Advertisement
Help Keep Boards Alive. Support us by going ad free today. See here: https://subscriptions.boards.ie/.
If we do not hit our goal we will be forced to close the site.

Current status: https://keepboardsalive.com/

Annual subs are best for most impact. If you are still undecided on going Ad Free - you can also donate using the Paypal Donate option. All contribution helps. Thank you.
https://www.boards.ie/group/1878-subscribers-forum

Private Group for paid up members of Boards.ie. Join the club.

Wifi mesh systems

1343537394058

Comments

  • Registered Users, Registered Users 2, Paid Member Posts: 1,233 ✭✭✭dam099


    54and56 wrote: »
    So every time I change the setting from Router Mode to Bridged Only and click save settings the modem resets and when it comes back up it's still in Router Mode!

    Also, if the VF modem is in router mode why isn't the Trace Route showing double nating? :o

    4K7nSJP.jpg

    Are you using a VPN? Been a while since I was on VM but dont recall their routing looking like that. Midphase.com which is your first visible hop looks like a hosting provider.


  • Registered Users, Registered Users 2, Paid Member Posts: 8,031 ✭✭✭54and56


    dam099 wrote: »
    Are you using a VPN? Been a while since I was on VM but dont recall their routing looking like that. Midphase.com which is your first visible hop looks like a hosting provider.

    I do have and use express VPN but don't think it was on when i ran the trace.

    I just ran the Trace again with the VPN definitely off and here is the result.

    dZLYa3R.jpg

    Looks quite different to the original trace and I notice it is giving the TT Mesh router what looks like a Virgin Media IP address rather than the static IP address for the TT router.


  • Registered Users, Registered Users 2, Paid Member Posts: 1,233 ✭✭✭dam099


    54and56 wrote: »
    I do have and use express VPN but don't think it was on when i ran the trace.

    I'll redo it again this evening and check the result.

    Below is an example of double NAT.

    I haven't experienced any real problems but I have taken some steps to mitigate the impact i.e. turned of DHCP and WiFi on the ISP router and put my own 3rd party router into the DMZ of the ISP router.


  • Closed Accounts Posts: 1,297 ✭✭✭Gooey Looey


    dam099 wrote: »
    Below is an example of double NAT.

    I haven't experienced any real problems but I have taken some steps to mitigate the impact i.e. turned of DHCP and WiFi on the ISP router and put my own 3rd party router into the DMZ of the ISP router.

    Triple NAT. Are you on ipv6 with carrier grade Nat also?


  • Registered Users, Registered Users 2, Paid Member Posts: 1,233 ✭✭✭dam099


    Triple NAT. Are you on ipv6 with carrier grade Nat also?

    Yikes, I hadn't even clocked the 10.* was a private IP too.

    VF SIRO, ipv6 is not enabled on their router by default.

    If I go to an IP lookup site I have an 109.77.*.* address which is what my ISP router tells me is my WAN address.

    My Plex server is available externally though, I understood Carrier grade Nat would possibly kill that?


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 427 ✭✭Blowheads


    Hi,
    Have Netgear Orbi 3 node mesh with VF FTTH router.
    Orbi is bridge mode

    To simplify the system can I bypass the VF router altogether?
    What I need to set up the Orbi? Set it to router mode and what other settings needed to connect?


  • Closed Accounts Posts: 1,297 ✭✭✭Gooey Looey


    dam099 wrote: »
    Yikes, I hadn't even clocked the 10.* was a private IP too.

    VF SIRO, ipv6 is not enabled on their router by default.

    If I go to an IP lookup site I have an 109.77.*.* address which is what my ISP router tells me is my WAN address.

    My Plex server is available externally though, I understood Carrier grade Nat would possibly kill that?

    With Plex you authenticate with the Plex website, they keep a connection open to there so it will usually just work, it doesn't just use plug and play (upnp)


  • Closed Accounts Posts: 1,297 ✭✭✭Gooey Looey


    Blowheads wrote: »
    Hi,
    Have Netgear Orbi 3 node mesh with VF FTTH router.
    Orbi is bridge mode

    To simplify the system can I bypass the VF router altogether?
    What I need to set up the Orbi? Set it to router mode and what other settings needed to connect?

    You need to set vlan10 on the wan interface.


  • Registered Users, Registered Users 2, Paid Member Posts: 1,233 ✭✭✭dam099


    With Plex you authenticate with the Plex website, they keep a connection open to there so it will usually just work, it doesn't just use plug and play (upnp)

    Ah right.

    I can also reach my Home Automation server on a RPI if I forward the port on my main router.


