Experiences with the Verizon Wireless Network Extender

by Dan Strom on February 2, 2010

It’s been over two weeks now since I installed a Verizon Wireless Network Extender at home. We can get a weak Verizon signal at our house, but it varies based upon where in the house the phone is. I wanted to have a way to reliably use my Verizon Wireless cell phones at home. That is why I got the Network Extender.

As you can imagine, results have been mixed…

What is the Network Extender?

It is a small box that attaches to your broadband Internet connection and creates a small cell for your cell phone to connect to. When inside that cell, or “bubble” as I have seen it referred, your cell phone talks to this little box rather than trying to find a signal from a far-away tower. Your conversation is routed across your Internet connection to Verizon’s servers and then to to other party.

What do I like about the Network Extender?

  1. I like the idea of using broadband internet to allow cellular access in an area of weak cell phone signal.
  2. Access to the Network Extender can be limited to only specified cell phone numbers.
  3. A certain amount of management can be done on-line via the Verizon Wireless web site.
  4. Our landline was out the past couple of days. With the Network Extender, we were still able to communicate with the outside world!

What do I not like about the Network Extender?

  1. Following the published setup instructions did not work on my home network. I had to call tech support for more information. My connection t the Internet is very generic. They should include more information in the setup instructions.
  2. I live in an area that was AllTel until last October. I couldn’t connect to the Network Extender with my cell phones, and so called Tech Support. Because of the migration from AllTel to Verizon, we have a hybrid PRL pushed out to our phones. The Tech Dude had to turn off the hybrid PRL, and then we had to do the *228, option 2 to get a Verizon-only PRL. (Of course, I had to take each phone to the one location in the house that get sufficient signal off of a Verizon tower in order to get the PRL update.) I’m still experimenting with my Moto Android to see if there is any impact on my reception and signal strength while out-and-about.
  3. The cell phone needs to be within 15′ of the Network Extender to latch onto the femtocell for incoming or outgoing calls. Then the phone can go further away. I haven’t quite figured out the patterns of when the femtocell is used, and when it is not.
  4. I had to configure my home router (linksys wrt610n) so that the Network Extender is the DMZ machine. This was one of the things that I needed to call tech support for. What if I had another machine using the DMZ configuration? How could I use both? The tech dude didn’t know what ports I needed to allow. I configured the wrt610n so that the Network Extender is the DMZ host.

Being the inquisitive sort, I decided to put a hub on the network drop going to the Network Extender and fired up Wireshark. It appears that the Network Extender is using IPSec to connect to the Verizon servers. I wonder if they are using VoIP protocols encapsulated in IPSec, or not…

I am thinking about sniffing the traffic for a bit longer and then removing the Network Extender from the DMZ and putting it back on the internal network. I will update this post if I try this.

- Dan

If you enjoyed this post, please consider leaving a comment or subscribing to the RSS feed to have future articles delivered to your feed reader.

Tagged as: Cell Phone, Femtocell

{ 6 comments… read them below or add one }

Chris April 10, 2010 at 2:26 pm

I wish I had found your post before having to figure all this out but you are exactly right. I’m also part of the Alltel migration so I need the hybrid PRL to have service at my house. There is an Alltel tower less than 5 miles from me so I have great service when I’m at home. The service is not so good at my parents home so I purchased the Network Extender to leave there and when on the Verizon only PRL it works great. However when I leave there I need the hybrid PRL again.

While on the hybrid PRL the Network Extender works intermittently so I did the OTAP *228 option 2 but that did not change the PRL. I guess If I keep the Network Extender then I would have to call Verizon every time I needed to use it. IMO that would not be practical.

Any suggestions would be appreciated.

- Chris

PJF July 7, 2010 at 3:26 am

Thanks for the article, any update on what ports and protocol it’s using?

Obviously the lack of EVDO support is the ultimate failure of this device.

I’m doing some sniffing myself on my OpenBSD router so I can setup QoS and send the traffic out through a different ISP.

Tech support over at Verizon seems to be clueless.

d.strom, cissp, gsec, gsna July 7, 2010 at 8:29 am

I took mine down due to insufficient bandwidth from my fixed wireless ISP. It built an IPSec tunnel using standard IPSec ports. I was not that thrilled that I had to expose the IP for the device thru my firewall. And you are right,Verizon tech support was useless.

Interested July 27, 2010 at 8:43 pm

Well I believe a Man-in-the-Middle could work on the IPSEC? I would think that is beyond the scope of my skills tho :(

But I am disapointed the ipsec prevents you from setting up QOS. If you cant control your packets, how can you configure your router for Interweaving & Fragmenting? (here’s a simple explaination link)
https://learningnetwork.cisco.com/thread/1800
Answer is you can’t.

Also, is anyone aware of the cisco product, hwic-3g-cdma-v.
A cisco 2600 router is cheap nowadays, and if the ipsec tunnel ends in the network extender, then this device should circumvent ipsec all together.

Jim Perry July 27, 2011 at 10:07 pm

I have an older model network extender that the power supply died on. while searching for a replacement, i got verizon to ship me a new extender. For the life of me, i cannot get the second one to connect. I am behind a fortigate fg-60 firewall and required no special firewall rules for the original (since back in service – functioning flawlessly), however the newer one will not sync up with big red. They are both behind the same firewall. Have you ever discovered anything else technically related to what this thing wants for access? It is in my account and authorized, yet it does not want to connect. this is the replacement to the second one, and so far no better than the original replacement i ordered. meanwhile, the “old” model is workin just fine in the house. i want to get the other one working in my shop.

Thanks for the info!

Dan Strom July 28, 2011 at 8:09 am

Jim-
I would suggest putting a sniffer on the ethernet segment between your network extender and the fortigate. Watch the packets that are being sent and make sure there are rules in the firewall to allow them to pass. Take note of the destination IP address. Then watch outside the firewall for packets from that IP address. You should be able to reverse-engineer the connection to the point you can get traffic to pass successfully.

One of the problems with the network extender is that there is a complete lack of technical documentation available to the end-user.

Good luck!
- Dan

Leave a Comment

Spam Protection by WP-SpamFree

Previous post:

Next post: