I’m a Verizon FiOS customer and was migrated to AOL back in 2017. Within the past 30 days I’ve heard and seen a number of issues with people connecting to their AOL inbox from traditional email clients such as Microsoft Outlook, Thunderbird or even the native email clients on iPhone and Android.

The loving wife had this same issue and I wrongly assumed end user error. You would think I’ve learned by now to not jump to conclusions. It seems she’s not the only person with issues as there are numerous posts on numerous message boards all within the past 30 days with dozens if not hundreds of people reporting the same issue.

• https://forums.verizon.com/t5/Verizon-net-Email/not-receiving-email/td-p/915080
• https://answers.microsoft.com/en-us/outlook_com/forum/all/outlookverizonnet-not-syncing/baa849d4-5312-47fb-ba11-6f13812eab40
• https://discussions.apple.com/thread/252465879

The general consensus is that:

Verizon/AOL accounts require an AOL “App Password” to be used as the password for the account configured in Outlook or in any email client (iPhone, Android, Thunderbird, Outlook, etc)

What’s more interesting is that AOL apparently is not blasting out this new feature to all users at the same time because my Microsoft Outlook 365 client continues to work fine while my wife and many others are having to generate an “app password” to get their email flowing again. Some of the posts suggest that if you’ve activated “2-step verification” on your AOL account that you’ll need to generate and use an “app password” to access your email from a legacy email client.

I did find the following article from AOL:
https://help.aol.com/articles/allow-apps-that-use-less-secure-sign-in

The article linked above suggests that AOL is actively blocking clients that it believes are less than secure. Is that because the client is passing the username/password in the clear (unencrypted) in a legacy POP3 connection and not using IMAPS or POP3S?

If your traditional email client stops working it might be more than just a password issue. You might want to try either upgrading your email client or setting up an AOL app password and see if that resolves your issue.

1. Sign in and go to the AOL Account security page. You can do this by signing on to AOL from a computer.
2. Click Generate app password or Manage app passwords.
3. Select your app from the drop down menu and click Generate.
4. Follow the instructions below the password.Be sure to enter the password into your app without any spaces.Click Done.
5. Use this app password and your email address to sign in to your email app.

Cheers!

This is one of those stories… where you expect something to take a few minutes and it turns into an all out search for truth and understanding spanning multiple hours and even days. I must admit to having forgone the change control process on my home network which my daughters were not very happy about. I do apologize to my girls for interrupting the binge streaming of Brooklyn Nine-Nine.

Challenge

A few months back I was evaluating the VMware VeloCloud SD-WAN solution when I happened upon an odd issue. Whenever I connected the VeloCloud Edge 540 appliance to my local home network, all the wired and wireless clients connected to my home network would loose Internet connectivity and I would start getting heckled from my daughters with “Dad!!! The Internet is down!!!“. At the time I didn’t know much about the VeloCloud SD-WAN solution and had previously configured the device in my office with the VeloCloud sales engineer. However, I was able to easily duplicate the problem by repeating the test several times and getting the same result – so there was something amiss.

Troubleshooting

Some quick troubleshooting determined that none of the devices on my network could reach the local gateway of 192.168.1.1 (default for a Verizon FiOS Actiontec router) when the VeloCloud device was connected to my home network. I fired up a copy of WireShark and quickly found that the VeloCloud device responding to ARPs for 192.168.1.1 with it’s MAC address, and that’s why my clients were unable to reach the Actionrec router or the Internet for that matter. The clients were using the MAC address of the VeloCloud Edge instead of the Actiontec router to reach the default gateway of 192.168.0.1.

Solution

After some consultation with our VeloCloud sales engineer we discovered that the VeloCloud Edge has a default “Management IP” address of 192.168.1.1. When I changed that IP address in the VeloCloud Orchestrator Console the problem disappeared, and I was able to connect the VeloCloud Edge 540 to my home network without any Internet interruption.

Cheers!

It’s rather refreshing in Information Technology when something just works as advertised. And that’s how it went using the Cradlepoint 850 to provide remote 4G LTE connectivity to a water meter that was in a location that made general wired Internet connectivity extremely expensive. It took all of 5 minutes to install the Cradlepoint and be able to access the water meter remotely through a Verizon 4G SIM with a public IPv4 address.

LAN2 on the Cradlepoint 850 is automatically setup for IP Passthrough, so any connection to the public IPv4 address of the Cradlepoint will be NAT’d through to the device connected to LAN2.

Later I went back and setup DyDNS to account for the occasional DHCP address change on the Verizon 4G LTE. This way I only needed to provide a single URL to the customer.

Why can’t everything in IT be this simple?

