VMG1312-B10A: AAISP Configuration: Difference between revisions
mNo edit summary |
(clean up) |
||
(58 intermediate revisions by 2 users not shown) | |||
Line 3: | Line 3: | ||
Customers are free to alter the configuration as supplied, sending a configuration from the Control Pages will overwrite any settings changed though. |
Customers are free to alter the configuration as supplied, sending a configuration from the Control Pages will overwrite any settings changed though. |
||
Here is an overview of the settings that are modified from the default |
Here is an overview of the settings that are modified from the default, you can sort the table by the date added column to see any new changes. |
||
{| class="wikitable sortable" |
|||
*Configure WAN interface (Further Settings on Control Pages: ADSL/FTTC, Bridge or WAN on port 4 (FTTP)) |
|||
|- |
|||
*Configure PPP settings as per the service |
|||
!Area !!Setting !!Note !!Date added |
|||
*Configure DHCP (Further Settings on Control Pages, Default=All IPs using AAISP DNS servers) |
|||
|- |
|||
*Configure LAN subnet if line has a block of public IPs. (else default is 192.168.1.1) |
|||
| Broadband || Configure WAN interface || Further Settings on Control Pages: ADSL/FTTC, Bridge or WAN on port 4 (FTTP) || 2015-02-01 |
|||
|- |
|||
*Configure WiFi for 20Mhz instead of the 40Mhz default |
|||
| Broadband || Configure WAN VLAN 802.1q=101 || Only for the VDSL WAN interface. || 2015-02-01 |
|||
*Configure Firewall on/off (Settings on Control Pages, Default=Enabled) |
|||
|- |
|||
*Configure TR-069 |
|||
| Broadband || Configure PPP || Settings as per the service || 2015-02-01 |
|||
*Disable NAT, if customer has a public IP block |
|||
|- |
|||
*Disable SNMP |
|||
| Home Network || Configure DHCP || Further Settings on Control Pages, Default=All IPs using AAISP DNS servers or as set on Control Pages || 2015-02-01 |
|||
*Disable 3G backup |
|||
|- |
|||
*Change NTP servers to be time.aa.net.uk and 0.uk.pool.ntp.org |
|||
| Home Network || Configure LAN subnet || If line has a block of public IPs use them, else default is 192.168.1.1 || 2015-02-01 |
|||
*Change 'supervisor' password (Setting on Control Pages) |
|||
|- |
|||
*Change 'admin' password (Setting on Control Pages) |
|||
| Home Network || Configure LAN subnet || If router set for bridge mode, leave IP as 192.168.1.1 || 2015-06-19 |
|||
*Change Remote Management Options (Further Settings on Control Pages) |
|||
|- |
|||
*Change QoS to give upstream priority based on 'Packet Length' |
|||
| Wireless || Configure WiFi || Further Settings on Control Pages: SSID, Password or disable WiFi || 2015-02-01 |
|||
*Change 'Deny Ping Response' to Disable, to allow the router to reply to ping. |
|||
|- |
|||
*Disable the default QoS Classes |
|||
| Wireless || Configure WiFi for 20 MHz || Instead of 40 MHz see [[VMG1312: WiFi Tips]] || 2015-02-01 |
|||
*Remove the default read-only zyuser user |
|||
|- |
|||
| Wireless || Configure WiFi for AES only|| This disables legacy/insecure TKIP see [[VMG1312: WiFi Tips]] || 2015-06-16 |
|||
|- |
|||
| Firewall || Configure Firewall on/off || Settings on Control Pages, Default=Enabled || 2015-02-01 |
|||
|- |
|||
| TR-069 || Configure TR-069 || Allows the router to be managed by AAISP, we give customer the same controls as staff get || 2015-02-01 |
|||
|- |
|||
| Log || Configure Local logging || Logs: System, PPPoE, XDSL, Internet, Attack, Account. || 2015-05-29 |
|||
|- |
|||
| Firewall || Rule to allow ICMPv6 to LAN || Helps make IPv6 work! ||2015-06-16 |
|||
|- |
|||
| Home Network || Disable NAT || If customer has a public IP block || 2015-02-01 |
|||
|- |
|||
| Maintenance || Disable SNMP || SNMP has a habit of having vulnerabilities, we are not aware of any for the VMG1312 though || 2015-02-01 |
|||
|- |
|||
| Maintenance || Disable 3G backup || Not usually required || 2015-02-01 |
|||
|- |
|||
| Firewall || Disable 'DoS Protection Blocking' || It does odd things, like blocking WebUI over WiFi! || 2015-06-16 |
|||
|- |
|||
| Maintenance || Change NTP servers || time.aa.net.uk and 0.uk.pool.ntp.org || 2015-02-01 |
|||
|- |
|||
| Maintenance || Change 'supervisor' password || Setting on Control Pages (same as admin) || 2015-02-01 |
