Menu
Reply
  • 6
  • 0
  • 0
Mexas
Joining in
846 Views
Message 71 of 182
Flag for a moderator

Re: Business Hitron Router

Lots of downtime planned for Hilton Router users, anyone know what they are doing?

0 Kudos
Reply
  • 1
  • 0
  • 0
sampp
Joining in
791 Views
Message 72 of 182
Flag for a moderator

Re: Business Hitron Router

Hi All

I have recently signed up to 100mbit business broadband (with a single static IP address I think) and also have received the Hitron Router.  I have read through the previous posts but to be honest don't fully understand the issues and how these will affect me.

I would be grateful for some assistance.  I am using the virgin line as a failover line via a Draytek dual wan router. I would like to use port forwarding to access my server on the LAN. Will this be possible with the Hitron or am I screwed?  If so, is there a workaround?

Thanks in advance.

0 Kudos
Reply
  • 12
  • 0
  • 0
freedomit
Joining in
785 Views
Message 73 of 182
Flag for a moderator

Re: Business Hitron Router

I just found internet browsing to be very patchy but ping times were fine. I always tested with www.bbc.co.uk and sometimes you click a link fine and then another and the page just wouldn't ever load.

0 Kudos
Reply
  • 5
  • 0
  • 0
adamhr
Tuning in
761 Views
Message 74 of 182
Flag for a moderator

Re: Business Hitron Router

I've come across a customer that had a Hitron router installed with 5 static IPs.  The VM engineer reconfigured their printer's IP address to one of the static IPs, so its now directly accessible on the Internet!  In addition, he modified all the PCs so that they also had an IP address from the static range, plus their old IP from the private LAN range.  The default GW is set to the public IP of the Hitron router.  Luckily the PCs are not responding to port scans from the Internet, so guessing Windows Firewall is doing its job.

The setup is far from normal, as everything on the LAN that doesn't need to be accessed from the Internet should only have a private IP.  It seems there is no NAT on the Hitron, and reading some of the posts on this thread suggests this is by design?  Perhaps I've misunderstood that.

Is this the 'normal' configuration, or has the engineer made a boo-boo? 

BTW, he did remove the customer's old Draytek 2910 when he turned on the new VM service.  I thought that perhaps that could be reconnected to act as a firewall and NAT device if the Hitron can't do NAT, but some posts suggest this isn't possible until a firmware update is released to allow modem only mode?

 

Tags (4)
0 Kudos
Reply
  • 28
  • 0
  • 9
Zach8
On our wavelength
755 Views
Message 75 of 182
Flag for a moderator

Re: Business Hitron Router

I dream of 5 IP's no NAT.  Or just static IP no NAT.   Was this recent ?

0 Kudos
Reply
  • 5
  • 0
  • 0
adamhr
Tuning in
750 Views
Message 76 of 182
Flag for a moderator

Re: Business Hitron Router

Zach8 - no it was installed sometime in April.  Why do you dream of a service with no NAT?  In this case, having the customers devices set with public IP addresses poses a serious security risk - at the very least random port scans appear to be generating garbage output on the printer (50+ pages every other day), and at the very worst... well their data is no longer private and secure!

Only hardened devices should ever be given a public IP address, everything else should be hidden behind a Firewall on a private IP.

The customer has contacted VM business support, but was told to email them and expect a response within 72 hours.  Nice!

 

0 Kudos
Reply
  • 28
  • 0
  • 9
Zach8
On our wavelength
745 Views
Message 77 of 182
Flag for a moderator

Re: Business Hitron Router

Because, like many on this thread, I want to use the virgin service for business, I want them to supply a router and route me a subnet to present to my firewall so that I can maintain VLANs, NATs, logging, VPN's, QOS and... you know - normal stuff like what you would expect when you purchase a business broadband connection. 

Instead I have a router which I can either have a flaky static IP natted, or a dodgy dynamic IP presented.

  • 5
  • 0
  • 0
adamhr
Tuning in
737 Views
Message 78 of 182
Flag for a moderator

Re: Business Hitron Router

Zach8 - Seems there are different configurations in place.  My customer appears to have a service with 5 static IPs and a no-NAT configuration.  The engineer has reconfigured all the LAN devices and manually allocated an IP address from the static range to each device (it's a small office so 2-3 PCs and a printer).  DHCP is not enabled (or not available on the Hitron?)

It would have been better if he had connected the Draytek and used that as a Firewall and configured NAT on there.  But is that only possible if the Hitron is set to Modem only mode, which isn't supported when static IPs are used?

This customer doesn't need static IPs anyway, so not sure why he got them, a dynamic IP would have been fine.

 

0 Kudos
Reply
  • 28
  • 0
  • 9
Zach8
On our wavelength
734 Views
Message 79 of 182
Flag for a moderator

Re: Business Hitron Router

Hmm, perhaps it's time I called them again.. cheers

0 Kudos
Reply
  • 9.74K
  • 313
  • 839
legacy1
Hero
721 Views
Message 80 of 182
Flag for a moderator

Re: Business Hitron Router


adamhr wrote:

 Why do you dream of a service with no NAT?  In this case, having the customers devices set with public IP addresses poses a serious security risk


You do know its been proven you can be a security risk even with NAT don't you? In fact NAT routers themselves have been known to have security risks and so then all your devices are compromised and thats just for starter there are way more security risks that NAT can not protect you from.

Really the problem is the user (to some degree) and sure you can bubble rap them but then something will break for something they want to do that maybe safe and you can blame the problem on the ones that find the security holes but good luck finding them as in the ones that use the security holes for what even means.

0 Kudos
Reply