VMG1312-B10A: AAISP Configuration: Difference between revisions
mNo edit summary |
(clean up) |
||
| (42 intermediate revisions by 2 users not shown) | |||
| Line 3: | Line 3: | ||
Customers are free to alter the configuration as supplied, sending a configuration from the Control Pages will overwrite any settings changed though. |
Customers are free to alter the configuration as supplied, sending a configuration from the Control Pages will overwrite any settings changed though. |
||
Here is an overview of the settings that are modified from the default |
Here is an overview of the settings that are modified from the default, you can sort the table by the date added column to see any new changes. |
||
{| class="wikitable sortable" |
{| class="wikitable sortable" |
||
| ⚫ | |||
|- |
|- |
||
| ⚫ | |||
| ⚫ | |||
|- |
|- |
||
| ⚫ | |||
*Configure PPP settings as per the service || || 2015-02-01 |
|||
|- |
|- |
||
| Broadband || Configure WAN VLAN 802.1q=101 || Only for the VDSL WAN interface. || 2015-02-01 |
|||
*Configure DHCP || (Further Settings on Control Pages, Default=All IPs using AAISP DNS servers or as set on Control Pages) || 2015-02-01 |
|||
|- |
|- |
||
| Broadband || Configure PPP || Settings as per the service || 2015-02-01 |
|||
|- |
|- |
||
| Home Network || Configure DHCP || Further Settings on Control Pages, Default=All IPs using AAISP DNS servers or as set on Control Pages || 2015-02-01 |
|||
|- |
|- |
||
| Home Network || Configure LAN subnet || If line has a block of public IPs use them, else default is 192.168.1.1 || 2015-02-01 |
|||
|- |
|- |
||
| Home Network || Configure LAN subnet || If router set for bridge mode, leave IP as 192.168.1.1 || 2015-06-19 |
|||
*Configure WiFi for AES only (not legacy TKIP)|| || 2015-06-16 |
|||
|- |
|- |
||
| Wireless || Configure WiFi || Further Settings on Control Pages: SSID, Password or disable WiFi || 2015-02-01 |
|||
|- |
|- |
||
| Wireless || Configure WiFi for 20 MHz || Instead of 40 MHz see [[VMG1312: WiFi Tips]] || 2015-02-01 |
|||
|- |
|- |
||
| Wireless || Configure WiFi for AES only|| This disables legacy/insecure TKIP see [[VMG1312: WiFi Tips]] || 2015-06-16 |
|||
**To view log: WebUI: System Monitor - Log or via telnet/ssh CLI: syslog dump system. |
|||
|- |
|- |
||
| Firewall || Configure Firewall on/off || Settings on Control Pages, Default=Enabled || 2015-02-01 |
|||
|- |
|- |
||
| TR-069 || Configure TR-069 || Allows the router to be managed by AAISP, we give customer the same controls as staff get || 2015-02-01 |
|||
|- |
|- |
||
| Log || Configure Local logging || Logs: System, PPPoE, XDSL, Internet, Attack, Account. || 2015-05-29 |
|||
*Disable SNMP || || 2015-02-01 |
|||
|- |
|- |
||
| Firewall || Rule to allow ICMPv6 to LAN || Helps make IPv6 work! ||2015-06-16 |
|||
*Disable 3G backup || || 2015-02-01 |
|||
|- |
|- |
||
| Home Network || Disable NAT || If customer has a public IP block || 2015-02-01 |
|||
|- |
|- |
||
| Maintenance || Disable SNMP || SNMP has a habit of having vulnerabilities, we are not aware of any for the VMG1312 though || 2015-02-01 |
|||
*Change NTP servers || to be time.aa.net.uk and 0.uk.pool.ntp.org || 2015-02-01 |
|||
|- |
|- |
||
| Maintenance || Disable 3G backup || Not usually required || 2015-02-01 |
|||
|- |
|- |
||
| Firewall || Disable 'DoS Protection Blocking' || It does odd things, like blocking WebUI over WiFi! || 2015-06-16 |
|||
*Change 'admin' password || (Setting on Control Pages) || 2015-02-01 |
|||
|- |
|- |
||
| Maintenance || Change NTP servers || time.aa.net.uk and 0.uk.pool.ntp.org || 2015-02-01 |
|||
|- |
|- |
||
| Maintenance || Change 'supervisor' password || Setting on Control Pages (same as admin) || 2015-02-01 |
|||
|- |
|- |
||
