Jump to content

This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!

IPv6 Routers: Difference between revisions

From AAISP Support Site
Content deleted Content added
AA-Andrew (talk | contribs)
AA-Andrew (talk | contribs)
Line 3: Line 3:
==Documents==
==Documents==


These files are from December 2012.
These files are from December 2011.
*[[File:Technicolor_CPE_Firewall.pdf]] Firewall Config Application note - giving details on how the firewall can be configured via CLI
*[[File:Technicolor_CPE_Firewall.pdf]] Firewall Config Application note - giving details on how the firewall can be configured via CLI
*[[File:TG582n_CLI_Guide_v1.0_public.pdf]] for 8.4.4 firmware
*[[File:TG582n_CLI_Guide_v1.0_public.pdf]] for 8.4.4 firmware

Revision as of 15:06, 20 January 2012

Technicolor TG582N

Documents

These files are from December 2011.

Firmware Versions

Version 8.4.4.1 is the factory default (as of November 2011) Version 8.4.7.0 is IPv6 enabled, and is upgraded at AAISP when configured by AAISP.

Upgrading from 8.4.4.1 is arranged by AAISP via the TR-069 CPE WAN Management protocol. This involves installing the "isp.def" as needed to persuade the router to connect to AAISP's TR-069 servers and asking AAISP to request the upgrade.

Admin Settings

When configured by A&A, the default username from the LAN side is: Administrator and from the WAN: aaisp. The password will be printed on the card on the base of the router, and also seen on the control pages.

Setting up Routed Config

Use the configuration-wizard (Firefox seems to work best) and choose ADSL(Expert). TODO: Describe where to find this.

Adding Static-routes

 ip rtlist
 ip rtadd dst=network/mask gateway=gatewayip
 ip saveall

Really disabling the firewall

From a customer: While going mad with a tg582n tonight. I discovered they try to do stateful firewalling even when the firewall is disabled in the web interface. This breaks where you want to failover to 3G. I guess it would also break if you had 2 ADSL lines.

Completely disabling the firewall seems to be necessary to allow IPv6 connections from WAN side to network, as even when IPv4 firewall is 'off', the IPv6 still seems to be firewalled.

To fix, put in CLI:

firewall config state disabled 
firewall config icmpchecks disabled
firewall config udpchecks disabled 
firewall config tcpchecks none

Disabling the firewall also allows access to the routers' internal services from the WAN-side, although there seems to be some default logic disallowing these to function e.g. "User 'Administrator' is disallowed to login from wan to telnet" etc.

Problems connection to PPTP Servers

One customer has reported problems connecting to PPTP VPN servers in either direction through a tg582n with the 8.4.7.0 firmware.

Technicolor have stated that this may be due to the Application Layer Gateway system intercepting PPTP packets even when the firewall is disabled and is a deliberate feature, but that the feature can be disabled by entering the following commands in the CLI:

connection applist
connection unbind application PPTP port 1723
saveall

However the same customer has reported that this solution has not actually fixed the problem and that the PPTP entry is still visible when running the "connection applist" command even after the unbind command has been successfully run.

(At present it appears no other customer has reported the problem so it may be an issue specific to this one user)

Adding a static route via telnet cli

ip rtadd dst=IP/MASK gateway=GATEWAYIP



Other routers that we've used in the past:

Billion BiPAC 7800N

Factory IP: 192.168.1.254 Factory User/Pass: admin/admin

Firmware

Latest Firmware is from Billion As of October 2011 the version we ship is 1.06d

We have a copy of 1.06d here: media:UKBillion7800NV6_106d.zip



Another useful Billion page on spaldwick.com

Comtrend

Info here: *Comtrend

Thomson

We've tested a TG789vn router (Aug 2011) which had beta IPv6 firmware (10.1.0.3), and this works. A bit more info here: [1]

Apple Airport Extreme

The Airport Extreme claims to support native IPv6 over PPPoE but we don't know of anyone who has it working. It still works via tunnels though (tunnel configuration explained on the knowledge base). You need to set the remote tunnel endpoint address to 81.187.81.6, and you need two /64 subnets off us that are statically routed to the Airport's IPv4 address. Assign an IP from one /64 as the WAN address and set the default route to our ping address "bottomless", which is 2001:8b0:0:81::51bb:51bb. Set the LAN address to the first usable IP on the second /64 and it should just work.