Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 
3583 posts

Uber Geek

Trusted

  #775341 5-Mar-2013 23:03
Send private message

I ordered Orcon GPON service and never got a Genius (not that I wanted it anyway). Currently its run through managed switch with VLAN tagging and gets the IP from Orcon via DHCP but can only reach Orcon's gateway on it. Left a ticket for premium support....




Speedtest 2019-10-14




2119 posts

Uber Geek

Trusted

  #775349 5-Mar-2013 23:08
Send private message

ubergeeknz: 
(that, and we can't support anything other than Genius).
haha also, orcon wont even support the features of their genius: you try asking about pptp passthrough - one of the listed supported features and you'll be spun around in a helpdesk loop from hell.

(where are you seeing the feature of pptp passthrough? what page on the router are you seeing that? why are you trying to do this? oh i'm sorry we don't provide support for iPhones ...)

at the bottom of hell was the answer that as it's already in bridge mode it can't be done.

 
 
 
 


3344 posts

Uber Geek

Trusted
Vocus

  #775489 6-Mar-2013 09:40
Send private message

MadEngineer:
ubergeeknz: 
(that, and we can't support anything other than Genius).
haha also, orcon wont even support the features of their genius: you try asking about pptp passthrough - one of the listed supported features and you'll be spun around in a helpdesk loop from hell.

(where are you seeing the feature of pptp passthrough? what page on the router are you seeing that? why are you trying to do this? oh i'm sorry we don't provide support for iPhones ...)

at the bottom of hell was the answer that as it's already in bridge mode it can't be done.


Genius doesn't use "bridge mode" normally, on UFB it auths via DHCP on the WAN interface and then NATs the internal address space.

PPTP clients should work fine over Genius as far as I'm aware (although you should be aware PPTP has been proven insecure and you should really switch to IPSEC if possible).  If you're wanting to run a PPTP server you'd probably need to use the DMZ mode.

Anyway I thought the problem was performance, and/or getting the Microtik working on UFB.  Did you have success on that count in the end?  It might be useful to other forum members if you share the specifics.

1387 posts

Uber Geek


  #775767 6-Mar-2013 16:48
Send private message

MadEngineer:
ubergeeknz: 
(that, and we can't support anything other than Genius).
haha also, orcon wont even support the features of their genius: you try asking about pptp passthrough - one of the listed supported features and you'll be spun around in a helpdesk loop from hell.

(where are you seeing the feature of pptp passthrough? what page on the router are you seeing that? why are you trying to do this? oh i'm sorry we don't provide support for iPhones ...)

at the bottom of hell was the answer that as it's already in bridge mode it can't be done.


iphones will do l2tp/ipsec.


222 posts

Master Geek


  #775770 6-Mar-2013 16:56
Send private message

I'm using an RB2011 with Orcon UFB with no problems. I do dhcp on the vlan interface which uses one of the ethernet ports as the physical interface, not using any type of bridge on the outside. not sure if this helps.

/ben



2119 posts

Uber Geek

Trusted

  #775817 6-Mar-2013 18:29
Send private message

ubergeeknz:Genius doesn't use "bridge mode" normally, on UFB it auths via DHCP on the WAN interface and then NATs the internal address space.

PPTP clients should work fine over Genius as far as I'm aware (although you should be aware PPTP has been proven insecure and you should really switch to IPSEC if possible).  If you're wanting to run a PPTP server you'd probably need to use the DMZ mode.

Anyway I thought the problem was performance, and/or getting the Microtik working on UFB.  Did you have success on that count in the end?  It might be useful to other forum members if you share the specifics.
hmm so i guess the so call senior tech was talking out his rubbish or just plain fobbed me off ... i did try dmz but i don't think this function on the genius passed through GRE (protocol 47 ... does dmz on _any_ domestic router even do that?).

I'm not worried about security as it's only (cough) my home network and everything internal needs a password anyway. it's just better to use a vpn rather than port forward every device individually to the world.

i did try vpn alternatives on my iPhone but didn't have much luck so stuck with pptp.

I _did_ have success and posted instructions on how but for an unknown reason it no longer works.

ultimately I'd like to see if I can get the genius to get voip through the mikrotik 

portunus: I'm using an RB2011 with Orcon UFB with no problems. I do dhcp on the vlan interface which uses one of the ethernet ports as the physical interface, not using any type of bridge on the outside. not sure if this helps. 

/ben
thanks, this gives me hope to keep trying.  maybe i need to reset it and start from scratch. at least then I'll have a console log of what to enter if someone else wants to do the same but it doesn't answer why my pc also doesn't work on it anymore either.

677 posts

Ultimate Geek

Trusted

  #775904 6-Mar-2013 21:20
Send private message

I can also re-assure that UFB auth fro an Orcon POV does not check the MAC of the connected device.
All it cares about is that you are doing a DHCP REQ out the port connected to the ONT with 802.1q tag 10.

I can state this because i built the auth system.

Having said that, if you would like, i can check what auth request we get for your account when you have the mikrotik installed and not getting online.

Let me know if you want to test that.

