TLDR - If you are on ASK-NCQ1338FA ‘white cube’ router and having issues with “IP Passthrough” setting not working,

1. do a factory reset, and reconfigure it from scratch. It solves the problem (though I don’t know how permanent this solution is?) (Updated later - Nope. Factory reset worked well for a few hours and then it started to have the same issue)
2. or Get a new ARC router. It will solve the problem (but you might lose your price guarantee when you get a new router. See below thread for more details)
3. or Change the MTU and/or MSS values on your other router (e.g. Google Nest, Eero Mesh, Unifi, etc.) from 1500 to something like 1428 or 1400. (See below thread for more details)
4. or turn off ‘IP Passthrough’ for now and set it up to do ‘Double NAT’ on your Cube + your home router.

2180×1635 341 KB

Problem - If you are using Verizon 5G Home Internet router/gateway as a bridge (“IP Passthrough” setting) to connect to your better router at home (e.g., Google Nest Wireless Router, Eero Mesh Wireless Router, Unifi Dream Machine, etc.), in the past few months suddenly your internet might have gone unreliable, where certain web pages refused to load (e.g. Verizon.com, LinkedIn.com, PayPal.com, googleadservices.com, etc.) or really slow to load. You can check the box “IP Passthrough”, but it will revert back to not checked when you reload the page.

Why - It seems that there was some kind of firmware update (version 231441 back in May?) that was rolled out in the past few months that broke “IP Passthrough” feature on ASK-NCQ1338FA router.

​

Is it Going to be Fixed? - No? I contacted Verizon support for hours to get this fixed and they are saying the old router (ASK model) won’t be getting more firmware updates to get this issue fixed. (But they were wrong on many things like below, so who knows)

Solution - a few options

1. New Router - Verizon recommended that I purchase the new router (ARC-XCI55AX ‘white cube’ model) for ~$50, one time charge, to replace the existing router. I did it, and it did fix the issue.
2. Factory Reset Old Router - Trying all sorts of settings change (e.g. DMZ settings, DNS, etc) never got the ‘IP Passthrough’ to work. But factory reset and reconfiguring it from scratch did. I just did it today, so I am not sure if it will stay that way, but so far so good. Try it and let me know. (This did not work. It worked only for an hour or so, and get went back to the old behavior)
3. Change MTU/MSS - You should set the MTU and/or MSS values on your home network router (Not the Verzion one, but your Google/Eero/Unifi router) per cultural pain582’s advice below thread.
4. Double NAT - Turn off ‘IP Passthrough’ for now and set it up to do ‘Double NAT’ on your Cube + your home router.

Why I am NOT switching to the new ARC router

1. Verizon told me that it would be one time ~$50 fee for the router. But then I got the bill and they are charging me $45 per month service for that 5G Home Internet line (while keeping my $25 5G Home Internet line at the same time!)
2. The new ARC router (with 5G Home ‘NOT PLUS’ plan) caps out at 300Mbps download and about 25Mbps upload. On the old ASK router, there was never a speed cap, and it routinely did 700Mbps download and 100Mbps upload.
3. Most importantly, I signed up for the ‘Life time price guarantee’ of $25/month 5G Home Internet, and that cannot be kept when you switch the router from ASK to ARC (even though I asked multiple times to the Verizon agent to confirm that this is possible before I placed the order, and they TRIPLE confirmed me that it would be so. It wasn’t, and now they are saying the new program only allows 3 year price guarantee at $35. They are willing to give additional $10 credit to make it $25 per month, but this expires after 3 years)

==================================================

Some Random Technical Notes

- Router Console Page Access - ASK defaults to 192.168.0.1 but ARC defaults to 192.168.1.1. Since my Unifi Dream Machine Pro router is sitting at 192.168.1.1, I couldn’t access it the normal way. Have to be wired directly onto the router to do the initial setup on ARC.

- Console Page Access After ‘IP Passthrough’ Setup - Once you set this setting, you will lose your router access via 192.168.1.1 address. If your home router shows what the WAN IP address is, you have to use that to access the page. For example, if your WAN address shows up as 75.50.50.50, then your router console access page would be ±1 of that (e.g. 75.50.50.49 or 75.50.50.51). It seems to be random whether I need to add 1 or subtract 1 from the IP address. Try both and see which page loads.

- New ARC router has lower latency (10-15ms) than old ASK router (~20-25ms) at my home on the west coast.