|||
|- |
|||
| Maintenance || Change 'admin' password || Setting on Control Pages || 2015-02-01 |
|||
|- |
|||
| Firewall || Change Remote Management Options || Further Settings on Control Pages. Default is to only allow the LAN and the AAISP offices access. || 2015-02-01 |
|||
|- |
|||
| QoS || Change QoS || Set to give upstream priority based on 'Packet Length' See: [[VMG1312: QoS]] || 2015-02-01 |
|||
|- |
|||
| Firewall || Change 'Deny Ping Response' to Disable, || Allows the router to reply to pings || 2015-02-01 |
|||
|- |
|||
| QoS || Disable the default QoS Classes || See: [[VMG1312: QoS]] || 2015-02-01 |
|||
|- |
|||
| Maintenance || Remove zyuser user || It is a default read-only user, there is no need for it || 2015-02-01 |
|||
|} |
|||
*[[VMG1312: Static Routes|Static routes]] are currently not configured. (Only applicable if you have multiple public IP blocks and need them routed to a secondary router. These can be configured manually though. |
|||
*Static routes are currently not configured. (Only applicable if you have multiple public IP blocks and need them routed to a secondary router. These can be configured manually though. |
|||
This list may not be exhaustive, and may change over time. |
This list may not be exhaustive, and may change over time. |
||
==Notes== |
|||
DOS protection is left enabled - this may give some unexpected results, eg the router will only reply to 20 pings before it stops replying. |
|||
[[File:Vmg1312-DOS.png|none|frame|DOS protection settings as described in the user manual]] |
|||
==WAN Configuration== |
|||
As mentioned above, the WAN side of the router is configured depending on the Service provided and the settings on the Control Pages. |
|||
{| class="wikitable" |
|||
!Service |
|||
!Bridge |
|||
!WAN port |
|||
!Note: WAN |
|||
!Note: LAN |
|||
!Note: WiFi |
|||
!Other notes |
|||
|---- |
|||
!colspan="7"|Routing Configurations - Connecting to phone line |
|||
|---- |
|||
!ADSL |
|||
|No |
|||
|DSL |
|||
|Plugs in to phone line |
|||
|Customer LAN |
|||
|Customer LAN |
|||
|MTU 1492 |
|||
|---- |
|||
!FTTC wires only |
|||
|No |
|||
|DSL |
|||
|Plugs in to phone line |
|||
|Customer LAN |
|||
|Customer LAN |
|||
|MTU 1492, WAN VLAN 802.1q=101 |
|||
|---- |
|||
!colspan="7"|Routing Configurations - Connecting to another modem |
|||
|---- |
|||
!FTTC engineer install (not available for new installations) |
|||
|No |
|||
|Port 4 |
|||
|plugs in to Openreach modem (no longer supplied) |
|||
|Customer LAN |
|||
|Customer LAN |
|||
|1492 MTU, WAN VLAN 802.1q=101. QoS will not know the uplink speed automatically, The rate can be set under Network Setting - Broadband - #3 edit |
|||
|---- |
|||
!FTTP |
|||
|No |
|||
|Port 4 |
|||
|plugs in to Openreach modem |
|||
|Customer LAN |
|||
|Customer LAN |
|||
|1492 MTU. QoS will not know the uplink speed automatically, The rate can be set under Network Setting - Broadband - #3 edit |
|||
|---- |
|||
!colspan="7"|Bridge Configurations |
|||
|---- |
|||
!FTTC wires only with Customer own PPPoE router |
|||
|Yes |
|||
|DSL |
|||
|Plugs in to phone line |
|||
|Customer PPPoE router |
|||
|Usually Disabled |
|||
|ZyXEL becomes a bridging modem. MTU 1492. WAN VLAN 802.1q=101 |
|||
|---- |
|||
!ADSL with Customer own PPPoE router |
|||
|Yes |
|||
|DSL |
|||
|Plugs in to phone line |
|||
|Customer PPPoE router |
|||
|Usually Disabled |
|||
|ZyXEL becomes a bridging modem. MTU 1492 |
|||
|---- |
|||
|} |
|||
=Making Changes= |
|||
If you make changes to your configuration then you may want to back it up. See: [[VMG1312: Backup Configuration]] |
|||
[[Category: |
[[Category:ZyXEL VMG1312-B10A|AAISP Configuration]] |
Latest revision as of 00:22, 18 August 2018
AAISP configure routers via TR-069 protocol. We generate a config file and this is sent to the router. Firmware updates are also able to be sent to the router.
Customers are free to alter the configuration as supplied, sending a configuration from the Control Pages will overwrite any settings changed though.
Here is an overview of the settings that are modified from the default, you can sort the table by the date added column to see any new changes.
