A Broadband and ADSL forum. BroadbanterBanter

Welcome to BroadbanterBanter.

You are currently viewing as a guest which gives you limited access to view most discussions and other FREE features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload your own photos and access many other special features. Registration is fast, simple and absolutely free so please, join our community today.

Go Back   Home » BroadbanterBanter forum » Newsgroup Discussions » uk.telecom.broadband (UK broadband)
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

uk.telecom.broadband (UK broadband) (uk.telecom.broadband) Discussion of broadband services, technology and equipment as provided in the UK. Discussions of specific services based on ADSL, cable modems or other broadband technology are also on-topic. Advertising is not allowed.

ADSL/VDSL routers - are they all total rubbish?



 
 
Thread Tools Display Modes
  #1  
Old June 18th 17, 09:19 PM posted to uk.telecom.broadband
Chris Green
external usenet poster
 
Posts: 96
Default ADSL/VDSL routers - are they all total rubbish?

I have recently moved from an ADSL connection to VDSL/FTTC, on the
ADSL connection I used a Draytek Vigor 2820n router. I run a couple
of services on my home LAN, specifically ssh (so I can connect from
the outside world) and SMTP (for mail delivery).

Thus I need a router that does port forwarding and has a configurable
firewall, I want/need to limit the ssh and SMTP access to a few
specific IP addresses 'out there' to minimise the risks.

The PlusNet supplied Home Hub One simply doesn't have a configurable
firewall so, while it's OK at what it does, it doesn't provide what I
need.

So my first try was a TP-Link TD-W9980, it's "end of life" but none of
the more modern TP-Link routers has a firewall. The TP-Link's
firewall is just about up to what I need but it has amuch more
fundamental flaw. When you enable the firewall WiFi users can't
connect to the LAN! Rather a fundamantal bug.

Second try was a Zyxel VMG-3925-B10B, it looks as if it will be
perfect but again the firewall is totally broken. If you set up port
forwarding it bypasses the firewall completely! I.e. I have port 22
forward to a system on my LAN, whatever rules I set up in the firewall
doesn't affect port 22. I can 'block' connections on port 22 and
incoming connections still work!

Are they all this bad? Or is there a router out there with a fairly
basic firewall that actually works?

Can anyone recommend a VDSL2/FTTC router which has a firewall that
works and doesn't cost an arm and a leg?

--
Chris Green

  #2  
Old June 18th 17, 09:59 PM posted to uk.telecom.broadband
Andy Burns[_5_]
external usenet poster
 
Posts: 151
Default ADSL/VDSL routers - are they all total rubbish?

Chris Green wrote:

Can anyone recommend a VDSL2/FTTC router which has a firewall that
works and doesn't cost an arm and a leg?


Stick LEDE on the plusnet hub zero ...



  #3  
Old June 18th 17, 10:00 PM posted to uk.telecom.broadband
Graham J[_2_]
external usenet poster
 
Posts: 566
Default ADSL/VDSL routers - are they all total rubbish?

Chris Green wrote:
I have recently moved from an ADSL connection to VDSL/FTTC, on the
ADSL connection I used a Draytek Vigor 2820n router. I run a couple
of services on my home LAN, specifically ssh (so I can connect from
the outside world) and SMTP (for mail delivery).

Thus I need a router that does port forwarding and has a configurable
firewall, I want/need to limit the ssh and SMTP access to a few
specific IP addresses 'out there' to minimise the risks.

The PlusNet supplied Home Hub One simply doesn't have a configurable
firewall so, while it's OK at what it does, it doesn't provide what I
need.

So my first try was a TP-Link TD-W9980, it's "end of life" but none of
the more modern TP-Link routers has a firewall. The TP-Link's
firewall is just about up to what I need but it has a much more
fundamental flaw. When you enable the firewall WiFi users can't
connect to the LAN! Rather a fundamantal bug.

Second try was a Zyxel VMG-3925-B10B, it looks as if it will be
perfect but again the firewall is totally broken. If you set up port
forwarding it bypasses the firewall completely! I.e. I have port 22
forward to a system on my LAN, whatever rules I set up in the firewall
doesn't affect port 22. I can 'block' connections on port 22 and
incoming connections still work!

Are they all this bad? Or is there a router out there with a fairly
basic firewall that actually works?

Can anyone recommend a VDSL2/FTTC router which has a firewall that
works and doesn't cost an arm and a leg?



Retain your V2820n and configure the Plusnet device as a dumb VDSL
modem, connected to WAN2 on the Vigor. If the Plusnet device can't be
configured as a dumb modem, buy a Vigor 130 see:

http://www.draytek.co.uk/products/business/vigor-130

You might have to reconfigure some of your services to work via WAN2
rather than WAN1, but otherwise the configuration stays much the same.

