Wifi mesh systems

RangeR wrote: »

You never want to connect any device to a bridged modem except another router. All ethernet ports on a bridged modem are effectively open to the internet with no protection. Your connected router [Deco in this case] is your protection so all internal devices [plex etc] should be connected to the Deco.


I heavily recommend getting a switch and connect it to the Deco, then connect your internal devices to the switch.


Again, NOTHING except the Deco, should be connected to the bridged modem.

I never knew this. Have Smart TV and IPTV connected to my bridged modem. What damage could I be doing?

degsie wrote: »

It's not you who will be doing the damage

So what...my home network will be compromised through the TV’s connection?

degsie wrote: »

If/when you move your tv to your home lan then yeah, maybe!

Good to know. Best keep them plugged in to the bridged modem so? Rather than risk bringing any issued on to the home network.

RangeR wrote: »

Your Smart TV is accessible to the internet. It is not secure. Smart TV's are developed with the assumption that a different device will provide most needed security. This device is your router/firewall. Assume that your Smart TV has no security features.

If there is a vulnerability found on your smart TV, you will be the first to find out. Actually, you might never know. Anything from being involved in a bot net [consuming your internet connection], bad actors able to see your viewing habits, steal your Netflix/Prime/other credentials to, at worst, wiping your TV software [bricked] if a kernel exploit is abused.

If I were you, I would disconnect those two devices. Deffo factory reset your TV [and hope for the best]. No idea on your IPTV but it's probably Linux based. Don't know if that can be factory reset safely. I would ONLY connect both devices to your router, maybe via a switch AFTER you have cleaned them, which may not be possible.

Take with a pinch of salt. You don't know me and I don't know your aversion to risk.

That’s really useful info, thanks! I never knew this about a bridged router. My IPTV box is actually connected directly to my mesh router so all good there. I’ll do a factory reset on the TV. Other than losing my Netflix and Prime password and having to re-install a few apps I can’t see any other issues.

I have an A/V receiver that would have been plugged in to the bridged router at one stage also. All it needs internet for is a periodic firmware update. Presume there isn’t anything to worry about here?

Thanks again.

RangeR wrote: »

I wouldn't even have a public webserver directly on the internet. I'd even put that behind a firewall and open only the ports it requires.

You’ve lost me here. What do you mean by a public webserver?

RangeR wrote: »

Sorry, I was just making an analogy with a piece of equipment that is designed and meant to be "out on the internet".


A public webserver would be the likes of boards.ie or facebook.com. Even they aren't "out on the internet" without security but always behind a firewall.


Trust your firewall/router... to a point. Don't trust the internet, ever.


Put your AV behind your router not behind the bridged modem.

Cool will do that. Never ceases to amaze what you can learn on Boards!!

Picked up a Deco E4 today with 2 units. Will I still be able to connect a PS4 or phones to the Virgin Media Hub or do I have to assign everything to the Decos.

Sexual Chocolate wrote: »

Picked up a Deco E4 today with 2 units. Will I still be able to connect a PS4 or phones to the Virgin Media Hub or do I have to assign everything to the Decos.

If the VM modem is bridged then EVERYTHING should be connected to the DECO. Wired or WIFI.

3 deco m4 arrived yesterday and I'll have a go at setting up over the next few days. I currently have the eir f2000 and plugged into that I have the hive hub.
Do I remove the f2000 altogether and just use the deco's or do I keep the f2000 and plug the first m4 into that and the other 2 around the house. I only want them to improve wifi deadspots around the house.
Thanks for any advice given.

babelfish1990 wrote: »

Leave the F2000 in place. Login to the router and disable 2.4GHz & 5GHz WiFi in it. Plug first Deco into a LAN port on F2000. Use other Decos to provide seamless WiFi across your home. You can continue to use Spare ports on F2000 for wired Ethernet devices.

Also put the decos in AP mode or you'll have double NAT.

Hi all,

I've a 200mb SME home office package with Virgin Media and a TaoTronics 3 node Mesh System all of which is working fine.

With 4 people sometimes on separate Teams/Zoom calls and up to 25 other devices (phones, tablets, IoT devices) etc all humming along in the background the 20mb upload limit is becoming a bottleneck so I want to upgrade to the 300mb package which will increase the upload speed by 50% to a max 30mb and see if that helps improve things when there is maximum use going on.

