Archive for January, 2013

Swapping Out Verizon Actiontec MI424-WR Router for Draytek 2920n

Posted by Russell Wright on January 1, 2013

Here’s my situation:

Located in Plano, TX area
Verizon (Actiontec) MI424-WR connected to ONT (Optical Network Terminal) via CAT5 network cable (NOT getting network connection with MoCA-Multimedia over Coax Alliance)
Adding Draytek Vigor 2920n router with LAN-to-LAN VPN to office (which is on TWC – Time Warner Cable Internet)
Need to keep Fios TV service running
192.168.1.x subnet at home
10.1.10.x subnet at office with additional 10.0.100.x subnet behind RRAS (Routing and Remote Access Services) NAT (Network Address Translation) server

Things I’ve noted:

STBs (Set Top Boxes) need to have Coax internet connection (MoCA) as the RJ-45 network connection is not usable (dead)
Verizon typically uses .100, .101, etc. for last octet on STBs
Will need to keep MI424 running to support MoCA connections to STBs
2920n is wireless N, while MI424 is wireless G
MI424 is a pretty decent router, but it takes a long time to reboot
MI424 Current Version: 4.0.16.1.56.0.10.14.4

Here’s what I did to enable all this:

Released IP address on WAN connection of MI424

Disabling the PPPoE WAN interface on the MI424 appears to release the IP address gracefully

Disabled wireless on MI424
- Using wireless from2920n
Re-IP’d the MI424 to 192.168.1.50 (or some other unused address)
Disabled all DHCP (Dynamic Host Control Protocol) on the MI424
Re-IP’d the 2920n to 192.168.1.1 (essentially replacing the MI424)
Enabled DHCP on 2920n so it provides all dynamic IP addresses for the home
Set up PPPoE (Point-to Point Protocol over Ethernet) to Verizon Fios using 2920n (easy peasy)
- This essentially replaced my MI424 internet connection with the 2920n
Set up dynamic DNS for home (Verizon) and office (TWC) 2920n routers
- This allows the home and office routers to be tied together using host names instead of requiring fixed IP addresses (Dyn.com)
Set up IPSec LAN-to-LAN VPN between 2920n routers (pretty easy, once you know what you are doing)
Bridged the Broadband Connection (Ethernet) on MI424 to Ethernet, Coax and Wireless Access Point connections
- This allows traffic to flow through the MI424 by using the WAN connection as an uplink from the 2920n providing network connectivity to the Coax (MoCA)

Things left to do:

Figure out how to create a static route from home to 10.0.100.0 to secondary 10.1.10.5 gateway over VPN connection
- This has been "figured out." See more details at the end of this post.

Here are the hardware connections.

Configure Draytek 2920n for PPPoE to Verizon.

Entered verizonfios (no password) in the Username field and left everything else alone.

Coax (MoCA) connection to STBs needs to be enabled so the STBs can get their IP addresses and have network connectivity.

Disabled unused interfaces on the MI424.

Added the Broadband Connection (Ethernet) to the list of bridged connections.

My Network | Network Connections | Network (Home/Office) | Settings

DHCP disabled on MI424.

Disabled DHCP on the Network (Home/Office) connection. All other DHCP services should also be disabled on all networks (chances are, they already were).

And therefore, DHCP is disabled on all bridged connections (e.g. Coax)

This is what the MI424 WAN PPPoE connection looked like before I swapped it out with the 2920n.

Draytek 2920n router showing dialed-out (home) IPSec VPN connection active.

Draytek 2920n router showing dialed-in (office) IPSec VPN connection active.

Defining Static Routes Between Home and Office Routers

From the home network (192.168.1.x) I want to route all 10.0.100.x traffic to the office through the office 2920n which should then forward it to the NAT I have configured on an RRAS server. This was accomplished with additional gateways on the VPN and static routes on the office router.

On the home router, add an additional remote network using the MORE button. Notice the default network, 10.1.10.0 is the 2920n at the office and the 10.0.100.0 network is the RRAS NAT server that is connected to the 2920n.

On the office router, configure a static route that forwards all 10.0.100.x traffic to the gateway address on the RRAS NAT server.

Funny, I did this yesterday (12/31) but it seems to have taken some time for the route to be "figured out" by the routers. I checked it today and it was working, without me doing anything special.

I did, however, have to add the DNS server on my 10.0.100.0 network to my home router so I could get name resolution. Works great!