  • Registered Users, Registered Users 2 Posts: 1,559 ✭✭✭Leftwaffe


    I see a fast roaming option in the Deco M4 settings. Should I enable this?


  • Advertisement
  • Closed Accounts Posts: 1,297 ✭✭✭Gooey Looey


    dam099 wrote: »
    Ah right.

    I can also reach my Home Automation server on a RPI if I forward the port on my main router.

    Is there a continuous connection kept open from the server to the cloud?

    Carrier grade NAT isn't the same as double NAT. It does complicate things though
    https://en.wikipedia.org/wiki/Carrier-grade_NAT


  • Registered Users, Registered Users 2, Paid Member Posts: 1,233 ✭✭✭dam099


    Is there a continuous connection kept open from the server to the cloud?

    There is a link to a cloud service for remote sensor status and it also looks up to Darksky.

    Tried another port forward for an non cloud enabled application on another Pi though and it worked too.

    Edit: Just saw your update on CGN not quite being the same.


  • Registered Users, Registered Users 2, Paid Member Posts: 8,031 ✭✭✭54and56


    dam099 wrote: »
    Below is an example of double NAT.

    I haven't experienced any real problems but I have taken some steps to mitigate the impact i.e. turned of DHCP and WiFi on the ISP router and put my own 3rd party router into the DMZ of the ISP router.

    Hi Dam099,

    Are you saying my Trace route shows double Nat?


  • Registered Users, Registered Users 2 Posts: 7,258 ✭✭✭RangeR


    54and56 wrote: »
    Hi Dam099,

    Are you saying my Trace route shows double Nat?


    It looks to be not double NAT. This is normal if you have your VM router bridged. Your TaoTronics is hop 1. Hop 2 ntlworld.ie [89.101.x.x] appears to be the VM gateway [they bought over NTL Ireland], not your router. Your router would show up as something like 192.168.0.1.


  • Registered Users, Registered Users 2, Paid Member Posts: 8,031 ✭✭✭54and56


    RangeR wrote: »
    It looks to be not double NAT. This is normal if you have your VM router bridged. Your TaoTronics is hop 1. Hop 2 ntlworld.ie [89.101.x.x] appears to be the VM gateway [they bought over NTL Ireland], not your router. Your router would show up as something like 192.168.0.1.

    So the trace actually looks good?

    If that's the case I guess the challenge is to find a way to change it from router to bridge/modem setting.

    I haven't tried the hack linked to above yet, might give that a crack over the weekend.

    Would prefer to not have to go messing about with code!!


  • Registered Users, Registered Users 2 Posts: 427 ✭✭Blowheads


    You need to set vlan10 on the wan interface.

    Thanks, are there other settings / login details necessary?


  • Registered Users, Registered Users 2 Posts: 3,175 ✭✭✭cruizer101


    Wondering has anyone else bought the deco M5 and what the power connector was.
    I bought some from Komplett on which the image shows the connector being a usb c socket. However they arrived with a barrel connector.
    They have the power plugs but they are euro plugs meaning need to use a travel adapter. I had thought they would be euro plugs as when I ordered travel adapters were added to my cart automatically for €0. But I had planned just using some of my own usb power sources to power them instead, and also to get some 90 degree adaptors so I could keep the cables neat and tidy.

    Bit of a pain and not sure whether to return and try order some others with the usb c socket or just use them.


  • Closed Accounts Posts: 1,297 ✭✭✭Gooey Looey


    Blowheads wrote: »
    Thanks, are there other settings / login details necessary?

    I honestly don't know as I haven't done it myself. I'm pretty sure you just enable DHCP on the wan interface but maybe they use pppoe. Someone with Vodafone FTTH will have to answer that.


  • Registered Users, Registered Users 2, Paid Member Posts: 21,463 ✭✭✭✭Cyrus


    Blowheads wrote: »
    Thanks, are there other settings / login details necessary?

    yes see here

    password is vodafone i think (or maybe it doesnt matter)

    Capture3.jpg


  • Registered Users, Registered Users 2, Paid Member Posts: 8,031 ✭✭✭54and56


    RangeR wrote: »
    It looks to be not double NAT. This is normal if you have your VM router bridged. Your TaoTronics is hop 1. Hop 2 ntlworld.ie [89.101.x.x] appears to be the VM gateway [they bought over NTL Ireland], not your router. Your router would show up as something like 192.168.0.1.

    Sorry to be a squeaky hinge here but I got up earlier to do the VM Modem hack and it just crossed my mind that if my VM modem is stuck in router mode I should be getting a Double NAT result when I run a trace and it doesn't look like I am. Here's another trace just now.