Ideally you should get a V2860n because that will allow you to see the
sync speeds and SNR margins for the VDSL service. Beware that you have
to configure a VLAN setting that isn't widely documented.

--
Graham J

  #4  
Old June 18th 17, 10:15 PM posted to uk.telecom.broadband
Andy Burns[_5_]
external usenet poster
 
Posts: 151
Default ADSL/VDSL routers - are they all total rubbish?

Graham J wrote:

Ideally you should get a V2860n because that will allow you to see the
sync speeds and SNR margins for the VDSL service. Beware that you have
to configure a VLAN setting that isn't widely documented.


I don't think the plusnet hub one (not zero as I said earlier) can use
bridge/modem mode, but with LEDE you can see the router's VDSL line
stats, my HH5a (same difference) has been *absolutely* rock solid, not
one line drop in 40 days, speed hasn't wavered a jot from
78.84/19.99Mbps, has transferred over 320GB.
  #5  
Old June 19th 17, 12:07 AM posted to uk.telecom.broadband
Bob Eager[_3_]
external usenet poster
 
Posts: 90
Default ADSL/VDSL routers - are they all total rubbish?

On Sun, 18 Jun 2017 22:00:13 +0100, Graham J wrote:

Chris Green wrote:
I have recently moved from an ADSL connection to VDSL/FTTC, on the ADSL
connection I used a Draytek Vigor 2820n router. I run a couple of
services on my home LAN, specifically ssh (so I can connect from the
outside world) and SMTP (for mail delivery).

Thus I need a router that does port forwarding and has a configurable
firewall, I want/need to limit the ssh and SMTP access to a few
specific IP addresses 'out there' to minimise the risks.

The PlusNet supplied Home Hub One simply doesn't have a configurable
firewall so, while it's OK at what it does, it doesn't provide what I
need.

So my first try was a TP-Link TD-W9980, it's "end of life" but none of
the more modern TP-Link routers has a firewall. The TP-Link's firewall
is just about up to what I need but it has a much more fundamental
flaw. When you enable the firewall WiFi users can't connect to the
LAN! Rather a fundamantal bug.

Second try was a Zyxel VMG-3925-B10B, it looks as if it will be perfect
but again the firewall is totally broken. If you set up port
forwarding it bypasses the firewall completely! I.e. I have port 22
forward to a system on my LAN, whatever rules I set up in the firewall
doesn't affect port 22. I can 'block' connections on port 22 and
incoming connections still work!

Are they all this bad? Or is there a router out there with a fairly
basic firewall that actually works?

Can anyone recommend a VDSL2/FTTC router which has a firewall that
works and doesn't cost an arm and a leg?



Retain your V2820n and configure the Plusnet device as a dumb VDSL
modem, connected to WAN2 on the Vigor. If the Plusnet device can't be
configured as a dumb modem, buy a Vigor 130 see:

http://www.draytek.co.uk/products/business/vigor-130

You might have to reconfigure some of your services to work via WAN2
rather than WAN1, but otherwise the configuration stays much the same.

Ideally you should get a V2860n because that will allow you to see the
sync speeds and SNR margins for the VDSL service. Beware that you have
to configure a VLAN setting that isn't widely documented.


You might as well tell him.

VLAN tag = 101
  #6  
Old June 19th 17, 08:54 AM posted to uk.telecom.broadband
Chris Green
external usenet poster
 
Posts: 96
Default ADSL/VDSL routers - are they all total rubbish?

Chronos wrote:
On Sun, 18 Jun 2017 21:19:33 +0100
Chris Green wrote:

Can anyone recommend a VDSL2/FTTC router which has a firewall that
works and doesn't cost an arm and a leg?


Haven't we already been through this? Simple, cheap, secure. Pick two.


But why? Back in the early days of ADSL there were lots of reasonably
functional routers with firewalls that *didn't* cost too much. My
2820n was only a little over 100, the 2860n VDSL2 equivalent is twice
as much and I don't really want to spend that much.

--
Chris Green

  #7  
Old June 19th 17, 09:42 AM posted to uk.telecom.broadband
Chris Green
external usenet poster
 
Posts: 96
Default ADSL/VDSL routers - are they all total rubbish?

Andy Burns wrote:
Chris Green wrote:

Can anyone recommend a VDSL2/FTTC router which has a firewall that
works and doesn't cost an arm and a leg?


Stick LEDE on the plusnet hub zero ...

I've been down that route with another router, it's not a good
solution for a number of reasons:-

To put LEDE on the Hub One (I don't have a Hub Zero) you have to
do some quite low level hardware stuff and, while I can probably
manage it, I'm not too keen.

LEDE/OpenWrt doesn't seem to have any sort of regular update
system so once installed you're stuck at the same version for
ever.

