NTP blocked using DMZ plus on 2Wire 3801HGV

  • 1
  • Problem
  • Updated 2 years ago
  • Solved
DMZ Plus on 2Wire 3801HGV Router/Modem does not pass NTP traffic. I see the problem documented here on this forum and others. I did, however, see that the Pace 5168N does have the bridge option that the 3801 lacks. Can I exchange my current router for the 5168N and use the bridge option to rectify this problem. I do not subscribe to MTS TV services.

Thank you
Photo of Dave

Dave

  • 122 Points 100 badge 2x thumb

Posted 3 years ago

  • 1
Photo of Jeremy

Jeremy, Official Rep

  • 18,714 Points 10k badge 2x thumb
Hi Dave,
Unfortunately the equipment cannot be swapped out as easily as that, it requires a technician to be dispatched as the connect stores do not carry those pieces in stock.

To address the issue itself though, what exactly is the trouble you are having?  Is this blocking a certain program or piece of equipment from working?  I didn't think the RG blocked that kind of traffic specifically. 
Photo of Dave

Dave

  • 122 Points 100 badge 2x thumb
Hi Jeremy,

I use my own router in conjunction with the DMZ Plus mode on the 3801HGV. None of the devices on my network are able to update internet time using NTP.  There are many documented in this forum and elsewhere on the internet. DMZ Plus mode on Pace/2 Wire devices will not pass NTP traffic to the LAN. I was hoping the true bridge mode of the 5168N would rectify this problem.  

I do neeed the functionality of my own router as the 2Wire device does not have the feature I require.

As well, this exact configuration has worked on other internet providers previously. Only since using MTS has this problem presented.

Thank you,
Dave
(Edited)
Photo of Jeremy

Jeremy, Official Rep

  • 18,714 Points 10k badge 2x thumb
Well that is certainly interesting, and blows my server side block suspicion out of the water.  We will still have to investigate and test this further with some of our equipment.  This is a very strange issue.  Thank you for raising it to our attention.
Photo of Scottmandu

Scottmandu

  • 340 Points 250 badge 2x thumb
During the last daylight saving change my computer clock did not change. When I go to the "Internet Time Settings" in Windows 10, and hit update on "time.nist.gov", "time.windows.com", or any of the other dozen timeservers I have tried, I get the same message "An error occurred while Windows was synchronizing with xxx.xxx.xxx. This operation returned because the timeout period expired.The clock was most recently synchronized at xxx.

I have MTS TV and am using a Pace 5168N-110. I can ping timeservers so my computer can see them. Do you have any other ideas?
Photo of Scottmandu

Scottmandu

  • 340 Points 250 badge 2x thumb
I found another thread that explained my issue:

"There is a known Security Issue with NTP Inbound that required MTS to block Port 123 Inbound, until it could be patched. The patch is currently rolling out (over the next several weeks), and once that is completed and tested we will be removing the block on the NTP port (123).

This block does not affect Outbound requests, but most devices expect the inbound to also be on port 123, so it will fail unless you can set your device to a different port.

However, MTS has a NTP Clock within the network that is not blocked. If you can set your device to point to ntp.mts.net your device can get the correct time."

Why weren't customers informed of this problem and when will this security issue be fixed?
Photo of Dave

Dave

  • 122 Points 100 badge 2x thumb
thank you, this fixed my issue. Do you have the link to the other thread?
Photo of Tennille

Tennille, Social Media Coordinator

  • 15,524 Points 10k badge 2x thumb
This is the other thread. :)  

https://community.mts.ca/mts/topics/only-on-mts-using-kodi-xbmc-on-an-android-box-do-i-get-these-iss...

I hope you're having a great day! Tennille