Re: Home Network Issues
On 10/09/2012 09:49, Martin A. Brooks wrote: Hi From: Jacqui Carenjacqui.ca...@ntlworld.com To: london pmlondon.pm@london.pm.org Sent: Monday, 10 September, 2012 8:26:25 AM Subject: Re: Home Network Issues IMHO the idea of your router doing WAP duty is just plain nuts. Why? The wireless zone is then seperate from the firewall. If someone hacks through the WAP they then have to work past my firewall to the other zones/subnetworks or into the firewall box itself. If the WAP *is* the router and main firewall once they get in it is more likely they will gain access to the rest of the network - as most people (I know configure a router's WAP as the trusted home network - and all the thompson routers I have seen don't even have an admin password configured - anyone on the home betwork can reconfigure the router :-/ It may be old school but I believe in layers - preferably on seperate hardware and software! Jacqui pessemist Caren
Re: Home Network Issues
On 10/09/2012 09:49, Martin A. Brooks wrote: Hi From: Jacqui Carenjacqui.ca...@ntlworld.com To: london pmlondon.pm@london.pm.org Sent: Monday, 10 September, 2012 8:26:25 AM Subject: Re: Home Network Issues IMHO the idea of your router doing WAP duty is just plain nuts. Why? My apologies - I would not have replied to this in L-PM. I thought it was uk-not... Jacqui
Re: Home Network Issues
On 09/09/2012 13:34, Dave Cross wrote: Except, after I while I noticed a problem. All of the devices on the internal network could still connect to the internet, but they could no longer connect to each other. In fact, they could no longer even see each other. I bought a 10-20UKP wireless access point thing from my local novatech. I configured it to use a specific IP range and told it where the local dhcpd and DNS servers are. Then added relevant security keys, the MAC's for each wireless device and told it to block anything not listed. I have had a few hack attempts (school opposite and doctors surgery next door) but nothing had gotten in yet. IMHO the idea of your router doing WAP duty is just plain nuts. I have cablemodem/routers - linux gateway - WAP/internal network zones. Jacqui
Re: Home Network Issues
On Mon, 2012-09-10 at 08:26 +0100, Jacqui Caren wrote: IMHO the idea of your router doing WAP duty is just plain nuts. Why do you think that?
Re: Home Network Issues
Hi From: Jacqui Caren jacqui.ca...@ntlworld.com To: london pm london.pm@london.pm.org Sent: Monday, 10 September, 2012 8:26:25 AM Subject: Re: Home Network Issues IMHO the idea of your router doing WAP duty is just plain nuts. Why? -- Martin A. Brooks http://antibodyMX.net/ - antispam antivirus email filtering.
Home Network Issues
Hi, I'm hoping the collective intelligence of london.pm can help me fix a problem I've been having for a few weeks. I get my internet connection from Be. I'm happy with them. I use their supplied BeBox[1]. Everything[2] connects to it through wifi. All is good. Everything can talk to the internet. And everything on the internal network can talk to everything else on the internal network. The wireless network was unprotected. This was bad off me. A few months ago I started to get email from Be saying that I had to update the firmware in my BeBox so that it would work with a network upgrade they were in the process of rolling out. I put this off for weeks and their emails got more and more desperate. Finally, a few weeks ago I bit the bullet and upgraded the firmware. It took a while but eventually I finished and everything seemed to work. Except, after I while I noticed a problem. All of the devices on the internal network could still connect to the internet, but they could no longer connect to each other. In fact, they could no longer even see each other. $ ping 192.168.1.64 PING 192.168.1.64 (192.168.1.64) 56(84) bytes of data. From 192.168.1.67 icmp_seq=1 Destination Host Unreachable From 192.168.1.67 icmp_seq=2 Destination Host Unreachable I've posted a query about this on the Be forum. And I've had a few suggestions. But nothing has worked. I'm a bit of a networking idiot. As long as things work, I'm fine. But when I get problems like this, my knowledge runs out very quickly. So I'm turning to the fine denizens of this list in the hope that some of you will have an idea or two. Has anyone else on Be done the same upgrade? Have you had similar problems? What did you do to fix them? Alternatively... Does anyone have any suggestions on how I could fix this problem? Thanks all, Cheers, Dave... [1] Actually a rebranded Thomson TG587n v2 [2] Where everything is a couple of Linux PCs, a Macbook, a Wii and a couple of Samsung internet-enabled Bluray players. A printer. Oh and smartphones. -- Dave Cross :: d...@dave.org.uk http://dave.org.uk/ @davorg
Re: Home Network Issues
On 9 Sep 2012, at 13:34, Dave Cross wrote: [...] $ ping 192.168.1.64 PING 192.168.1.64 (192.168.1.64) 56(84) bytes of data. From 192.168.1.67 icmp_seq=1 Destination Host Unreachable From 192.168.1.67 icmp_seq=2 Destination Host Unreachable What host is 192.168.1.67? The one you're pinging from? Run arp -a (you may need to be root) to have a look at the ARP tables. It should show something like this: # arp -a ? (172.27.164.44) at incomplete on eth0 ? (172.27.164.73) at e8:06:88:79:93:ef [ether] on eth0 ? (172.27.164.98) at 40:3c:fc:04:07:5a [ether] on eth0 ARP is a broadcast protocol for discovering the MAC address of the Ethernet device for a given IP address, and that command dumps the table. In that example, I pinged 172.27.164.44 which doesn't exist on my network, so nothing responded to the ARP request and it shows as incomplete. The other addresses do exist, and you can see the MAC addresses. You should also see your default gateway's MAC address (probably 192.168.1.1 or perhaps 192.168.1.254), or you wouldn't be able to connect to the Internet at all. Your router may well be filtering ARP requests, even between switch ports. This shouldn't happen on a real switch, but perhaps the SOC has multiple Ethernet ports on it and it was cheaper to implement a switch in software and somebody cocked it up. If the software really is that bad, it's probably best to treat it as highly suspect and turn off as much as possible, then drop a £40 broadband router in front of it. These aren't generally much better - they contain software, after all - but at least the Netgear one I use for this exact purpose has a hardware switch and Wifi bridge between its ports marked LAN, and I ignore the port marked Internet that the software mangles. Or you can use a dumb switch - I have one free to a good home here - and plug a standalone access point such as an Apple Airport into it. (The Airport does cost twice as much as the Netgear, but it's not just because it's got an Apple badge on it. It really is a much better access point.)
Re: Home Network Issues
On Sun, Sep 09, 2012 at 01:34:07PM +0100, Dave Cross wrote: Except, after I while I noticed a problem. All of the devices on the internal network could still connect to the internet, but they could no longer connect to each other. In fact, they could no longer even see each other. I would check the netmask $ ifconfig eth0 Link encap:Ethernet HWaddr fe:ff:00:00:5f:50 inet addr:212.110.186.220 Bcast:212.110.186.255 Mask:255.255.255.0 (plus loads more) I wonder if it is trying to route across the internet.
Re: Home Network Issues
On Sun, Sep 9, 2012 at 1:34 PM, Dave Cross d...@dave.org.uk wrote: snip Finally, a few weeks ago I bit the bullet and upgraded the firmware. It took a while but eventually I finished and everything seemed to work. Except, after I while I noticed a problem. All of the devices on the internal network could still connect to the internet, but they could no longer connect to each other. In fact, they could no longer even see each other. $ ping 192.168.1.64 PING 192.168.1.64 (192.168.1.64) 56(84) bytes of data. From 192.168.1.67 icmp_seq=1 Destination Host Unreachable From 192.168.1.67 icmp_seq=2 Destination Host Unreachable Has anyone else on Be done the same upgrade? Have you had similar problems? What did you do to fix them? The upgrade blows away any custom config, was yours? If so did you save and restore? You could try posting the config: Home Thomson Gateway Configuration Save or Restore Configuration
Re: Home Network Issues
On 09/09/2012 01:34 PM, Dave Cross wrote: All of the devices on the internal network could still connect to the internet, but they could no longer connect to each other. In fact, they could no longer even see each other. And, as so often happens in these cases, having taken the time to describe the problem in some depth, I now have a fix from a completely different source. The wireless network config screen for the BeBox has an allow multicast checkbox. That was, of course, checked. One of the suggestions from the Be forum was to uncheck it. That was unintuitive (surely we don't want to disallow multicast) but I tried it anyway. The result was, as I suspected, to make things even worse. Now the PCs couldn't even ping the router (although they could still see the internet). That made it hard to get to the web-based config screens until I used a wired connection. I could then re-check the checkbox to allow multicast again. And that fixed the problem. Now everything can see everything else. So it seems that the firmware upgrade left that option in a dodgy state. And turning it off and on again was needed to unwedge it. Thanks for the suggestions everyone. Dave... -- Dave Cross :: d...@dave.org.uk http://dave.org.uk/ @davorg