***SOLVED*** Verizon 5g/LTE as backup not working

Comments

15 comments

  • Avatar
    Firewalla

    Does your "Verizon" WAN port get IP from the modem? Is it a private IP? Does the that IP overlap with any of your WAN or LAN existing IP? (make sure they are not)

    Try to ping 1.1.1.1 or 8.8.8.8 and see if you can get through the Verizon side. 

    0
    Comment actions Permalink
  • Avatar
    FirewallaSupportDesk

    GKarasik I hide your reply, because it contains a public IP. We don't recommend expose it on the Internet. 

    If your device can ping 1.1.1.1 or 8.8.8.8 while Verizon is the active WAN, Verizon's connectivity should be fine. You can run a trace route test to confirm if the traffic is truly outbounded via Verizon. 

    On Firewalla WAN Interface, could you change the DNS server to 1.1.1.1 and 8.8.8.8 as a test?

    0
    Comment actions Permalink
  • Avatar
    GKarasik

    Thanks. I forgot the address would be visible in the screen shot. I had already changed the DNS to 1.1.1.1. With that setting I can access/download email, but there's no web-surfing. "Run Network Diagnostics" shows everything successful and connected.

    0
    Comment actions Permalink
  • Avatar
    FirewallaSupportDesk

    See if Turn on Emergency Access on a device makes any differences. 

    0
    Comment actions Permalink
  • Avatar
    GKarasik

    Doesn't help.

    0
    Comment actions Permalink
  • Avatar
    FirewallaSupportDesk

    Ok, at least we know it's likely not Firewalla features are causing issue. What if you directly cable a device to your Verizon router when it's in IP passthrough, is it able to browse Internet?

    0
    Comment actions Permalink
  • Avatar
    GKarasik

    Neither wired nor wireless.

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    If you can't browser internet using a direct connection, likely something is wrong with verizon IP passthrough mode. If you turn back to router mode, does it work?

    0
    Comment actions Permalink
  • Avatar
    GKarasik

    No. Same result. Email works but can't browse. I think it's a DNS mis-configuration in the router's IP -Passthrough. I'll get with Verizon. Many thanks for your time.

    0
    Comment actions Permalink
  • Avatar
    GKarasik

    Hi. I'm not sure where my issue is centered and don't know how to proceed.

    To recap:

    I have an ATT fiber modem connected to my Firewalla Gold Plus. Everything works. I signed up for a Verizon 5g/LTE service as a backup internet service. I connected the Verizon router (ASK-NCM1100) to port 3 on the Firewalla. I set up a network for it in failover mode, Auto Failback. making ATT primary.

    The Verizon router is set to factory defaults. The Firewalla Gold Plus sees it, gets an IP from it, and I can ping 1.1.1.1. I can connect to and browse the Verizon box through the Firewalla. When I make the Verizon primary, I can get email, but I can't browse the internet on any of my PCs. A confusing factor is that if I run the iPhone through my Firewalla via an AP, I can browse the internet on my iPhone. Verizon is sending me a new modem, but I don't believe there's a defect in the box. I think that I have somehow misconfigured the Firewalla or there's an incompatibility between the Verizon router and the Firewalla.

    Are there any tests I can run to identify the problem?

    0
    Comment actions Permalink
  • Avatar
    FirewallaSupportDesk

    You mentioned directly cabling a device to Verizon modem/router doesn't get full Internet, either. Is this still true? 

    On your iPhone, did you turn off cellular data to make sure its traffic is indeed going through WiFi via Firewalla? Also, please check your phone's flow details to confirm it's traffic indeed outbounded via Verizon WAN interface.

    0
    Comment actions Permalink
  • Avatar
    GKarasik

    I will try that. But I've found a problem. I don't know f it's the problem. Both the Verizon and ATT modems are on the same subnet--192.168.1.1. I am looking for a way to change that on the Verizon modem. I'll let you know how that goes, but it may be tomorrow.

    0
    Comment actions Permalink
  • Avatar
    GKarasik

    Some new data points:

    I received and configured a new Verizon router (ASK-NCM1100). Same problem--With the NCM-1100 set as Primary, I can't browse. When the NCM-1100 is set as Primary, the Firewalla app shows it as Active. I can ping Cloudflare DNS (1.1.1.1), and I can DL email, but I can't browse the web on any of my PCs. There is no problem browsind when my ATT fiber is primary.

    I changed the NCM-1100 LAN subnet from 192.168.1.1 to 192.168.0.1 along with DHCP settings. Same problem as above.

    When myy iPhone 15 (IOS26.5) connected to my Wifi access point and Verizon is set to Primary, everything works as it should. This is true even if I turn off Cellular Data. A PC laptop connected to the same access point will not browse.

    All the above is also true (even the anomalous iPhone behavior) if the Gold Plus is set to Load Balance. Auto Fallback is set to off.

    The NCM-1100 is set for IP Passthrough. I can browse the internet if I bypass the Firewalla and connect a PC laptop directly to the NCM-1100's LAN port (port 2 when it's in IP Passthrough). So it seems that the problem sits between the NCM-1100 and Gold Plus.

    Is there a way to isolate the problem? I am thinking that I might be able to set up a forwarding rule on either (or both) the NCM-1100 and Gold Plus.

    I don't know if a support session is possible or if it would work because I'm not sure you could connect to the Gold Plus when the NCM-1100 was set as Primary.

    Should I open a support ticket?

    0
    Comment actions Permalink
  • Avatar
    FirewallaSupportDesk

    Do you see anything in device flows when using Verizon WAN? Also, if you have IPv6 enabled, please disable it on both LAN & WAN interfaces see if it makes any difference. 

    If nothing helps, please feel free to open a support ticket by emailing help@firewalla.com, mentioning this post, so our support can quickly jump in.

    0
    Comment actions Permalink
  • Avatar
    GKarasik

    Turning off IPv6 doesn't help. I don't see any network flows. I've opened a support case. Thanks for your attention to this.

    0
    Comment actions Permalink

Please sign in to leave a comment.