| Maintenance || Change 'admin' password || Setting on Control Pages || 2015-02-01 |
|||
|- |
|- |
||
| Firewall || Change Remote Management Options || Further Settings on Control Pages. Default is to only allow the LAN and the AAISP offices access. || 2015-02-01 |
|||
| ⚫ | |||
|- |
|- |
||
| QoS || Change QoS || Set to give upstream priority based on 'Packet Length' See: [[VMG1312: QoS]] || 2015-02-01 |
|||
*Remove the default read-only zyuser user || || 2015-02-01 |
|||
|- |
|||
| Firewall || Change 'Deny Ping Response' to Disable, || Allows the router to reply to pings || 2015-02-01 |
|||
|- |
|||
| ⚫ | |||
|- |
|||
| Maintenance || Remove zyuser user || It is a default read-only user, there is no need for it || 2015-02-01 |
|||
|} |
|} |
||
*Static routes are currently not configured. (Only applicable if you have multiple public IP blocks and need them routed to a secondary router. These can be configured manually though. |
*[[VMG1312: Static Routes|Static routes]] are currently not configured. (Only applicable if you have multiple public IP blocks and need them routed to a secondary router. These can be configured manually though. |
||
This list may not be exhaustive, and may change over time. |
This list may not be exhaustive, and may change over time. |
||
| Line 63: | Line 66: | ||
==WAN Configuration== |
|||
As mentioned above, the WAN side of the router is configured depending on the Service provided and the settings on the Control Pages. |
|||
{| class="wikitable" |
|||
!Service |
|||
!Bridge |
|||
!WAN port |
|||
!Note: WAN |
|||
!Note: LAN |
|||
!Note: WiFi |
|||
!Other notes |
|||
|---- |
|||
!colspan="7"|Routing Configurations - Connecting to phone line |
|||
|---- |
|||
!ADSL |
|||
|No |
|||
|DSL |
|||
|Plugs in to phone line |
|||
|Customer LAN |
|||
|Customer LAN |
|||
|MTU 1492 |
|||
|---- |
|||
!FTTC wires only |
|||
|No |
|||
|DSL |
|||
|Plugs in to phone line |
|||
|Customer LAN |
|||
|Customer LAN |
|||
|MTU 1492, WAN VLAN 802.1q=101 |
|||
|---- |
|||
!colspan="7"|Routing Configurations - Connecting to another modem |
|||
|---- |
|||
!FTTC engineer install (not available for new installations) |
|||
|No |
|||
|Port 4 |
|||
|plugs in to Openreach modem (no longer supplied) |
|||
|Customer LAN |
|||
|Customer LAN |
|||
|1492 MTU, WAN VLAN 802.1q=101. QoS will not know the uplink speed automatically, The rate can be set under Network Setting - Broadband - #3 edit |
|||
|---- |
|||
!FTTP |
|||
|No |
|||
|Port 4 |
|||
|plugs in to Openreach modem |
|||
|Customer LAN |
|||
|Customer LAN |
|||
|1492 MTU. QoS will not know the uplink speed automatically, The rate can be set under Network Setting - Broadband - #3 edit |
|||
|---- |
|||
!colspan="7"|Bridge Configurations |
|||
|---- |
|||
!FTTC wires only with Customer own PPPoE router |
|||
|Yes |
|||
|DSL |
|||
|Plugs in to phone line |
|||
|Customer PPPoE router |
|||
|Usually Disabled |
|||
|ZyXEL becomes a bridging modem. MTU 1492. WAN VLAN 802.1q=101 |
|||
|---- |
|||
!ADSL with Customer own PPPoE router |
|||
|Yes |
|||
|DSL |
|||
|Plugs in to phone line |
|||
|Customer PPPoE router |
|||
|Usually Disabled |
|||
|ZyXEL becomes a bridging modem. MTU 1492 |
|||
|---- |
|||
|} |
|||
=Making Changes= |
|||
If you make changes to your configuration then you may want to back it up. See: [[VMG1312: Backup Configuration]] |
|||
[[Category: |
[[Category:ZyXEL VMG1312-B10A|AAISP Configuration]] |
||
Latest revision as of 00:22, 18 August 2018
AAISP configure routers via TR-069 protocol. We generate a config file and this is sent to the router. Firmware updates are also able to be sent to the router.
Customers are free to alter the configuration as supplied, sending a configuration from the Control Pages will overwrite any settings changed though.
