VMG1312-B10A: AAISP Configuration

From AAISP Support Site
Revision as of 20:37, 16 June 2015 by AA-Andrew (talk | contribs)

AAISP configure routers via TR-069 protocol. We generate a config file and this is sent to the router. Firmware updates are also able to be sent to the router.

Customers are free to alter the configuration as supplied, sending a configuration from the Control Pages will overwrite any settings changed though.

Here is an overview of the settings that are modified from the default:

  • Configure WAN interface (Further Settings on Control Pages: ADSL/FTTC, Bridge or WAN on port 4 (FTTP))
  • Configure PPP settings as per the service
  • Configure DHCP (Further Settings on Control Pages, Default=All IPs using AAISP DNS servers or as set on Control Pages)
  • Configure LAN subnet if line has a block of public IPs. (else default is 192.168.1.1)
  • Configure WiFi (Further Settings on Control Pages: SSID, Password or disable WiFi)
  • Configure WiFi for 20Mhz instead of the 40Mhz default (see VMG1312: WiFi Tips)
  • Configure WiFi for AES only (not legacy TKIP) (added 2015-06-16)
  • Configure Firewall on/off (Settings on Control Pages, Default=Enabled)
  • Configure TR-069 so the router can be managed by AAISP (we give customer the same controls as staff get)
  • Configure Local logging (on router) to log: System, PPPoE, XDSL, Internet, Attack, Account. (added 2015-05-29)
    • To view log: WebUI: System Monitor - Log or via telnet/ssh CLI: syslog dump system.
  • Add a Firewall rule to allow ICMPv6 (added 2015-06-16)
  • Disable NAT, if customer has a public IP block
  • Disable SNMP
  • Disable 3G backup
  • Disable 'DoS Protection Blocking' as it does odd things, like blocking WebUI over WiFi (added 2015-06-16)
  • Change NTP servers to be time.aa.net.uk and 0.uk.pool.ntp.org
  • Change 'supervisor' password (Setting on Control Pages)
  • Change 'admin' password (Setting on Control Pages)
  • Change Remote Management Options (Further Settings on Control Pages)
  • Change QoS to give upstream priority based on 'Packet Length' (See: VMG1312: QoS)
  • Change 'Deny Ping Response' to Disable, to allow the router to reply to ping.
  • Disable the default QoS Classes (See: VMG1312: QoS)
  • Remove the default read-only zyuser user


  • Static routes are currently not configured. (Only applicable if you have multiple public IP blocks and need them routed to a secondary router. These can be configured manually though.

This list may not be exhaustive, and may change over time.


Notes

DOS protection is left enabled - this may give some unexpected results, eg the router will only reply to 20 pings before it stops replying.

A Security Log can be found on the Web UI: 

System Monitor -> Log -> Security Log (tab)
DOS protection settings as described in the user manual
Retrieved from ‘http://support.aa.net.uk/index.php?title=VMG1312-B10A:_AAISP_Configuration&oldid=9603