- Router LED Color - ASK router LED turns GREEN when IP Passthrough is enabled. ARC router LED stays WHITE. (Updated - Actually the GREEN just means the Wi-Fi is disabled. So if you disable the Wi-Fi on ARC, it will also turn GREEN)

- My ASK router has Modem Firmware Version 231451 and Router Firmware Version 3.2.0.21

- My ARK router has Modem Firmware Version MOLY.NR15.R3.MD700.MP.V39.P22 and Router Firmware Version 3.1.1.21

- What DNS servers are you using for your network? What Verizon gives you? I am using 1.1.1.1 and 8.8.8.8. Not sure if that is causing any issues? (Updated - Nope. Not the DNS issue)

I’m using IP Passthrough to a UniFi Dream Machine Pro and have the ASK-NCQ1338FA. I use it as a backup ISP. Lately I’ve been having issues when using the Verizon Internet where some websites are slow to load or don’t load properly. The bigger issue however is it seems like downloads almost always fail. This can be iOS app or os updates, videos for offline viewing, steam updates ect. I’ve been scratching my head trying to figure out the issue as a lot of sites will load fine, work stuff like teams is fine, and streaming like YouTube is fine. I wonder if it’s at all related to what you’re experiencing.

Finally, found other people experiencing this issue. I was having trouble visiting Verizon.com to manage my Verizon account and a few other sites as well.

I factory reset my ASK-NCQ1338 Verizon gateway and turned off the Wi-Fi radios, that resolved part of the issue. So now all my websites work, but I recently discovered that I can’t access my Synology NAS from outside my home network through the VPN I set up on the NAS.

In some testing I did, I found that if I enable IP passthrough, Verizon.com doesn’t load anymore (just like before I factory reset), but my VPN connects immediately, which indicates to me that it’s not an issue with my VPN configuration or firewalls or anything, right?

I’m thinking I’ll contact Verizon and see what my options are to get a new device, but I’m hesitant based on op’s experience.

This thread claims to fix it with WAN MTU and MSS value adjustment:

TLDR: WAN MTU 1400, MSS 1360

I have not tested this yet as I’m not home, but plan to when I’m there.

EDIT: THIS APPEARS TO FIX IT!

CS reps lie about lots of things, as you have discovered. Since the IP passthrough bug is also affecting business clients I expect they are still trying to fix it.

Thanks for this valuable info. I’m on an old ASK cube, I can’t turn on the pass through function as you mentioned, yet my home router (pfsense) has an external IP address as though it’s working. I definitely see some sites are slow, and I haven’t been able to access Verizon sites as you described. I’m afraid to touch the thing, as it mostly works and I can’t risk breaking my connectivity since two of us work from home on this line.

So I have the old ASK router and I’m on 3.2.0.20. I don’t use IP passthrough since I don’t really need it even though my mesh wifi with router is what I connect to; double NAT not affecting my speed much. Not sure when IP passthrough got broken (or if it even ever worked) but Verizon updated my router with that version recently so it must be available. I was just wondering if perhaps there was a previous version which works.

Update: just noticed that yesterday they updated me to router 3.2.0.21 and firmware 231451. That other version didn’t last more than a couple of weeks.

I have found that when my ARC router is assigned an IP address from DHCP starting with 75, I have no problems. But when it gets a 97.x.x.x address, I have all kinds of timeout issues. Anyone else observe the same?

I’ve heard from some CS reps before that yes they do indeed just lie. Sometimes it’s to make you “happy” sometimes it’s just to end the call. Many do not know any of the technical questions we are calling about. I’ve had reps be confused as to what ip passthrough even was. So normally I just don’t ask them anything now if I have to call. If something really breaks I call and ask for a replacement device since I have had a cube that the 5G antenna went bad. Otherwise I just use DMs and deal with the rest since firmware updates are completely random it seems anyway.

Same issue here. Firmware update on my ASK started this issue. Cannot update iOS devices, etc. I can VPN using Mullvad or my work VPN and everything works.

My IP passthrough was also broken when my ASK cube received that firmware update. But it was because the MTU value on the cube changed from 1428 to 1500 with the update. I had previously needed to change the MTU on my router to 1428 to match the Cube’s MTU. But after the firmware update they were mismatched again. Flipping the MTU value back to 1500 on the router fixed everything for me.

You should check to make sure that your personal router also has an MTU of 1500 so that they match.

I am having the same issue. Since the latest update wife has mentioned that a lot of her websites she visits do not work.

What I’ve noticed when I factory reset the ASK box and go to www.speedguide.net/analyzer.php it shows the MTU of 1428 and MSS of 1388. In the settings of the ASK box the MTU is set to Automatic 1500. All websites work while being double-NATted (at least I think, the ones I frequent.)

When I place the box in IP Passthrough the same website shows MTU at 1500 and MSS of 1460. Websites stop working and I cannot even get into the My Verizon app. I receive an error message at the beginning.

