37431 Views Previous 1 2 3 4 5 Next 61 Replies Latest reply: Aug 2, 2009 1:09 PM by acrein Go to original post
Thank you for the reply, Linda. It has been helpful. I'm eager to get any add'l data I can get. I realize that the setup you describe is possible, but that's not really what I'm after. macmark2's post indicates that he is running with solely a Time Capsule and no ActionTec router whatsoever. That is what I am after. Here are the reasons:
1. 802.11n - ActionTec only has "g". Much slower, less reliable, and I'm experiencing connectivity drop-out problems with the ActionTec wireless.
2. *Gigabit Ethernet ports* - ActionTec only has 100 Mb.
3. *Wide-Area Bonjour* - No other router manufacturer has a wide-area ZCN (Zero Configuration Networking) technology equivalent to this, or more accurately, one that integrates with an operating system so tightly and seamlessly. Being able to remotely access and control boxes on your home network with no VPN, no FTP, no DNS, and no firewall changes is HUGE. Wide-Area Bonjour is groundbreaking! With the ActionTec router in the way, acting as the firewall, Wide-Area Bonjour is impossible. I realize that you can put the Time Capsule *in front* of the ActionTec, using the TC's PPPoE features to connect to Verizon, but still, I want the ActionTec out of there. I've implemented dual-router configurations before and it's a little bit of a configuration nightmare.
Yes, I definitely see your point.
No arguments from me.
Can you get wide-area Bonjour to work outside of your home network? If you can, I'd love to know how. I have filled in the username etc. as the AppleInsider post suggests, but it isn't working for me. I'd love to know how you get that to work!
(But a few comments, just to see if I understand...)
I already have a house that's coax wired. If I'd had Verizon string Ethernet it would have been a hassle and an expense. I understand there are MOCA-coax-to-Ethernet adapters, but that too would have been an additional expense, so I figure the Actiontec is its own MOCA-coax-to-Ethernet adapter this way, and I get a G network to boot. But I do wish I could get rid of the extra equipment and lights.
I still have some G equipment. If I run G and N together, at least some of the time it will slow down N. That's why I use my TC as a 5 GHz N-only bridge. At least then N-to-N communication is as fast as it can be (MacBook Air to Apple TV, for instance).
Gigabit Ethernet doesn't mean too much to me because I'm not running anything wired.
I'm a new FIOS user as of today (TV, phone and internet) trying to deal with similar issues. As for the Actiontec, A) you have to have it, cos of the coax, and B) the firewall's a mess. So I turned off the wireless on it, and simply connected a LAN port on it to the WAN port on my old Netgear router, and DMZ'd that device. This way, the internet is wide open but NAT'd to the Netgear, and the Netgear serves its own downstream LAN systems, running as another DHCP server layer, etc. So the only devices that are getting an IP from the Actiontec are the Verizon TV box, via the coax network, and the Netgear, via the Actiontec LAN. Everything else is as per previously, on the Netgear. I've got more testing to do, but it looks as if this is working quite nicely, allowing inbound access on all ports I've tested so far, and providing the TV settop box with all its services as per normal. I'm sure there's some latency via the two NAT networks, but I'll live with that - for now.
I think you could certainly try this with the TC or AEBS
Sadly, I am on vacation right now and cannot definitively confirm the set-up. And, believe me, I understand that it is important to you. It was to me which is why I asked for the set-up to be this way when I got the FiOS TV up and running.
What I can confirm is that I do not have an ActionTec Router. I believe the trick is that the technician added a coax splitter between my airport and the box.
I will confirm entire set-up by this weekend...
The way you have things set up, are you doing double NAT? That works fine for most stuff, but I think it confuses Back to my Mac and other services that require a clean route into your network.
I definitely understand why you would want to get rid of most of the Actiontec functions.
And, welcome to FIOS. Hope you like it.