    X3MVdx0.jpg

    Two other things spring to mind before I attempt this hack.

    1. If the VM being in Router mode is what is preventing my ability to port forward why didn't it prevent port forwarding on my old Asus Router which was port forwarding fine before I installed the TT Mesh system?

    2. Is the default gateway IP (local IP address) on VM's Cisco EPC3925 modem 89.101.211.41? Should that be set to something else?


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 7,258 ✭✭✭RangeR


    54and56 wrote: »
    Sorry to be a squeaky hinge here but...


    OK, so after I said it didn't appear to be double NATTED, you came back and same your VM was in router mode. That had me puzzled. I would expect the second hop to be the local IP of the VM box but it appeared to be your VM gateway ip. So here is my tracert to google.com. My VM is definitely bridged. But I have two other routers so double NAT'd. It's just a little different to yours.

    C:\Users\RangeR>tracert google.com

    Tracing route to google.com [216.58.204.46]
    over a maximum of 30 hops:

    1 2 ms 3 ms 2 ms 192.168.86.1 <-Google WIFI
    2 3 ms 3 ms 2 ms GL-MV1000 [192.168.0.1] <- Second router
    3 14 ms 21 ms 13 ms 46.7.34.1 <- Virgin Media gateway [similar but different to my public IP Address]
    4 16 ms 14 ms 13 ms 109.255.255.49
    5 14 ms 18 ms 27 ms ie-dub01a-rc1-ae-44-0.aorta.net [84.116.238.158]
    6 273 ms 39 ms 19 ms ie-dub02a-ri1-ae-73-0.aorta.net [84.116.134.110]
    7 13 ms 14 ms 13 ms 74.125.118.8
    8 20 ms 28 ms 19 ms 74.125.243.241
    9 27 ms 14 ms 16 ms 74.125.243.247
    10 26 ms 14 ms 17 ms 209.85.143.235
    11 28 ms 32 ms 28 ms 172.253.71.195
    12 1148 ms 83 ms 28 ms 216.239.58.132
    13 23 ms 32 ms 32 ms 108.170.246.129
    14 24 ms 30 ms 22 ms 108.170.238.117
    15 31 ms 34 ms 30 ms lhr25s12-in-f46.1e100.net [216.58.204.46]

    Trace complete.


    On your trace, I don't see two internal private IP Addresses. I'm just not seeing two routers in your setup. Your first hop is your Tao. Your second hop is the VM Gateway [outside your house, VM edge network]. It just looks to me that your vm router is not in the mix.


    If you search "what is my ip address", do you get similar or exactly the same as your second hop, 89.100.xxx.xx?

    And don't apologise. It's good to workout tech issues :)

    Just to be absolutely clear. I have a VM Hub 3. The front light goes pink when in bridged mode. When it's not in bridged mode, I think it goes green but it's been a while. I didn't have to hack the box. The setting was just there in the web UI. It's weird that some people have to hack the interface. Maybe VM are cracking down on unneeded support calls :). Rather than hacking, maybe give them a call and ask them to bridge it remotely. I know they do this for business customers.

    Untitled666.png?psid=1


  • Registered Users, Registered Users 2, Paid Member Posts: 8,031 ✭✭✭54and56


    Thanks RangeR, sure what else would I be doing on a miserable wet freezing cold Sunday in the middle of a pandemic lockdown :D
    RangeR wrote: »
    OK, so after I said it didn't appear to be double NATTED, you came back and same your VM was in router mode. That had me puzzled. I would expect the second hop to be the local IP of the VM box but it appeared to be your VM gateway ip.

    The 2nd hop is both the IP address of the VM box AND the gateway address specified on the TT Mesh Router. If that is a duplication / transcribe error on my part I guess it could be (or be part of) the problem?

    uzcX4Rn.jpg

    On the VM modem Gateway tab there's a section called "Internet IPv4 Connection" and two things stick out there:-

    1. The "Internet IP address" is a 10.100.xx.xxx number (never sure what IP's I can share on a public forum)
    2. The "Default Gateway" IP address is the same as the "Internet IP Address" but the final digit is one less.
    RangeR wrote: »
    If you search "what is my ip address", do you get similar or exactly the same as your second hop, 89.100.xxx.xx?[/IMG]
    I assume you meant 101 not 100?

    I get the Static IP address of the TT Router which is also 89.101.xxx.xx but not the exact 89.101.211.41 that the 2nd hop is.
    RangeR wrote: »
    Just to be absolutely clear. I have a VM Hub 3. [/IMG]

    I have the Cisco EPC3925 Modem which is the one referred to in the hack thread. I actually have 3 of them. The top one handles Broadband, the bottom two handle VOIP.

