ISP router
I have a Calix 844G-1 fiber WIFI router from my ISP provider. I have the firewalla gold setup in DHCP mode but I want to use it as a router. After talking to my ISP today, the ISP router can not be setup in "bridge mode", it does have DMZ hosting and It has UPnP which I have running and the VPN is working good.
1. Is their any way to use the ISP WIFI router and have have the firewalla gold setup other than having it as a double NAT?
2. Can I use DMZ to put the firewalla gold on the public side and then use it that way?
3. Second to last option: Or is the best thing to do is to see if my ISP will just give me a router that I can set up in bridge mode?
4. Last option: If I cant get a new router then just use the firewalla gold in DHCP mode and forget everything else?
Thanks in advance!
Duane
-
I've also a question regarding replacing my ISP router with the Firewalla Gold. But I don't know if the Firewalla is supporting Internet and Routed IPTV in my case.
Config what I need for Internet is:
PPPoE via VLAN 6 (802.1q).
PPPoE authentication PAP with username and password
Maximum (mtu) 1500 bytes (rfc4638)
IPv4 address + DNS servers via PPPoE
IPv6 address + DNS servers (IPv6) via DHCPv6-PD request (in PPPoE). Use an address from router.Config what I need for IP TV is:
Ethernet VLAN 4 (802.1q)
Address via DHCP needs option60 (Vencor Class Identifier) with value : IPTV_RG.
Specific routing information via DHCP request (option 55 bevat 1, 3, 28 and 121)
Extra; Do not use of DNS servers and do not use default gateway only specific routes.
Turn on IGMP-proxy incl fast-leave option needed for TV signal in home netwerk (min IGMPv2). -
Fantastic support of Firewalla team, they send me this link.https://help.firewalla.com/hc/en-us/articles/360050756593-Firewalla-Gold-Triple-Play-VLAN
Too bad I didn't found it ...
-
How can I configure the following settings?
Address via DHCP needs option60 (Vencor Class Identifier) with value : IPTV_RG.
Specific routing information via DHCP request (option 55 bevat 1, 3, 28 and 121)
Extra; Do not use of DNS servers and do not use default gateway only specific routes.
Turn on IGMP-proxy incl fast-leave option needed for TV signal in home netwerk (min IGMPv2).Internet works via the Triple Play option.
-
Ok it's been a while, I hope to revive this thread. I have the same question. Cannot get TV to work and need the same settings (KPN, right?). Any luck getting it to work? The standard Triple Play settings from https://help.firewalla.com/hc/en-us/articles/360050756593-Firewalla-Gold-Triple-Play-VLAN don't work for my Firewalla Gold. I need these specifics, similar to those mentioned by Peter:
In this case, the router functions as the last device from the TV platform, so you need to enable IMP proxy (IGMPV2). Additionally, on the router (and any switches between the router and the TV receiver), you should enable IMP snooping. This ensures that multicast TV traffic is only delivered on the ports of the switch to which the television is connected. IGMP fast leave is necessary to terminate unnecessary streams, for example, the process of switching from one channel to another. Also, make sure to add the DHCP Option 60 (Vendor Class Identifier) with the string: IPTV_RG (ASCII character) (this is necessary for proper communication with the TV receiver). Furthermore, you should apply option 121 (Classless Static Route Option) [RFC3442]."
I'm new at this so I hope someone can help me take the steps to get this to work.
-
Right now I have a specific question that is if I can add option 55 parameters to the dhcp. It’s not in the list here: https://help.firewalla.com/hc/en-us/articles/360046703673-Firewalla-Feature-Guide-Network-Manager
-
@wow wouw, did you ever manage to get it to work? I'm setting up a FW Gold SE for my dad who has KPN in the Netherlands. What a nightmare...
We removed his Experiabox router, but obviously IP TV doesn't work yet.
I have the WAN (fiber optic) connected to port 4 and created a PPPoE with VLAN 6 on that, as well as a DHCP with VLAN 4 on that same port using DHCP option 60 with IPTV_RG. That works -> I get an IP address.
Then I created a LAN, but now I'm stuck... internet works everywhere, except the IPTV...
Suggestions from real people are more than welcome, as ChatGPT keeps asking me to configure options that don't exist! -
IPTV WAN is based on port 4 using VLAN 4 and the "Vendor-Class-Identifier" is set to "IPTV_RG". It can get IP address from upstream now. Can you please add a static route in the app on the "Route" page, "Matching" IP range 213.75.112.0/21, next-hop 10.14.66.1, and interface IPTV WAN?
This is what I did with the support team of firewalla 4 years ago. It still works flawless (too bad on 1 box only). I used port 4, but that depends on your own settings.
-
Thanks for the quick reply Peter.
A few questions though... the next-hop... that is not an option anywhere. I presumed you used the GUI, right? Or did you SSH into the FW? Currently the option is to select a device or group.
the 10.14.66.1 -> is that the IP of your set-top-box? Is that also why it only works on 1 box perhaps? I would say that nowadays in that case it should work on multiple decoders by selecting a group. -
Disregard my previous questions, all works now :-)
I replaced the KPN Experiabox with the Firewalla Gold SE and the FW is now the main router. The Arris KPN set-top-box works, all 3 of them. They are connected to my normal LAN, so no dedicated ports used on the FW were used.
The Experiabox is also still connected to use the WiFi mesh system that comes with it. It was a couple days of work to figure things out and migrate DHCP reservations and port forwardings, but all works :-D
If anybody is struggling with the same, let me know and I'll post something longer with the required settings.
Please sign in to leave a comment.
Comments
14 comments