Menu
Reply
Joining in
  • 6
  • 0
  • 0
Registered: ‎28-04-2016
Message 71 of 168 (693 Views)

Re: Business Hitron Router

[ Edited ]

Lots of downtime planned for Hilton Router users, anyone know what they are doing?

Reply
0 Kudos
Joining in
  • 1
  • 0
  • 0
Registered: ‎28-06-2016
Message 72 of 168 (638 Views)

Re: Business Hitron Router

Hi All

I have recently signed up to 100mbit business broadband (with a single static IP address I think) and also have received the Hitron Router.  I have read through the previous posts but to be honest don't fully understand the issues and how these will affect me.

I would be grateful for some assistance.  I am using the virgin line as a failover line via a Draytek dual wan router. I would like to use port forwarding to access my server on the LAN. Will this be possible with the Hitron or am I screwed?  If so, is there a workaround?

Thanks in advance.

Reply
0 Kudos
Joining in
  • 12
  • 0
  • 0
Registered: ‎22-04-2016
Message 73 of 168 (632 Views)

Re: Business Hitron Router

I just found internet browsing to be very patchy but ping times were fine. I always tested with www.bbc.co.uk and sometimes you click a link fine and then another and the page just wouldn't ever load.

Reply
0 Kudos
Tuning in
  • 5
  • 0
  • 0
Registered: ‎29-06-2016
Message 74 of 168 (608 Views)

Re: Business Hitron Router

I've come across a customer that had a Hitron router installed with 5 static IPs.  The VM engineer reconfigured their printer's IP address to one of the static IPs, so its now directly accessible on the Internet!  In addition, he modified all the PCs so that they also had an IP address from the static range, plus their old IP from the private LAN range.  The default GW is set to the public IP of the Hitron router.  Luckily the PCs are not responding to port scans from the Internet, so guessing Windows Firewall is doing its job.

The setup is far from normal, as everything on the LAN that doesn't need to be accessed from the Internet should only have a private IP.  It seems there is no NAT on the Hitron, and reading some of the posts on this thread suggests this is by design?  Perhaps I've misunderstood that.

Is this the 'normal' configuration, or has the engineer made a boo-boo? 

BTW, he did remove the customer's old Draytek 2910 when he turned on the new VM service.  I thought that perhaps that could be reconnected to act as a firewall and NAT device if the Hitron can't do NAT, but some posts suggest this isn't possible until a firmware update is released to allow modem only mode?

 

Reply
0 Kudos
On our wavelength
  • 28
  • 0
  • 9
Registered: ‎07-04-2016
Message 75 of 168 (602 Views)

Re: Business Hitron Router

I dream of 5 IP's no NAT.  Or just static IP no NAT.   Was this recent ?

Reply
0 Kudos
Tuning in
  • 5
  • 0
  • 0
Registered: ‎29-06-2016
Message 76 of 168 (597 Views)

Re: Business Hitron Router

Zach8 - no it was installed sometime in April.  Why do you dream of a service with no NAT?  In this case, having the customers devices set with public IP addresses poses a serious security risk - at the very least random port scans appear to be generating garbage output on the printer (50+ pages every other day), and at the very worst... well their data is no longer private and secure!

Only hardened devices should ever be given a public IP address, everything else should be hidden behind a Firewall on a private IP.

The customer has contacted VM business support, but was told to email them and expect a response within 72 hours.  Nice!

 

Reply
0 Kudos
On our wavelength
  • 28
  • 0
  • 9
Registered: ‎07-04-2016
Message 77 of 168 (592 Views)

Re: Business Hitron Router

Because, like many on this thread, I want to use the virgin service for business, I want them to supply a router and route me a subnet to present to my firewall so that I can maintain VLANs, NATs, logging, VPN's, QOS and... you know - normal stuff like what you would expect when you purchase a business broadband connection. 

Instead I have a router which I can either have a flaky static IP natted, or a dodgy dynamic IP presented.

Tuning in
  • 5
  • 0
  • 0
Registered: ‎29-06-2016
Message 78 of 168 (584 Views)

Re: Business Hitron Router

Zach8 - Seems there are different configurations in place.  My customer appears to have a service with 5 static IPs and a no-NAT configuration.  The engineer has reconfigured all the LAN devices and manually allocated an IP address from the static range to each device (it's a small office so 2-3 PCs and a printer).  DHCP is not enabled (or not available on the Hitron?)

It would have been better if he had connected the Draytek and used that as a Firewall and configured NAT on there.  But is that only possible if the Hitron is set to Modem only mode, which isn't supported when static IPs are used?

This customer doesn't need static IPs anyway, so not sure why he got them, a dynamic IP would have been fine.

 

Reply
0 Kudos
On our wavelength
  • 28
  • 0
  • 9
Registered: ‎07-04-2016
Message 79 of 168 (581 Views)

Re: Business Hitron Router

Hmm, perhaps it's time I called them again.. cheers

Reply
0 Kudos
Hero
  • 9.41K
  • 297
  • 807
Registered: ‎29-01-2011
Message 80 of 168 (568 Views)

Re: Business Hitron Router


adamhr wrote:

 Why do you dream of a service with no NAT?  In this case, having the customers devices set with public IP addresses poses a serious security risk


You do know its been proven you can be a security risk even with NAT don't you? In fact NAT routers themselves have been known to have security risks and so then all your devices are compromised and thats just for starter there are way more security risks that NAT can not protect you from.

Really the problem is the user (to some degree) and sure you can bubble rap them but then something will break for something they want to do that maybe safe and you can blame the problem on the ones that find the security holes but good luck finding them as in the ones that use the security holes for what even means.

Reply
0 Kudos