    DJnTeTF.jpg
    RangeR wrote: »
    Rather than hacking, maybe give them a call and ask them to bridge it remotely. I know they do this for business customers.[/IMG]

    I am a business customer as I have a home office with 4 landlines etc so I might give them a call tomorrow but there's 2 reasons I'd prefer to sort this myself:-

    1. I'd like to learn / understand and be more in control of the setup / network myself than rely on increasingly outsourced and templated support from VM or or similar.

    2. The quality of Business Support can be very patchy. I've had some great assistance over the years with in house based support but I've increasingly found that as support gets outsourced, whether to a local or international call centre, it gets really dumbed down and if your problem can't be fixed by reference to a set number of prescribed steps you can end up making things worse.


  • Registered Users, Registered Users 2 Posts: 7,258 ✭✭✭RangeR


    54and56 wrote: »
    Thanks RangeR, sure what else would I be doing on a miserable wet freezing cold Sunday in the middle of a pandemic lockdown :D
    Drinking?
    54and56 wrote: »
    The 2nd hop is both the IP address of the VM box AND the gateway address specified on the TT Mesh Router. If that is a duplication / transcribe error on my part I guess it could be (or be part of) the problem?
    Your public IP cannot be the same as VM's gateway. They have to be different so your devices can find a route to the internet. Is your TAO set for DHCP? I think it should. VM will assign you an IP. Unless you are on a static address. In that case, VM should have given you your IP, subnet mask and maybe gateway address. If you're not on static, ask then for a static. It's free. While your on, get them to bridge it for you. Unless you REALLY want to mess around.


    54and56 wrote: »
    On the VM modem Gateway tab there's a section called "Internet IPv4 Connection" and two things stick out there:-

    1. The "Internet IP address" is a 10.100.xx.xxx number (never sure what IP's I can share on a public forum)
    2. The "Default Gateway" IP address is the same as the "Internet IP Address" but the final digit is one less.
    You can share any internal address. Don't share publics. Internals are ALWAYS...


    10.0.0.0 – 10.255.255.255
    172.16.0.0 – 172.31.255.255
    192.168.0.0 – 192.168.255.255


    Anything else is public and could identify you.

    54and56 wrote: »
    I assume you meant 101 not 100?
    Of course. Fat fingers syndrome. From one side of the keyboard to the other.

    54and56 wrote: »
    I get the Static IP address of the TT Router which is also 89.101.xxx.xx but not the exact 89.101.211.41 that the 2nd hop is.


    I have the Cisco EPC3925 Modem which is the one referred to in the hack thread. I actually have 3 of them. The top one handles Broadband, the bottom two handle VOIP.


    I am a business customer as I have a home office with 4 landlines etc so I might give them a call tomorrow but there's 2 reasons I'd prefer to sort this myself:-
    Similar to what I have in all my business sites [maybe not cisco but look similar. Hitel maybe] but I think they are called. Ring them. It should be painless. Static IP and bridged.
    54and56 wrote: »
    1. I'd like to learn / understand and be more in control of the setup / network myself than rely on increasingly outsourced and templated support from VM or or similar.

    2. The quality of Business Support can be very patchy. I've had some great assistance over the years with in house based support but I've increasingly found that as support gets outsourced, whether to a local or international call centre, it gets really dumbed down and if your problem can't be fixed by reference to a set number of prescribed steps you can end up making things worse.
    Understood and totally agree. But these devices aren't designed or configured to mess around with. They are designed to go straight into bridged mode [for business]. No idea why they used them for domestic [costs mainly, I suppose]. I had one of these a few years ago as a domestic customer, one device for both internet and phone. They obviously split them over two devices for business.


  • Registered Users, Registered Users 2, Paid Member Posts: 8,031 ✭✭✭54and56


    Hi RangeR,

    Really appreciate your input thanks.

    I'll give VM Support a bell and see if they can sort me out. That would be much preferable to trying the hack as that's waaaaayyyyyyy outside my comfort zone!!


  • Registered Users, Registered Users 2 Posts: 10,433 ✭✭✭✭Hurrache


    There's no need for any Virgin Media hack. I'd factory reset the modem and get in touch with Virgin Media support via WhatsApp asking for an IPv4 address so you can put the modem into bridge mode, and you're done.


  • Registered Users, Registered Users 2 Posts: 5,553 ✭✭✭Redsoxfan


    So my parents have an Eir Fibre Box 1A 1.0

    As far as I know, they don't actually have FTTH, Eir just replaced their router for some reason.