Quite often LEDE/OpenWrt doesn't support the proprietary bits,
which are nearly always the bits you actually need, i.e. the ADSL
and VDSL2 latest formats.

--
Chris Green

  #8  
Old June 19th 17, 09:48 AM posted to uk.telecom.broadband
Chris Green
external usenet poster
 
Posts: 96
Default ADSL/VDSL routers - are they all total rubbish?

Graham J wrote:
Chris Green wrote:

Can anyone recommend a VDSL2/FTTC router which has a firewall that
works and doesn't cost an arm and a leg?



Retain your V2820n and configure the Plusnet device as a dumb VDSL
modem, connected to WAN2 on the Vigor. If the Plusnet device can't be
configured as a dumb modem, buy a Vigor 130 see:

http://www.draytek.co.uk/products/business/vigor-130

Well, sort of possible but I'm not too keen on this solution for a
couple of reasons:-

The 2820n has just one Gigabit port so connections 'across' it
will be only 100Mb/s. I realise this won't affect the FTTC speed
as that's less than 100Mb/s but it's a nuisance.

As a consequence of the above I'd want to have another switch
between the 2820n and most of my LAN devices, which then means I
have *three* boxes connecting me to the internet. It'll work but
it is messy and will cost more in electricity.


You might have to reconfigure some of your services to work via WAN2
rather than WAN1, but otherwise the configuration stays much the same.

Ideally you should get a V2860n because that will allow you to see the
sync speeds and SNR margins for the VDSL service. Beware that you have
to configure a VLAN setting that isn't widely documented.

I think I found that setting when setting up the Zyxel! :-)

I'd love a 2860n but I can't really justify 230 for it (or maybe a
bit less if I shop around).

--
Chris Green

  #9  
Old June 19th 17, 09:49 AM posted to uk.telecom.broadband
Chris Green
external usenet poster
 
Posts: 96
Default ADSL/VDSL routers - are they all total rubbish?

Andy Burns wrote:
Graham J wrote:

Ideally you should get a V2860n because that will allow you to see the
sync speeds and SNR margins for the VDSL service. Beware that you have
to configure a VLAN setting that isn't widely documented.


I don't think the plusnet hub one (not zero as I said earlier) can use
bridge/modem mode, but with LEDE you can see the router's VDSL line
stats, my HH5a (same difference) has been *absolutely* rock solid, not
one line drop in 40 days, speed hasn't wavered a jot from
78.84/19.99Mbps, has transferred over 320GB.


Is that as in Plusnet Hub One running LEDE? I'm getting more tempted
to try LEDE on mine.

--
Chris Green

  #10  
Old June 19th 17, 09:51 AM posted to uk.telecom.broadband
Chris Green
external usenet poster
 
Posts: 96
Default ADSL/VDSL routers - are they all total rubbish?

Bob Eager wrote:
On Sun, 18 Jun 2017 22:00:13 +0100, Graham J wrote:

Chris Green wrote:

Retain your V2820n and configure the Plusnet device as a dumb VDSL
modem, connected to WAN2 on the Vigor. If the Plusnet device can't be
configured as a dumb modem, buy a Vigor 130 see:

http://www.draytek.co.uk/products/business/vigor-130

You might have to reconfigure some of your services to work via WAN2
rather than WAN1, but otherwise the configuration stays much the same.

Ideally you should get a V2860n because that will allow you to see the
sync speeds and SNR margins for the VDSL service. Beware that you have
to configure a VLAN setting that isn't widely documented.


You might as well tell him.

VLAN tag = 101


Yes, that is the one I found I needed on the Zyxel VMG-3925.

I found it from the Pusnet 'configure your own router' details, I was
quite pleasantly surprised that they gave this information.

Strangely the TP-Link TD-W9980 didn't need to be told this.

--
Chris Green

 




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
What VDSL routers offer a proper, configurable, firewall? Chris Green uk.telecom.broadband (UK broadband) 12 May 10th 17 10:00 PM
VDSL Multicast on ADSL line Rodney Pont[_2_] uk.telecom.broadband (UK broadband) 79 January 26th 17 08:32 PM
Estimating ADSL & VDSL Speeds From Given Distances Java Jive uk.telecom.broadband (UK broadband) 15 November 18th 16 09:34 PM
Do slow VDSL lines use ADSL profiles ? Andrew Benham uk.telecom.broadband (UK broadband) 2 October 25th 16 12:53 AM
Ceasing VDSL and providing ADSL instead - what's involved by BT? NY uk.telecom.broadband (UK broadband) 35 July 7th 14 05:04 PM


All times are GMT +1. The time now is 03:04 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.Content Relevant URLs by vBSEO 2.4.0
Copyright 2004-2017 BroadbanterBanter.
The comments are property of their posters.