Jump to content

This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!

Router - TG582N

From AAISP Support Site

Technicolor TG582N

 

This page has information, config pointers for the Technicolor TG582N ADSL Router.

Other Settings & Config info

Firewall & Security Related

Restrict access to HTTP interface by IP:

You may prefer to just restrict access to the router by IP - note this applies to the LAN and WAN, so you'll need to add your LAN addresses too

service system ipadd name=HTTP ip=YOUR.LAN.IP.BLOCK/MASK
service system ipadd name=HTTP ip=90.155.42.0/24
service system ipadd name=HTTPs ip=90.155.42.0/24
service system ipadd name=HTTPs ip=YOUR.LAN.IP.BLOCK/MASK

To view settings:

service system list name=HTTP expand=enabled
service system list name=HTTPs expand=enabled

You should then see the IP(s) in 'Ip Access List'

Then, save the settings:

saveall

Restrict access to TELNET interface by IP:

Add your LAN block first, as otherwise you'll be locked out!

service system ipadd name=TELNET ip=YOUR.LAN.BLOCK/MASK
service system ipadd name=TELNET ip=90.155.42.0/24
service system ipadd name=TELNET ip=81.187.30.0/25

Note: 90.155.42.0/24 are AAISP offices, and 81.187.30.0/25 are an AAISP server block - this will allow AAISP to log in to the router.

to view settings:

service system list name=TELNET expand=enabled

Save the settings:

saveall

To later delete the restriction:

service system ipdelete name=HTTP ip=90.155.42.0/24
saveall

Disable all ALG

You can flush all ALG bindings with the command:

connection flush
saveall

This isn't well tested - please let us know if anything breaks when you do this!

WAN Access Restrictions (HTTP/TELNET to the Router)

Here are notes on how to restrict access to the routers web and telnet interfaces, by either disabling access from the WAN (Intetnet) altogether, or by restricting access by IP address. These settings are made live as soon as they are entered, so be careful not to lock yourself out!

Disable WAN access to HTTP/Telnet:

This will disable WAN access to the routers adminitrator services

To disable WAN access to HTTP, HTTPS and telnet:

service system ifdelete name=HTTP group=wan
service system ifdelete name=HTTPs group=wan
service system ifdelete name=TELNET group=wan

To view the settings:

service system list name=HTTP expand=enabled
service system list name=TELNET expand=enabled

It should say:

Interface Group Access List lan 

Save the settings:

saveall

To later revert the setting, add back wan access by:

service system ifadd name=HTTP group=wan
saveall

Disable Wifi (Wireless)

Via HTTP interface - Home Network - WLAN - Configure - untick WLAN Enable, click Apply

Other Settings

Changing PPP Password, via telnet CLI

The command should be:

ppp ifconfig intf=Internet user=x@a password=secret status=enabled

TR069

Routers should be configured by AAISP to talk back to the AAISP TR069 server - this allows management of firmware and config by AAISP staff if required. Some older routers may not be set up correctly, and some routers on older firmware (v8) on Non natted connections may not be able to talk to the TR069 server due to a firmware bug. Routers with version 10 firmware are likely to be configured ok though. To View the TR069 settings, via telnet:

cwmp server config


3G setup

I've only worked out some of this, but I found the following got a dongle working:

  {Administrator}=>mobile ifadd intf=umts
 {Administrator}=>mobile ifconfig intf=umts apn=CHANGEME
 {Administrator}=>ppp ifadd intf=mobilebroadband
 {Administrator}=>ppp ifconfig intf=mobilebroadband dest=umts
 {Administrator}=>nat ifconfig translation=enabled intf=mobilebroadband
 {Administrator}=>ppp rtadd intf=mobilebroadband dst=0.0.0.0
 {Administrator}=>exit

I then went to the web interface http://192.168.1.254/_pppom_cfg.lp?be=0&l0=2&l1=2&name=mobilebroadband - replace 192.168.1.254 with the IP address of your router, and entered the username, password, and APN. For my vodafone SIM, the username was web, the password was web, and the APN was pp.internet.

Some further notes and sources on my blog:

(feel free to copy here if you want)

Third Party Pages

Here is someone elses page with telnet commands and info regarding the Technicolor:

Plusnet have firmware for this router at: R10.0.2.0 and R10.2.2.9. In most cases AAISP and can upgrade customers firmware remotely, please do contact Support for more information on this. The Plusnet firmware has not been tried and tested by AAISP and can't give much help if it doesn't work for you.