Yes, the double NAT worked pretty well, but not well enough. I reverted to the Actiontec and finally got it to work by setting port forwarding as follows:
AFP - TCP Any -> 548 All Broadband Devices
Now, I can access the server from outside. Now to deal with the **** of enabling iChat AV, Screen Sharing and a few other services on it. That Actiontec is a mess, fer sure.
As for FIOS? Wow - I uploaded a 1GB file in nine and a half minutes today. Hard to argue with performance like that.
Well, it's certainly clunky in that Actiontec, but you need to create ('Add') a Firewall rule for the IP address of your TC to allow it access. When you do that, you get into some submenus where you can specify the Protocol as TCP, and then you see two drop down menus, with Single or Any. Specify single on the destination as 548, but leave the source as Any.
However, I'd be wary of doing this with your TC if I were you. Very wary. If you allow AFP access to your TC, and since that contains all your files, you're essentially opening direct external access to your files. Not a great idea, IMHO.
This is what I did for my friend with FIOS and an ActionTec...
We went into the actionTec and reduced the DHCP range to 2-100 instead of 2-254
We changed his Wireless to be called wireless-b-g
We opened a DMZ connection to 101
We configured his time capsule with a STATIC WAN IP of x.x.x.101, where the dmz would forward packets
We copied the DNS server entries into his Time Capsule setup
We run DHCP and NAT on a different range, and have all his machines plugged into the TC. We also made the TC ONLY run at the 5 GHz and ONLY run n to increase his speed and range.
Anyone coming into his house with an old b or g laptop can get on the Internet, but has no access to the printer he has connected to the TC
The Wired machines and his new MacBook can see and work with the TC just fine....
So, what I recommend, is instead of using the Bridge mode, reduce the number of ports you assign, pick one, and make it the DMZ.
Hope that helps.
On Mar 24, 2008 11:35 PM, Linda Custer wrote:
Can you get wide-area Bonjour to work outside of your home network?
Only if an Apple router is also being used as your firewall. In other words, the Apple router [Time Capsule, AirPort Extreme, etc.] must be the first thing in line after the Verizon ONT [optical network terminal]. In other words, your Time Capsule can't be in line behind the ActionTec. From the sound of your setup, your ActionTec is first in line. Its built-in firewall is protecting your network. It is exposed to the Internet, which means any computers outside of your home network can "see" it. Your Time Capsule is not exposed to the Internet because it is just "bridged" off a LAN port of your ActionTec. No computers outside of your home LAN can see the TC, hence the reason Wide-Area Bonjour won't work.
It shouldn't bee too hard to get the Time Capsule "in front" of the ActionTec as I'm describing. From what I'm reading, the Time Capsule (and Airport Extreme) has PPPoE capabilities. This is the protocol the router uses to connect (via its "WAN" port) to Verizon's network. You would just reverse the boxes as you have them now. Plug the Ethernet cable coming out of Verizon's ONT into the Time Capsule's WAN port. The plug the ActionTec's WAN port into a spare LAN port on the Time Capsule. (WARNING: I haven't attempted this, and can't vouch for success. Only know from doing this with non-Apple routers in the past.) You would have to log into the ActionTec and shut-off the firewall, and log into the TC to ensure that the firewall is active. Then, you would have to set the TC to do "NAT" (network address translation) and give out DHCP addresses, and stop those same things in the ActionTec. And, finally, you have to go into the TC's PPPoE configs and enter a few bits of info that tell it to connect to Verizon's network (likely just an IP Address, a Username, and a Password - which Verizon will provide if you don't know them). Again, this is only theory. But, in this case, you could take advantage of Wide-Area Bonjour. Apple's "Back to My Mac" service uses Wide-Area Bonjour to let you access your home Macs remotely.
That's interesting about "MOCA-to-Ethernet" adapters. I didn't know that. That's a helpful piece of info that will help me in this quest. Thanks!
OK. Good. I see the advantages.
However, if you don't want to deny visitors access to the printer, and you do the setup as I described above, EVERYBODY on the network can see EVERYBODY else (including the printer) because when the Actiontec hands out DHCP and does DNS, and the Time Capsule is bridged, it all looks like just one big network, and you still have the advantages of a g-only (or b/g only) network and an n-only network that don't interfere with each other.