A client had two physical sites about 1 mile apart which were connected to the Internet by separate Verizon FiOS broadband connections and which were assigned the following static IP addresses;

Site A:

IP Network: 198.51.100.226/28
Subnet Mask: 255.255.255.0
Default Gateway: 198.51.100.1
Usable IP Addresses: 198.51.100.226 – 198.254.100.238

Site B:

IP Network: 198.51.100.50/28
Subnet Mask: 255.255.255.0
Default Gateway: 198.51.100.1
Usable IP Addresses: 198.51.100.50 – 198.51.100.63

Let me be the first to admit that the information above isn’t quite right… there is no IP address block 198.51.100.226/28, it should be 198.51.100.224/28. I believe that’s Verizon trying to avoid having customers accidentally use the network address or the first address in the IP address block which is likely reserved for the actual Verizon Actiontec router.

The client was trying to establish a VPN tunnel between the two sites and was running into difficulties. The issue was with the IP addressing provided by Verizon and it’s likely implementation of private VLANs on the Juniper hardware. I’m assuming that Verizon is likely using PVLANs to isolate traffic between individual customers to minimize the number of IP subnets they need to create. Instead of creating 16 /28 IP networks they are using a single /24 network and then isolating the traffic between customers using PVLANs. The issue in the example above is pretty obvious – the individual client devices are attempting to communicate with each other on the local subnet. Believing that there’s no need to signal the upstream router because the netmask indicates that the remote site should be in the same IP network. While the remote site is actually in the same IP network, the implementation of PVLANs is blocking communication between the client devices.

Anyone have any experience with Verizon FiOS using PVLANs?

I believe I heard years ago that Verizon chose Juniper for their FiOS implementation.

Cheers!

Reference: Juniper – Understanding Private VLANs on EX Series Switches

1. I’m essentially paying the same monthly fee I was paying for two smartphones on Verizon with five smartphones on T-Mobile [Note: I purchased all the smartphones up front],
2. I don’t have to worry about the girls going over data or text messaging limits and ending up with some crazy overage billing.

Interestingly a lot has changed in the past year – Verizon and AT&T have gotten much more competitive with their plans and fees, not so much that I would entertain switching back… but if you really like Verizon or AT&T you can likely make the numbers work much easier than you could have a year ago.

I also recently returned my Samsung Galaxy Note 4 to Samsung for repair under the manufacturer’s warranty and was really pleased with the whole process. Samsung repaired the phone and returned it to me within 6 calendar days. That was an awesome customer experience!

If you’re looking to shave a few $$$ off your monthly mobile bill then you might want to give T-Mobile a call.

Now what to-do with my exploding cable bill? Is it time to cut the cord? That’s my next hurdle with Verizon FiOS and Comcast.

Cheers!

 host relay.verizon.net[206.46.232.11] refused
    to talk to me: 571 Email from 162.243.40.10 is currently blocked by Verizon
    Online's anti-spam system. The email sender or Email Service Provider may
    visit http://www.verizon.net/whitelist and request removal of the block.
    151214

Ok, it’s quite possible that someone on the discussion forums has been a misbehaving so I need to make sure there’s no legitimacy to this report. I need to scour the log files and make sure that there’s nothing going on. I keep the log files on my server for 30 days, let’s do some quick crude command line fu;

[root@moon ~]# grep -h @verizon /var/log/maillog* | awk '{ print $7 }' | sort | uniq -c
    427 to=nobody@verizon.net,

Note: I’ve obfuscated the email above so I don’t end up getting any more spam than I already receive daily.

Now that’s very interesting, I’m the only person that the server has been trying to mail which is getting denied by Verizon. Ok, so this problem is only impacting me, I guess that’s good.

So if it’s been going on for 30 days then I need to make sure the server is not listed on some RBL (real-time black list) somewhere. I’ll check http://www.blacklistalert.org/;

Alright so I wasn’t listed on any of the RBL, I looked through the logs for any other anomalies and found none, focusing again on mail for Verizon customers (verizon.net/verizon.com) and found nothing, I searched the discussion forums user database and blog comment subscriptions and found nothing. It must be a false positive on Verizon’s side, I’ll submit a request to Verizon following their instructions. I went to http://www.verizon.net/whitelist and I tried submitting a request as a Verizon customer and the form submission crashed with the following;

Ok, so I went back and submitted a request as an ISP (although I’m not an ISP but I’m starting to feel like one). That form was successfully submitted and I quickly received a reply via email.

That’s a boiler plate reply if I’ve ever seen one. Ok, so this doesn’t look like it’s going to be easy… I’ll need to chase the folks at abuse@verizon.net and probably in Twitter as well.

Cheers!

After running all the numbers time and time again I landed on T-Mobile.

I purchased a pair of Samsung Galaxy Note 4s for myself and my wife and then I ordered a pair of Motorola Moto Es for my twin girls. My oldest daughter has been using a Motorola Moto G for the past two years and had been asking for an Apple iPhone, not wanting to be the tech father that pushed his kids to non-Apple solutions I ordered an Apple iPhone 6 for her from T-Mobile. I had looked around at various refurbs/second-hand from sites like Amazon and Gazelle but choose to purchase new seeing how she’s taken pretty good care of her Motorola Moto G.

My experience with T-Mobile has been fairly good to date. I will call out David the sales order representative that I spoke to while placing the order with T-Mobile. David initially tried to tell me that the 2GB plan was for “flip phones”. I politely told David that I wasn’t in need of an upsell and my daughters would be fine with 2GB data plan. After that point David was very helpful and successfully placed the order.

