Extender problems Reply with quote
I'm really hoping somebody will see this and have an idea.

I got the Verizon Network Extender and have nothing but problems with it. I finally got it to work by plugging it directly into my cable modem proving the issue was some place in my router.

I'm using dd-wrt and the latest release and still have some sort of an issue. I've done the static IP and port forwarding as shown in this thread and still am having an issue.

Does anyone have any suggestions? Verizon is helpless with any further help as it's not their product apparently causing the problem.

Any help is appreciated.

-Kent
wbear
DD-WRT Novice


Joined: 27 Jun 2010
Posts: 4

PostPosted: Sun Jun 27, 2010 2:58    Post subject: Reply with quote
I'm in the same situation here, using a Linksys WRT54GS, flashed with "DD-WRT v24-sp2 (10/10/09) mini". Prior to flashing, the network extender had stopped working while still on the default Linksys setup and firmware. All other devices behind this router work flawlessly.
The NE worked perfectly for several months, then one day it simply stopped connecting, then after power cycling it stopped locking the sys and GPS lights completely (they stay solid red). It has an IP assigned with a static lease, and I've tried everything from port range forwarding to DMZ and it can't get out of the LAN. Shut everything down (power off) and restarted slowly from the street in, several times.
No joy.
New extender, cable, port on the router and so on, nothing has worked. I can see it making connections to attempt access, but it never manages.

Verizon closed my issue twice (without informing me) calling it "resolved" as they couldn't "see" the device, blaming Roadrunner (ISP). RR, naturally, blames Verizon's device, but was able to confirm that the modem is working great and they don't block anything. (I mentioned port 80...and was met with silence). ;)

Any insight, tips, help or advice would be most welcome.
kent7854
DD-WRT Novice


Joined: 11 Jun 2010
Posts: 3

PostPosted: Sun Jun 27, 2010 14:42    Post subject: Verizon Network Extender problems Reply with quote
@wbear

What I finally had to do was put the NE before the router.

So I have my modem then a switch. Port 1 on the switch goes to the NE. Port 2 on the switch goes to the router and then the rest of my network is "behind" the router.

This has worked flawlessly for a couple of weeks now.

Verizon told me this would not work, but I really don't think they had any reason as to why it wouldn't. And it has, so I'm ok with it for now anyway.

Good luck with yours. After it's working it's great to have good cell coverage in the location!!
wbear
DD-WRT Novice


Joined: 27 Jun 2010
Posts: 4

PostPosted: Sun Jun 27, 2010 17:48    Post subject: Reply with quote
I'd had that thought but hadn't tried it since I didn't believe I could switch before the router and have it all function. Since I had a small 5 port unit I wasn't using, just tried it, but can't get both the router and NE to connect at the same time. I got the NE to lock up, but lost internet. When I rebooted the router, it obtained an IP that allowed internet, but the NE dropped dead again. I'd have to assume Roadrunner won't assign 2 IPs to the same location, since that's the only logical reason for it to fail.

I can apparently have an IP for my LAN or for my phone, but not both, and can no longer get it to work behind the router at all (which is mysterious as to why it did work then suddenly didn't).
How frustrating. Sad
kent7854
DD-WRT Novice


Joined: 11 Jun 2010
Posts: 3

PostPosted: Mon Jun 28, 2010 11:53    Post subject: Verizon Network Extender problems Reply with quote
This is where it gets a little iffy perhaps.

Try putting just your NE extender directly into your cable modem and nothing else. It should connect in like 10 minutes, but if not give it the hour just to see if it's working and will keep a stable connection.

If it works then then you know it's something with your setup.

Some cable modems actually have a routing function built into them. You could look into that.

I could never figure out if mine did or not (I don't believe it does) but putting the switch after the modem and before the router basically allowed me to "split" the signal to two places. I'm not enough of a network engineer to know if it should have worked, or is right to do, but it's working now.

I never would do this with a regular PC because without the firewall the computer would be affected in minutes. But I think the NE is relatively safe there.