If I use a VPN (PIA) I can access websites again and the My Verizon app. Visiting speed guide while on VPN shows the MTU at 1400 and MSS 1360 via OpenVPN protocol and MTU 1420 and MSS 1380 via WireGuard protocol.

I have a Unifi Dream Machine SE and after some searching all I was able to find is MSS clamping but after setting it to 1388, it seemed to cause additional problems with more websites struggling to load.

I have to give it some thought to figure out how to set the MTU so it cannot exceed 1400. If anyone has any idea, please post it. I have a feeling this seems to be a modem router handshake problem where its advertising wrong MTU capacity to the router. Extremely frustrating considering there is no option to force a downgrade on the modem.

Okay so fun fact I called in after 2 weeks of not hearing back on my ticket. My personal router is not compatible with changing MTR data. They told me that this is now a known issue for ask routers and we started a warranty replacement. They’re now exchanging my device with the same phone number for a CR1000A.

*voice to text.

Similar problem here - a few months ago my wife was complaining of issues accessing the Internet and having to use her phone data plan instead. I could never reproduce probably because I was on my work laptop with VPN on. But last week she was looking at a jobs website and it just would not load. I eventually realized that turning off my work VPN caused the same problem for me on my laptop and phone using WiFi.

Then today I did some more experiments with DNS settings and wot-not and decided to contact their support only to find www.verizon.com didn’t work for me. I contacted them using my phone’s data and a hotspot (should have used a VPN I guess) and they said “No known problems on file” and after having me reset/restart the gateway created a ticket. Not a peep about passthrough mode or using a different gateway.

After the call I found this thread - THANK YOU - now at least I know I’m not the only one. I’ve been using passthrough for a while, it was originally a solution a year ago to get my old work VPN working over Verizon which had issues with MTU settings. It never really worked well - would be fine for a bit then crawl to an unbearably low speed < 1Mbps. Anyway work changed to Perimeter51 which seems to have no issues at all with MTU probably because it does good auto-discovery.

Come to think of it this is probably why some of my IoT devices were complaining about slow internet even though every speed test was okay.

I have an Eero mesh router which does not allow changing the MTU setting so for me the only solution is turning off passthrough. I believe this is fine, I don’t think double-NAT will mess up anything although I didn’t test yet.

I have found that setting the MTU to 1436 on my Macbook WiFi settings lets me connect to verizon.com and other sites. But obviously most homes will have many devices where this is not possible.

ASK cube here with the most recent firmware update. After working flawlessly for almost a year via IP- Passthrough mode, I, too, now have the Verizon, ASUS.com, etc. pages not loading, slow loading, and missing graphics. I noticed this about three weeks ago and only thought a little of it, but once I had some time off from work to troubleshoot, it led me here. I have an ASUS AX92U mesh home system, which you cannot change the MTU settings on, so I am stuck in this mess that Verizon caused.

I came to Verizon from Metronet to save money, but reliability trumps cost savings. I am calling Metronet to switch back this weekend as it appears that Verizon isn’t interested in fixing this, according to OP.

I am also having this issue with the ASK-NCQ1338FA and UDM in passthrough. I previously “solved” any of my download issues (e.g., Microsoft Auto Updates failing, Adobe Updates failing) by changing the GRO setting. to off. However, I recently started experiencing the issues described in this chain, where certain websites will not load, certain pages will not render property, some sites fail to load certain content (e.g., images in LinkedIn).

So far, changing the MSS Clamping has not fixed the issue.

This chain has me thinking I need a new Verizon gateway; what’s the best and easist way to accomplish that?

Or I just go back to my cable provider since it’s getting old having to troubleshoot things every couple of months.

Finally! Changing my home routers MTU Size fixed this issue, its only been a couple shitty months of internet. nice to have it fixed

Thank you, thank you, thank you! I had been working on this for weeks, opening tickets with those jacka$$es at Verizon and getting no responses. I bought a 5G Verizon for my office on our business account and another on a personal account for my home. The business model would work fine until I put it in DMZ or IP passthrough mode. After changing it to either of those modes, speeds would drop to 1Mbps\1Mbps. The home router would also malfunction in either DMZ or IP passthrough mode but in a different way. Speeds would remain good, but NAT policies or port forwards would fail or not function properly. Changing the MTU on my firewall to 1428 fixed both routers! I wasted hours on the phone with Verizon until I found your post - you rock!

I noticed my router losing the assigned wan ip from my att router even though it was in passthrough mode. My solution was to configure a static IP in my router AND put the att router in passthrough mode. When my router was set to dynamic it would lose the wan ip every time my router rebooted.

Since changing my arc router to ip pass through I haven’t been able to connect to my 3d printer through the servers. Thanks to this thread I changed my mtu on my tplink router to 1428 and it works now. I have been dealing with this for a while now. Thank you