Area | Setting | Note | Date added |
---|---|---|---|
Broadband | Configure WAN interface | Further Settings on Control Pages: ADSL/FTTC, Bridge or WAN on port 4 (FTTP) | 2015-02-01 |
Broadband | Configure WAN VLAN 802.1q=101 | Only for the VDSL WAN interface. | 2015-02-01 |
Broadband | Configure PPP | Settings as per the service | 2015-02-01 |
Home Network | Configure DHCP | Further Settings on Control Pages, Default=All IPs using AAISP DNS servers or as set on Control Pages | 2015-02-01 |
Home Network | Configure LAN subnet | If line has a block of public IPs use them, else default is 192.168.1.1 | 2015-02-01 |
Home Network | Configure LAN subnet | If router set for bridge mode, leave IP as 192.168.1.1 | 2015-06-19 |
Wireless | Configure WiFi | Further Settings on Control Pages: SSID, Password or disable WiFi | 2015-02-01 |
Wireless | Configure WiFi for 20 MHz | Instead of 40 MHz see VMG1312: WiFi Tips | 2015-02-01 |
Wireless | Configure WiFi for AES only | This disables legacy/insecure TKIP see VMG1312: WiFi Tips | 2015-06-16 |
Firewall | Configure Firewall on/off | Settings on Control Pages, Default=Enabled | 2015-02-01 |
TR-069 | Configure TR-069 | Allows the router to be managed by AAISP, we give customer the same controls as staff get | 2015-02-01 |
Log | Configure Local logging | Logs: System, PPPoE, XDSL, Internet, Attack, Account. | 2015-05-29 |
Firewall | Rule to allow ICMPv6 to LAN | Helps make IPv6 work! | 2015-06-16 |
Home Network | Disable NAT | If customer has a public IP block | 2015-02-01 |
Maintenance | Disable SNMP | SNMP has a habit of having vulnerabilities, we are not aware of any for the VMG1312 though | 2015-02-01 |
Maintenance | Disable 3G backup | Not usually required | 2015-02-01 |
Firewall | Disable 'DoS Protection Blocking' | It does odd things, like blocking WebUI over WiFi! | 2015-06-16 |
Maintenance | Change NTP servers | time.aa.net.uk and 0.uk.pool.ntp.org | 2015-02-01 |
Maintenance | Change 'supervisor' password | Setting on Control Pages (same as admin) | 2015-02-01 |
Maintenance | Change 'admin' password | Setting on Control Pages | 2015-02-01 |
Firewall | Change Remote Management Options | Further Settings on Control Pages. Default is to only allow the LAN and the AAISP offices access. | 2015-02-01 |
QoS | Change QoS | Set to give upstream priority based on 'Packet Length' See: VMG1312: QoS | 2015-02-01 |
Firewall | Change 'Deny Ping Response' to Disable, | Allows the router to reply to pings | 2015-02-01 |
QoS | Disable the default QoS Classes | See: VMG1312: QoS | 2015-02-01 |
Maintenance | Remove zyuser user | It is a default read-only user, there is no need for it | 2015-02-01 |
- Static routes are currently not configured. (Only applicable if you have multiple public IP blocks and need them routed to a secondary router. These can be configured manually though.
This list may not be exhaustive, and may change over time.
WAN Configuration
As mentioned above, the WAN side of the router is configured depending on the Service provided and the settings on the Control Pages.
Service | Bridge | WAN port | Note: WAN | Note: LAN | Note: WiFi | Other notes |
---|---|---|---|---|---|---|
Routing Configurations - Connecting to phone line | ||||||
ADSL | No | DSL | Plugs in to phone line | Customer LAN | Customer LAN | MTU 1492 |
FTTC wires only | No | DSL | Plugs in to phone line | Customer LAN | Customer LAN | MTU 1492, WAN VLAN 802.1q=101 |
Routing Configurations - Connecting to another modem | ||||||
FTTC engineer install (not available for new installations) | No | Port 4 | plugs in to Openreach modem (no longer supplied) | Customer LAN | Customer LAN | 1492 MTU, WAN VLAN 802.1q=101. QoS will not know the uplink speed automatically, The rate can be set under Network Setting - Broadband - #3 edit |
FTTP | No | Port 4 | plugs in to Openreach modem | Customer LAN | Customer LAN | 1492 MTU. QoS will not know the uplink speed automatically, The rate can be set under Network Setting - Broadband - #3 edit |
Bridge Configurations | ||||||
FTTC wires only with Customer own PPPoE router | Yes | DSL | Plugs in to phone line | Customer PPPoE router | Usually Disabled | ZyXEL becomes a bridging modem. MTU 1492. WAN VLAN 802.1q=101 |
ADSL with Customer own PPPoE router | Yes | DSL | Plugs in to phone line | Customer PPPoE router | Usually Disabled | ZyXEL becomes a bridging modem. MTU 1492 |
Making Changes
If you make changes to your configuration then you may want to back it up. See: VMG1312: Backup Configuration