With Verizon I was paying ~ $130/monthly for 2 lines with 2GB of data each, 500 SMS text messages and 700 minutes shared between the phones in the plan. That equates to about $3,120 over the course of the two year contract plus the $299 I paid for the Motorola Moto X when I first purchased it (buy one get one free). So all total I paid Verizon just over $3,400 for 2 lines. With T-Mobile I’ll be paying ~ $110/monthly for 5 lines with 2GB of data each, unlimited SMS text messaging and unlimited minutes. That will equate to about $2,880 over the course of two years plus the ~ $2,100 I paid for all 5 phones (2 Samsung Galaxy Note 4s, the Apple iPhone 6 and the 2 Motorola Moto Es). The benefit here is that I have my entire family on a single plan (no more pre-paid phones) and I’m free to jump ship (to any GSM capable provider) since I purchased the phones outright.

Update: I just received my first bill.. $144/monthly with all the taxes included… that’s $34/monthly in taxes and fees, 23% of the bill.

Cheers!

It’s my current understanding that if you have a QIP-6200 or QIP-6416 STB that you’ll need a replacement assuming you have a package that allows access to any of the channels mentioned below.

You can check whether or not you need to order a replacement by going through the STB menus, Menu -> Customer Support -> Set Top Box Exchange.

Cheers!

I received the following notification this week that informs Verizon customers that Verizon’s Email servers are now supporting SSL when utilizing POP3 and SMTP to send and receive email from a traditional email client such as Mozilla’s Thunderbird,  Microsoft’s Outlook or your Android or Apple Smartphone.

This is very exciting news because you hopefully already know that your username and password are sent in the clear when utilizing POP3 and SMTP (with authentication) when not utilizing SSL. So the answer to the ages old question of does Verizon support SSL encryption has changed? They now support SSL encryption on both the POP3 (receiving) and SMTP (sending) for traditional email clients.

I made the changed to my Microsoft Outlook client and it works perfectly.

You’ll need to dig deep into the settings to modify the port numbers that are utilized for both POP3 and SMTP, they can be found under “More Settings…”

You can find additional configuration information on Verizon’s website at this link.

I also recently noticed that Verizon now redirects any attempts to connect to http://webmail.verizon.net to the SSL secured site at https://webmail.verizon.net which again is very exciting from a security perspective.

Now you can safely utilize that public hotspot or guest network without worrying if someone is going to steal your username and password when you try and check your inbox. This change is long overdue and very welcome in my opinion.

Cheers!

Update: March 20, 2013

I just noticed that Verizon is only encrypting the actual login (passing the user credentials). They are not encrypting the entire session which includes the actual contents of the message or any attachments. This approach was helpful 5 years ago but not today, I’m not sure if Verizon is using secure COOKIES or not but this approach is usually susceptible to session hijacking.

Last week I finally made the time to renew my contract with Verizon for their FiOS TV Extreme HD and FiOS Internet 25/25. I also added Verizon’s Home Media (Multi-Room) DVR replacing the older QIP 6416 DVR with a new QIP 7416 HD DVR STB. I’ve been very happy with the service Verizon has provided over the past 30 months. Over that period I’ve only experienced two service outages, I can’t say the same of my previous experiences with Comcast. As you can expect I’m a very serious power user and I do a LOT of work from home over SSL/VPN/SSH. So I’m very aware of my Internet performance and I’m very excited to tell you that when you purchase Verizon’s FiOS Internet 25/25 (25Mbps up/25Mbps down) you can actually expect to get 25/25. There’s something to be said about an Internet connection when you can download Call of Duty: Black Ops which weighs in at just over 8GB at a blazing 3.1MB/s in under 40 minutes.

Verizon also just announced Verizon Flex View which allows Verizon FiOS subscribers to access On demand content via your desktop, laptop or mobile device. I’m curious though if Verizon’s Flex View is just centered around paid content or if they allow access to their entire On demand library. And let’s not forget about Verizon’s Media Manager which is a great little application for sharing your computer based content with your Verizon FiOS set top boxes and ultimately your TVs. I’ll be honest and say that I haven’t tried either Verizon’s Flex View or Media Manager just yet (no time) but Call of Duty: Black Ops just finished downloading so it’s time to go kick the tires on that game. :)

Cheers!

I believe Verizon announced this new portal back in April 2010, but only just recently started rolling it out to customers, or at least customers in the Philadelphia, PA area.

The first big thing I noticed (besides the redesigned site) is that Verizon is now encrypting the user credentials with an HTTPS/SSL connection. Let me just say the following, “its about time!”. Up until now you couldn’t login to webmail.verizon.net over a non-encrypted public hotspot for fear of someone potentially stealing your user credentials. So for me that single change is really exciting. Just a quick warning for those non-technical folks out there. While your user credentials are secured the actual contents of your email messages are still transmitted in the clear.

I’m curious what anyone else thinks of the new MyVerizon portal?

Cheers!