VM replaced the 12 year old Cisco router (which they said can't handle more than 200mb D/L) with a new Hitron router yesterday and said all settings including fixed IP address on the modem and bridged mode would be ported over once the new Hitron was set up.

I saw two new WiFi networks being offered this morning so logged into the new modem and saw that the Wireless option for both 2.4Ghz and 5Ghz were turned on so I've now toggled them off but now I'm wondering what else do I need to do.

I've looked for an option which toggles "Bridge" or "Router" mode but can't find it in any of the menu's and I also can't recall what other settings I should have on (or off) to ensure the Hitron Modem plays as nice as possible with the Mesh router.

I can see in LAN settings that the correct fixed IP address is assigned and that the only directly connected device to the modem is the fixed IP address of the TT Mesh Router which looks correct.

Can anyone tell me how to set or confirm the Hitron modem is in bridge rather than router mode and should I toggle any other settings away from their default e.g. should DHCP Status be enabled or disabled, UPNP IGD enabled or disabled, Port forwarding and/or port forwarding enabled or disabled?

This is what I get when I run a trace route

54and56 wrote: »

VM replaced the 12 year old Cisco router (which they said can't handle more than 200mb D/L) with a new Hitron router yesterday and said all settings including fixed IP address on the modem and bridged mode would be ported over once the new Hitron was set up.
I've looked for an option which toggles "Bridge" or "Router" mode but can't find it in any of the menu's and I also can't recall what other settings I should have on (or off) to ensure the Hitron Modem plays as nice as possible with the Mesh router.

Can anyone tell me how to set or confirm the Hitron modem is in bridge rather than router mode and should I toggle any other settings away from their default e.g. should DHCP Status be enabled or disabled, UPNP IGD enabled or disabled, Port forwarding and/or port forwarding enabled or disabled?

This is what I get when I run a trace route

I have multiple hitrons in various sites all on business accounts, as I said before. ring VM business support. They will bridge them there and then, then reboot. Not sure if you can do this yourself.

Thanks WLad.

WLad wrote: »

It really depends on what you had before? Did you have the old router in bridge mode? If so, are the Taotronics acting as your router?

Yes and yes.

WLad wrote: »

Only 1 DHCP per network unless you really know what you are doing. That means if its turned on on the router then the mesh system shouldn't be giving out addresses.

Yes, DHCP is turned on on the VM Hitron Modem and I don't see an option to toggle it on or off in the TT Mesh System admin app so hopefully it's just turned on in the VM Modem.

WLad wrote: »

Preferably only 1 router per network, again, unless you know what you are doing. If you put the new router in bridge mode then nothing should be connected directly to it and you need to make sure one of the nodes in the mesh is in router mode. This is super important, especially since its a business. If its in router mode connect whatever you want to it.

VM have confirmed the new Hitron modem is in bridge mode and the Trace Route doesn't appear to indicate double NAT'ing so I think all is good. The only thing connected directly via Ethernet to the Hitron Modem is the TT Mesh Router.

WLad wrote: »

If you had fixed addresses on your previous router then I'm guessing it wasn't in bridge mode anyway so you have nothing to change there. The only thing left to check is that your mesh network isn't also in router mode.

The Hitron modem is in bridge mode and does have a fixed IP address allocated to it. The TT Mesh Router is connected to the Hitron via Ethernet and also has a (different) fixed IP address allocated to it. That all sound correct function wise?

I think VM usually have a /30 subnet on business routers with fixed ip. You have only two usable wan IPs, one of which one is assigned to the Hitron. Did they explain this?

degsie wrote: »

I think VM usually have a /30 subnet on business routers with fixed ip. You have only two usable wan IPs, one of which one is assigned to the Hitron. Did they explain this?

Hi Degsie, no that was never explained to me and to be honest I've no idea what "/30 subnet" means or how only having one useable wan IP (as the other is assigned to the Hitron) could be impacting things. I've a small home office with 4 users on PC's laptops etc and have had this set up for 10 years or so. I want to upgrade from the 200mb package to the 300mb which will improve upload capacity by 50% from 20mb to 30mb so VM swapped out the old Cisco modem which maxed out at 200mb for a new Hitron modem which can handle >200mb.