***SOLVED*** Verizon 5g/LTE as backup not working
My problem was caused by my LAN pointing to the Firewalla's IP as DNS. While this worked with ATT, it failed with Verizon. Changing the DNS to 1.1.1.1 solved the problem for both.
Hi,
I'm hoping for some trouble-shooting suggestions. I've signed up for Verizon Internet as a backup to my ATT fiber. My Gold Plus sees the Verizon router, an ASK-NCM1100 in IP Passthrough mode, and the Gold Plus sees both an external and gateway IP. I can connect through the Gold Plus to the Verizon router's GUI over its gateway IP. The Gold Plus is set up in Failover mode, Auto Fallback On. When connected to my iPhone, the NCM1100's wifi works (I have internet access) .
What I don't have is internet access when I set the Verizon router as the Active connection. It seems like the Gold Plus isn't passing the Verizon router's internet access to my network. I have experimented with various DNS settings on the Verizon router (the Gold Plus's DNS, Verizon's DNS, 8.8.8.8, all with no joy.
Does anyone have any suggestions?
-
GKarasik I hide your reply, because it contains a public IP. We don't recommend expose it on the Internet.
If your device can ping 1.1.1.1 or 8.8.8.8 while Verizon is the active WAN, Verizon's connectivity should be fine. You can run a trace route test to confirm if the traffic is truly outbounded via Verizon.
On Firewalla WAN Interface, could you change the DNS server to 1.1.1.1 and 8.8.8.8 as a test? -
See if Turn on Emergency Access on a device makes any differences.
-
Hi. I'm not sure where my issue is centered and don't know how to proceed.
To recap:
I have an ATT fiber modem connected to my Firewalla Gold Plus. Everything works. I signed up for a Verizon 5g/LTE service as a backup internet service. I connected the Verizon router (ASK-NCM1100) to port 3 on the Firewalla. I set up a network for it in failover mode, Auto Failback. making ATT primary.
The Verizon router is set to factory defaults. The Firewalla Gold Plus sees it, gets an IP from it, and I can ping 1.1.1.1. I can connect to and browse the Verizon box through the Firewalla. When I make the Verizon primary, I can get email, but I can't browse the internet on any of my PCs. A confusing factor is that if I run the iPhone through my Firewalla via an AP, I can browse the internet on my iPhone. Verizon is sending me a new modem, but I don't believe there's a defect in the box. I think that I have somehow misconfigured the Firewalla or there's an incompatibility between the Verizon router and the Firewalla.
Are there any tests I can run to identify the problem?
-
You mentioned directly cabling a device to Verizon modem/router doesn't get full Internet, either. Is this still true?
On your iPhone, did you turn off cellular data to make sure its traffic is indeed going through WiFi via Firewalla? Also, please check your phone's flow details to confirm it's traffic indeed outbounded via Verizon WAN interface. -
Some new data points:
I received and configured a new Verizon router (ASK-NCM1100). Same problem--With the NCM-1100 set as Primary, I can't browse. When the NCM-1100 is set as Primary, the Firewalla app shows it as Active. I can ping Cloudflare DNS (1.1.1.1), and I can DL email, but I can't browse the web on any of my PCs. There is no problem browsind when my ATT fiber is primary.
I changed the NCM-1100 LAN subnet from 192.168.1.1 to 192.168.0.1 along with DHCP settings. Same problem as above.
When myy iPhone 15 (IOS26.5) connected to my Wifi access point and Verizon is set to Primary, everything works as it should. This is true even if I turn off Cellular Data. A PC laptop connected to the same access point will not browse.
All the above is also true (even the anomalous iPhone behavior) if the Gold Plus is set to Load Balance. Auto Fallback is set to off.
The NCM-1100 is set for IP Passthrough. I can browse the internet if I bypass the Firewalla and connect a PC laptop directly to the NCM-1100's LAN port (port 2 when it's in IP Passthrough). So it seems that the problem sits between the NCM-1100 and Gold Plus.
Is there a way to isolate the problem? I am thinking that I might be able to set up a forwarding rule on either (or both) the NCM-1100 and Gold Plus.
I don't know if a support session is possible or if it would work because I'm not sure you could connect to the Gold Plus when the NCM-1100 was set as Primary.
Should I open a support ticket?
-
Do you see anything in device flows when using Verizon WAN? Also, if you have IPv6 enabled, please disable it on both LAN & WAN interfaces see if it makes any difference.
If nothing helps, please feel free to open a support ticket by emailing help@firewalla.com, mentioning this post, so our support can quickly jump in.
Please sign in to leave a comment.
Comments
15 comments