But my Macs running back-to-my-mac can be seen outside my house just fine. It's because I have U-PNP enabled on the Actiontec, and back-to-my-mac plays well with that. So, I'm surprised that the Time Capsule doesn't take advantage of U-PNP too. Maybe it requires Apple's protocol only.
I can't connect the Time Capsule directly to my ONT because my ONT was installed as MOCA. The Ethernet is disabled. I don't have any Ethernet running from the ONT in the garage -- in fact I don't have Ethernet in the house anywhere. I could re-plumb the whole thing, but I wanted to spare the hassle. The house was already fully wired for cable, so this was just easier.
I'm very happy with my setup, except for the inability to get to the Time Capsule from the outside without a Mac running inside. Practically, this isn't much of an issue because I usually have at least one Mac (an old Mac Mini first generation) running, and back-to-my-mac works fine with it, so I can access the Time Capsule indirectly from outside by accessing that Mac.
This is a great discussion. I'm learning a lot. Thanks.
In response to your request for my FiOS setup using only Time Capsule:
It's actually difficult o understand how the tech did it because there is an ethernet cable going from the Time Capsule back to the basement. I will try to explain but it gets murky:
From the Street to the ONT.
Coax Cable out to Splitter - Splits to Cable Boxes
Ethernet Cable to Small jack-sized Connector Box (size of a telephone jack and screwed in to the baseboard, hidden) in Living Room
*Time Capsule* (in living room)
Ethernet cable from Small jack-sized Connector Box
Ethernet Cable back out to Small Connector Box
*Motorola Ethernet Converter* (in basement)
Cable in from ONT outside
Ethernet Connection to living room jack connector to Time Capsule
It would seem when the technician installed this for me, and I specifically asked him to not put in the Actiontec router, he placed a small Motorola Converter Box that takes a coax cable in from the ONT outside to the basement and the Ethernet then runs to the Time Capsule upstairs (WAN) .
Then an ethernet cable runs from the Time Capsule back to a connection in the jack-sized box in the living room. This is where I am unsure how it works, but my guess is that this is the connection that talks back to the FiOS TV for the guides and the VOD -- which I definitely have.
All settings are DHCP. No NAT. Three computers all running wirelessly, 2 laptops, 1 iMac. This was mostly due to the original Airport Base Station not having more than one LAN. Now, of course, the Time Capsule has several ethernet LAN connections and the desktop could be wired.
Hope this makes some sense...
For those working with Verizon FIOS and the Actiontec router; The router, ONT, and Motorola set-top boxes are all based around MoCA, "Multimedia over Coax Alliance". This technology was developed to allow cable & telco providers to use existing 75 ohm coax from ubiquitous cable installations to provide interactive TV and Internet without having to run new wire in the subscriber's home. The router connects to the coax, much like a cable modem. What is also happening, however, is that the frequencies from 1-1.5 GHz, (above the TV channels) are used to create a local area network used by the STBs to communicate with the router, and thus the internet for providing video on demand and the on-screen guide. If you purchase the service, it also allows a STB DVR to stream programming to other STBs in your house, or for Windows PCs to play music or pictures on a TV. (Apple TV wannabe). BTW, if you have too long a coax run, too many splitters, or older splitters not designed to work above 850 MHz, the STB on screen guide won't work. In my case, the Actiontec ended up in the basement for just that reason. For those interested, there are a number of white papers that cover the MoCA technology at: http://www.mocalliance.org/en/index.asp
Seems to me the simplest approach would be to log into the Actiontec, turn off the wireless, Connect your favorite wireless access point/base station/time capsule, set it up as you wish, and be done with it.
I've gotten my airport extreme to replace my Actiontech router, however, it seems to drop the connection once a day and not reconnect even though I have the preferences set to "always on." My Fios uses a PPPOE connection and I am running a NIM box right of the Airport Extreme. If I manually reboot the router the connection re-establishes. Any ideas on a fix?