Here is an overview of the settings that are modified from the default, you can sort the table by the date added column to see any new changes.
| Area | Setting | Note | Date added |
|---|---|---|---|
| Broadband | Configure WAN interface | Further Settings on Control Pages: ADSL/FTTC, Bridge or WAN on port 4 (FTTP) | 2015-02-01 |
| Broadband | Configure WAN VLAN 802.1q=101 | Only for the VDSL WAN interface. | 2015-02-01 |
| Broadband | Configure PPP | Settings as per the service | 2015-02-01 |
| Home Network | Configure DHCP | Further Settings on Control Pages, Default=All IPs using AAISP DNS servers or as set on Control Pages | 2015-02-01 |
| Home Network | Configure LAN subnet | If line has a block of public IPs use them, else default is 192.168.1.1 | 2015-02-01 |
| Home Network | Configure LAN subnet | If router set for bridge mode, leave IP as 192.168.1.1 | 2015-06-19 |
| Wireless | Configure WiFi | Further Settings on Control Pages: SSID, Password or disable WiFi | 2015-02-01 |
| Wireless | Configure WiFi for 20 MHz | Instead of 40 MHz see VMG1312: WiFi Tips | 2015-02-01 |
| Wireless | Configure WiFi for AES only | This disables legacy/insecure TKIP see VMG1312: WiFi Tips | 2015-06-16 |
| Firewall | Configure Firewall on/off | Settings on Control Pages, Default=Enabled | 2015-02-01 |
| TR-069 | Configure TR-069 | Allows the router to be managed by AAISP, we give customer the same controls as staff get | 2015-02-01 |
| Log | Configure Local logging | Logs: System, PPPoE, XDSL, Internet, Attack, Account. | 2015-05-29 |
| Firewall | Rule to allow ICMPv6 to LAN | Helps make IPv6 work! | 2015-06-16 |
| Home Network | Disable NAT | If customer has a public IP block | 2015-02-01 |
| Maintenance | Disable SNMP | SNMP has a habit of having vulnerabilities, we are not aware of any for the VMG1312 though | 2015-02-01 |
| Maintenance | Disable 3G backup | Not usually required | 2015-02-01 |
| Firewall | Disable 'DoS Protection Blocking' | It does odd things, like blocking WebUI over WiFi! | 2015-06-16 |
| Maintenance | Change NTP servers | time.aa.net.uk and 0.uk.pool.ntp.org | 2015-02-01 |
| Maintenance | Change 'supervisor' password | Setting on Control Pages (same as admin) | 2015-02-01 |
| Maintenance | Change 'admin' password | Setting on Control Pages | 2015-02-01 |
| Firewall | Change Remote Management Options | Further Settings on Control Pages. Default is to only allow the LAN and the AAISP offices access. | 2015-02-01 |
| QoS | Change QoS | Set to give upstream priority based on 'Packet Length' See: VMG1312: QoS | 2015-02-01 |
| Firewall | Change 'Deny Ping Response' to Disable, | Allows the router to reply to pings | 2015-02-01 |
| QoS | Disable the default QoS Classes | See: VMG1312: QoS | 2015-02-01 |
| Maintenance | Remove zyuser user | It is a default read-only user, there is no need for it | 2015-02-01 |
- Static routes are currently not configured. (Only applicable if you have multiple public IP blocks and need them routed to a secondary router. These can be configured manually though.
This list may not be exhaustive, and may change over time.
WAN Configuration
As mentioned above, the WAN side of the router is configured depending on the Service provided and the settings on the Control Pages.
| Service | Bridge | WAN port | Note: WAN | Note: LAN | Note: WiFi | Other notes |
|---|---|---|---|---|---|---|
| Routing Configurations - Connecting to phone line | ||||||
| ADSL | No | DSL | Plugs in to phone line | Customer LAN | Customer LAN | MTU 1492 |
| FTTC wires only | No | DSL | Plugs in to phone line | Customer LAN | Customer LAN | MTU 1492, WAN VLAN 802.1q=101 |
| Routing Configurations - Connecting to another modem | ||||||
| FTTC engineer install (not available for new installations) | No | Port 4 | plugs in to Openreach modem (no longer supplied) | Customer LAN | Customer LAN | 1492 MTU, WAN VLAN 802.1q=101. QoS will not know the uplink speed automatically, The rate can be set under Network Setting - Broadband - #3 edit |
| FTTP | No | Port 4 | plugs in to Openreach modem | Customer LAN | Customer LAN | 1492 MTU. QoS will not know the uplink speed automatically, The rate can be set under Network Setting - Broadband - #3 edit |
| Bridge Configurations | ||||||
| FTTC wires only with Customer own PPPoE router | Yes | DSL | Plugs in to phone line | Customer PPPoE router | Usually Disabled | ZyXEL becomes a bridging modem. MTU 1492. WAN VLAN 802.1q=101 |
| ADSL with Customer own PPPoE router | Yes | DSL | Plugs in to phone line | Customer PPPoE router | Usually Disabled | ZyXEL becomes a bridging modem. MTU 1492 |
Making Changes
If you make changes to your configuration then you may want to back it up. See: VMG1312: Backup Configuration