Ask a question
Search in U-verse Forums

U-verse Forums

Reply
Posted Sep 18, 2012
9:00:46 PM
View profile
3800HGV-B in DMZPlus Mode with Hardware firewall and Motorola VIP2250

Hello,

 

I am having an issue with the setup in the subject line. I will detail below.

 

I have a 3800HGV-B in DMZPlus mode. I have a hardware firewall ( fortigate 60c), connected to the LAN side of the 3800 with the public IP address assigned to its WAN interface. This is the purpose of having the DMZPlus mode. Currently, everything in the network functions fine.

 

However, I am having an issue with the DVR ( VIP2250 ). It is recieving a DHCP address from my fortigate. I also set the Uverse DNS to be sent with the dhcp server. I know this is necessary. I am able to get the box to work but only for a few seconds. It will play just fine and then cut out. If i change the channel and put it back, it will then start working again but only for a few seconds. This happens on every channel.

 

I have adjusted MTU and some other settings. This has not remedied the situation.

 

Does anyone have any ideas or a similiar setup where the IPTV device is not connected directly to the 3800?

 

Thanks

Hello,

 

I am having an issue with the setup in the subject line. I will detail below.

 

I have a 3800HGV-B in DMZPlus mode. I have a hardware firewall ( fortigate 60c), connected to the LAN side of the 3800 with the public IP address assigned to its WAN interface. This is the purpose of having the DMZPlus mode. Currently, everything in the network functions fine.

 

However, I am having an issue with the DVR ( VIP2250 ). It is recieving a DHCP address from my fortigate. I also set the Uverse DNS to be sent with the dhcp server. I know this is necessary. I am able to get the box to work but only for a few seconds. It will play just fine and then cut out. If i change the channel and put it back, it will then start working again but only for a few seconds. This happens on every channel.

 

I have adjusted MTU and some other settings. This has not remedied the situation.

 

Does anyone have any ideas or a similiar setup where the IPTV device is not connected directly to the 3800?

 

Thanks

0
(0)
  • Rate this reply
View profile
Solved
Sep 19, 2012 6:58:18 AM
0
(0)
ACE - Expert

You do not want to put a router or firewall between the RG and the STB/DVR.  You need for the RG to perform DHCP for them, and most routers/firewalls will not properly handle the multicast traffic that AT&T is using for their IPTV.

 

Evidence of that is your watching experience.  When you change channels, you initially get a unicast feed just for your TV.  Within the next 10 seconds, a multicast feed is started and your STB tries to switch to it.  Your picture fails at that point.


Are you that worried about protecting your STB's from external attack?

 

*The views and opinions expressed on this forum are purely my own. Any product claim, statistic, quote, or other representation about a product or service should be verified with the manufacturer, provider, or party.
Accepted Solution

3800HGV-B in DMZPlus Mode with Hardware firewall and Motorola VIP2250

1,439 views
4 replies
(0) Me too
(0) Me too
Reply
View all replies
(4)
0
(0)
  • Rate this reply
View profile
Solved
Sep 19, 2012 6:58:18 AM
0
(0)
ACE - Expert

You do not want to put a router or firewall between the RG and the STB/DVR.  You need for the RG to perform DHCP for them, and most routers/firewalls will not properly handle the multicast traffic that AT&T is using for their IPTV.

 

Evidence of that is your watching experience.  When you change channels, you initially get a unicast feed just for your TV.  Within the next 10 seconds, a multicast feed is started and your STB tries to switch to it.  Your picture fails at that point.


Are you that worried about protecting your STB's from external attack?

 

You do not want to put a router or firewall between the RG and the STB/DVR.  You need for the RG to perform DHCP for them, and most routers/firewalls will not properly handle the multicast traffic that AT&T is using for their IPTV.

 

Evidence of that is your watching experience.  When you change channels, you initially get a unicast feed just for your TV.  Within the next 10 seconds, a multicast feed is started and your STB tries to switch to it.  Your picture fails at that point.


Are you that worried about protecting your STB's from external attack?

 

*The views and opinions expressed on this forum are purely my own. Any product claim, statistic, quote, or other representation about a product or service should be verified with the manufacturer, provider, or party.

Re: 3800HGV-B in DMZPlus Mode with Hardware firewall and Motorola VIP2250

2 of 5 (1,413 Views)
Solution
0
(0)
  • Rate this reply
View profile
Sep 19, 2012 12:39:01 PM
0
(0)
Contributor

JefferMC,

 

Thank you for the reply!

 

I use my fortigate for a VPN's and a few other functions including external network security. Thus, I prefer to have the firewall applicance to be attached to the external network.

 

Thanks for your comment!

 

JefferMC,

 

Thank you for the reply!

 

I use my fortigate for a VPN's and a few other functions including external network security. Thus, I prefer to have the firewall applicance to be attached to the external network.

 

Thanks for your comment!

 

Re: 3800HGV-B in DMZPlus Mode with Hardware firewall and Motorola VIP2250

3 of 5 (1,382 Views)
0
(0)
  • Rate this reply
View profile
Sep 19, 2012 12:54:37 PM
0
(0)
ACE - Expert

Gotcha.  I would just recommend that you segment the AT&T IPTV network from your "real" network.  The only issues with that will occur when you want to mix worlds:

  • MediaShare (STB's can consume WMP 11 and above service to show photos and play audio files.  Would need network access to that LAN.)
  • iOS based remote control of STB (iOS device needs to be table to find a fairly free route to the RG and from there, access to the STB it's paired with).

 

Gotcha.  I would just recommend that you segment the AT&T IPTV network from your "real" network.  The only issues with that will occur when you want to mix worlds:

  • MediaShare (STB's can consume WMP 11 and above service to show photos and play audio files.  Would need network access to that LAN.)
  • iOS based remote control of STB (iOS device needs to be table to find a fairly free route to the RG and from there, access to the STB it's paired with).

 

*The views and opinions expressed on this forum are purely my own. Any product claim, statistic, quote, or other representation about a product or service should be verified with the manufacturer, provider, or party.

Re: 3800HGV-B in DMZPlus Mode with Hardware firewall and Motorola VIP2250

4 of 5 (1,377 Views)
Highlighted
0
(0)
  • Rate this reply
View profile
Sep 19, 2012 1:05:26 PM
0
(0)
Contributor

JefferMC,

 

Thanks for the advice. What was really bothering me was not understanding what the issue was but, multicast explains it.

 

JefferMC,

 

Thanks for the advice. What was really bothering me was not understanding what the issue was but, multicast explains it.

 

Re: 3800HGV-B in DMZPlus Mode with Hardware firewall and Motorola VIP2250

5 of 5 (1,373 Views)
Advanced
You must be signed in to add attachments
Share this post
Share this post