Paul.




meat popsicle

 
 
 
 




2119 posts

Uber Geek

Trusted

  #775936 6-Mar-2013 21:57
Send private message

hey that's awesome, cheers.

I'm not sure what caused it to fail but sure enough after resetting the mikrotik to default and starting from scratch i was able to get it working again *shrug*. took me a while as i was doing it while entertaining my son and trying to work out why i was unable to connect to the mikrotik (seems anything other than port1 on mine doesn't like talking via mac rather than tcpip to winbox while i'm trying to give it an ip address)

pretty much so long as i get dhcp on the vlan i'm away.

next step before it's too late in the evening is to see if it will pass voip to the genius (and lock its firewall down)

pasting console entries for those wanting to set this up. Hopefully I haven't missed anything as i did cheat along the way and used winbox to verify what i was entering

/ip address add interface=ether3 address=192.168.1.254 netmask=255.255.255.0
/interface vlan add vlan-id=10 interface=ether1
/ip dhcp-client add interface=vlan1 disabled=no
/interface bridge add name=home
/interface bridge port add interface=wlan1 bridge=home
/interface bridge port add interface=ether3 bridge=home
/ip pool add name=homepool ranges=192.168.1.100-192.168.1.200
/ip dhcp-server network add address=192.168.1.0/24 dns-server=192.168.1.254,121.98.0.1,121.98.0.2 gateway=192.168.1.254
/ip dns set allow-remote-requests=yes
/ip firewall nat add action=masquerade chain=srcnat disabled=no

I haven't pasted what i've done to lock it down or how i've configured /interface wireless, ntp client, etc etc but the above should be enough.

2411 posts

Uber Geek

Trusted

  #775948 6-Mar-2013 22:14
Send private message

/ip dns set allow-remote-requests=yes

You just became an open DNS Server (unless you have firewalled it off from external)







2119 posts

Uber Geek

Trusted

  #775958 6-Mar-2013 22:33
Send private message

no and yes :)

taking the shotgun approach i basically allow my internal network, deny a few specific ports for logging, deny broadcast etc then deny all.



2119 posts

Uber Geek

Trusted

  #842100 23-Jun-2013 21:35
Send private message

*bump*

I've got myself a bit closer to having WAN on the Mikrotik with working VoIP on the Genius:

Created a vlan tagged with id10 on port2 of the mikrotik
Gave it its own ip address/range
Added dhcp server to the new vlan
Added a route

With the genius connected to port2 I see it getting assigned DHCP and the internet light comes on but the phone light keeps flashing orange.  I've tried to DMZ it but this seems no good.  Running a shields-up scan I can see all traffic is going to the genius so not sure why the VoIP can't connect.  I've probably done the DMZ wrong ... dstnat 

Any ideas?



2119 posts

Uber Geek

Trusted

  #842126 23-Jun-2013 23:16
Send private message

nope, i've done it ... i had a typo on the local address of the dhcp server/network for the genius


[insertdancing.gifhere]



2119 posts

Uber Geek

Trusted

  #869586 31-Jul-2013 21:35
Send private message

couple of further notes

dst-nat sip to the genius if you're not dmz'ing it, eg:
/ip firewall nat
add action=dst-nat chain=dstnat connection-type=sip src-address=60.234.18.111 to-addresses=["wan" ip of the genius]

[phonenumber]@sip1.orcon.net.nz with your base64 decoded password as per this subforums sticky loaded as an account in the free sip software "Blink" works, but you can't have more than one device logged in.

3344 posts

Uber Geek

Trusted
Vocus

  #869747 1-Aug-2013 09:57
Send private message

Great to see you've got it sussed, and thanks for sharing the details :)

1 | 2 
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

OPPO Find X2 Lite brings flagship features to mid-range 5G smartphone
Posted 29-May-2020 12:52


Sony introduces the digital camera ZV-1 for content creators
Posted 27-May-2020 12:47


Samsung Announces 2020 QLED TV Range
Posted 20-May-2020 16:29


D-Link A/NZ launches AI-Powered body temperature measuring system
Posted 20-May-2020 16:22


NortonLifeLock Online Banking Protection now available for New Zealand banks
Posted 20-May-2020 16:14


SD Express delivers new gigabyte speeds for SD memory cards
Posted 20-May-2020 15:00


D-Link A/NZ launches Nuclias cloud managed network solution hosted in Australia
Posted 11-May-2020 17:53


Logitech introduces new video streaming solution for home studios
Posted 11-May-2020 17:48


Next generation Volvo cars to be powered by Luminar LiDAR technology
Posted 7-May-2020 13:56


D-Link A/NZ launches Wi-Fi Certified EasyMesh system
Posted 7-May-2020 13:51


Spark teams up with Microsoft to bring Xbox All Access to New Zealand
Posted 7-May-2020 13:01


Microsoft plans to establish its first datacenter region in New Zealand
Posted 6-May-2020 11:35


Genesis School-gen has joined forces with Mind Lab Kids
Posted 1-May-2020 12:53


Malwarebytes expands into privacy with fast, frictionless VPN
Posted 30-Apr-2020 16:06


Kordia to donate TV airtime on Channel 200 to community groups
Posted 30-Apr-2020 16:00



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.