    There have been ongoing issues with coverage with the new router.

    I was looking into Google WiFi, which I have and works very well with Virgin Media, but it seems thus might not be suitable with this Eir router?

    Or is that just the case with FTTH?

    If Google is not recommended in this case, what's the next best alternative for ease of use and installation?

    I was thinking of the Deco M5 from Komplett.


  • Registered Users, Registered Users 2, Paid Member Posts: 8,031 ✭✭✭54and56


    Hurrache wrote: »
    There's no need for any Virgin Media hack. I'd factory reset the modem and get in touch with Virgin Media support via WhatsApp asking for an IPv4 address so you can put the modem into bridge mode, and you're done.

    So I got in touch with VM via WhatsApp who wouldn't deal with me as they are consumer/residential support only and I have a business account.

    Called their business support line and they confirmed that despite the Cisco router admin showing the modem is in Router Mode it's actually hard set my them in the firmware to Bridge Mode and can't be changed via the Modem interface hence the VM modem is doing nothing more than channelling internet to the devices which are directly connected to it by Ethernet LAN.

    hIuLPFY.jpg

    I have two devices connected directly to the VM Modem:-

    1. A family PC which doubles as a Plex Server. It has a static IP address assigned to it from the 5 static IP addresses VM gave me years ago.

    2. My TT Mesh Router which is set up with another of the Static IP addresses.

    As far as VM are concerned as long as their modem is set to bridge mode port forwarding is a matter for the TT Mesh system to handle and not something they can assist with :(

    I've tried engaging with TT Support but it's only available by email and tortiously slow.

    I'll get there eventually................I hope.

    Other than the port forwarding issue I have to say the TT MEsh System is working flawlessly throughout the house.


  • Registered Users, Registered Users 2 Posts: 7,258 ✭✭✭RangeR


    54and56 wrote: »
    I have two devices connected directly to the VM Modem:-

    1. A family PC which doubles as a Plex Server. It has a static IP address assigned to it from the 5 static IP addresses VM gave me years ago.

    2. My TT Mesh Router which is set up with another of the Static IP addresses.

    Connect nothing to the VM Bridged modem except the TT Mesh Router, unless you really, really, REALLY know what you are doing. There are no protection on those ports. Windows built in protections are designed to protect your computer assuming you are behind a strong firewall/NAT.

    Your Plex server doesn't need a public IP. Reset that to an internal static DCHP reservation with port forwarding. It's exactly the same if your primary IP is static and you're not doing any funny abuse stuff :) I've had that running for years with no problems, accessing externally.

    Actually, I'd blow your plex server out of the water. Maybe back up your plex database and other documents but I wouldn't keep anything else. Reformat and reinstall. But that PC is no longer safe.

    I remember tests about 10 years ago, where a pc was put on the internet without protection. It was infected and fitly within 30 minutes. You can't rely on windows 7/10 firewall as there could be various zero day exploits that we aren't even aware of yet.


  • Registered Users, Registered Users 2, Paid Member Posts: 8,031 ✭✭✭54and56


    RangeR wrote: »
    Connect nothing to the VM Bridged modem except the TT Mesh Router, unless you really, really, REALLY know what you are doing. There are no protection on those ports. Windows built in protections are designed to protect your computer assuming you are behind a strong firewall/NAT.

    Your Plex server doesn't need a public IP. Reset that to an internal static DCHP reservation with port forwarding. It's exactly the same if your primary IP is static and you're not doing any funny abuse stuff :) I've had that running for years with no problems, accessing externally.

    Actually, I'd blow your plex server out of the water. Maybe back up your plex database and other documents but I wouldn't keep anything else. Reformat and reinstall. But that PC is no longer safe.

    I remember tests about 10 years ago, where a pc was put on the internet without protection. It was infected and fitly within 30 minutes. You can't rely on windows 7/10 firewall as there could be various zero day exploits that we aren't even aware of yet.

    Crap, didn't cross my mind connecting the Plex server to the modem directly would be a problem.

    Does the fact the PC has a static IP address mitigate the risk in any way?


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 7,258 ✭✭✭RangeR


    54and56 wrote: »
    Crap, didn't cross my mind connecting the Plex server to the modem directly would be a problem.

    Does the fact the PC has a static IP address mitigate the risk in any way?


    None whatsoever. In fact it would make it more susceptible to attack as every port to that IP will hit your PC. anything attached to your VM modem in bridged mode is effectively out there on the internet without protection.


    Static address just makes the pc more visible.


Advertisement