Good luck. Let us know how it goes.
wbear
DD-WRT Novice


Joined: 27 Jun 2010
Posts: 4

PostPosted: Mon Jun 28, 2010 12:14    Post subject: Reply with quote
Actually, the first time it was connected via switch ahead of the router it connected fine, and almost immediately. Unfortunately, when I lost my internet in the process, I kick started the router to get it back, and in doing so that bumped the NE off line again.
One or the other, looks like. Internet wins. ;)

I'll be calling RR again today (shudder), and then Verizon. Nothing like several hours each being penciled into your day...
wbear
DD-WRT Novice


Joined: 27 Jun 2010
Posts: 4

PostPosted: Thu Jul 01, 2010 0:56    Post subject: [Resolved!] Reply with quote
After speaking with both RR and Verizon, there appeared to be no hope of resolution for this, it simply wouldn't work. RR would assign only one IP (without throwing money at it), and it wouldn't work behind the router. Even Linksys/Cisco wouldn't help unless I paid $50 for 6 months of support.

Desperate, I began reading every "more" link on each page in the DD-WRT firmware I'd flashed this with. Shocked
Reading about "DNSMasq", I came to try it with that off under "Setup -> basic setup -> Network Address Server Settings (DHCP)". Unchecked all three:
Use DNSMasq for DHCP
Use DNSMasq for DNS
DHCP-Authoritative

It sprang to life, and locked up within minutes. Been working like a champ since! I'd swear I'd tried it both ways, but as is often the case in networking equipment, rebooting from the street in after major changes is sometimes needed to make it all recognize the change.
Lesson learned.

I reckon the first NE had died and my efforts to revive it, which included flashing the router and changing that setting, caused it to break the connection before unit #2 arrived. Installing that didn't work because it was still using the broken settings and so on. Hope this helps the next person that runs afoul of this. Hooray for happy endings. Cool
Peculiar Bias
DD-WRT Novice


Joined: 08 Jul 2010
Posts: 1

PostPosted: Thu Jul 08, 2010 2:19    Post subject: Reply with quote
@wbear: I have the EXACT same situation as you. RoadRunner and Verizon Network Extender. Only difference is that I'm using a debian box running on an old HP ProLiant DL380 Server I picked up on eBay for $150. ;)

I am pleased to tell you that there is a solution to this problem, but it isn't quite what you had in mind.

The reason why the extender works when plugged into the cable modem turned out to be completely unrelated to the router itself: it got a new IP address!

By changing my MAC address on the ethernet card on my server, the server obtained a new IP address as well, and then the network extender started getting responses from the VPN requests! (I was watching using tcpdump and going through my iptables rules with much hair-pulling frustration).

I don't know why this happens, but it seems that on Verizon's end, something causes it to stop responding to your IP address. In my case, it happened after a power surge, so I thought perhaps it was due to the VPN not closing. But, this is beyond my knowledge.

The solution: next time, change your IP and try again.

I hope this helps!
Stacyleigh
DD-WRT Novice


Joined: 12 Oct 2010
Posts: 1

PostPosted: Tue Oct 12, 2010 4:23    Post subject: Me too Reply with quote
I have the same thing happening. I can bypass my router by going through the cable modem straight into the ne and it locks up fine but when I plug it into the router I loose it

How do I change the ip? I don't have extensive networking knowledge.

I have a linksys wrt54gs router
cbbyers
DD-WRT Novice


Joined: 03 Sep 2011
Posts: 1

PostPosted: Sat Sep 03, 2011 2:25    Post subject: What worked for me Reply with quote
Sorry for grave digging this thread. I tried all of the suggestions above with no success, but I was finally able to make my SCS-2u01 work by disabling stateful packet inspection under Security / Firewall / Firewall Protection. I enabled remote syslog in dd-wrt and noticed that UDP 4500 NAT-T was being blocked by dd-wrt even though I had the port forwarded properly.

Sep 2 20:29:02 kernel: DROP IN=vlan2 OUT=ppp0 SRC=192.168.10.183 DST=66.174.71.40 LEN=300 TOS=0x18 PREC=0xA0 TTL=63 ID=0 DF PROTO=UDP SPT=4500 DPT=4500 LEN=280 \0x0a

Disabling SPI is a temporary workaround, and I will continue to search for a fix to make the SCS-2u01 work with SPI enabled, but if you have trouble getting your VZW NE online (solid magenta GPS LED and fast blinking red SYS LED), try disabling SPI. It worked for me in conjunction with the port forwarding settings above. I hope this helps someone else.

I'm using a Linksys E3000 with firmware:

DD-WRT v24-sp2 big (c) 2011 NewMedia-NET GmbH
Release: 03/10/11 (SVN revision: 16403)

Brian
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> General Questions All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum