dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
2139
share rss forum feed


Blackadder

@wideopenwest.com

Ultra TV frustrations with gateway/router

I've had Ultra TV installed a few days and am trying to decide whether or not to keep it.
My network is still connected behind my wi-fi router (Asus RT-N16) which is now getting its WAN IP from the Arris gateway.
The problem with this configuration is that HomeConnect will apparently not function, yet I want to be able to use the nice Moxi interface to stream video, play music and display photos from my home server (WHS v1 that I'll be running a DLNA server on, probably Serviio)!
The reason I'm not simply connecting everything directly to the Arris gateway is concerns over security, confirmed here »My Beef with WOW Ultra TV internet

Some questions are:
1) Bridged mode is not available (even though it shows in the tooltip for "NAT mode")? Would bridged mode have enabled the gateway to see past my router to the DLNA server? Conversely, would it expose my network to the security flaws of the gateway?
2) Is there any way to change the username and password? I found conflicting info online -- I can't find in the gateway interface where to change it.
3) Is there a username with higher privileges that the "technician" WOW publishes? Some config options are greyed out (or maybe not shown at all?)
4) ShieldsUp (www.grc.com) shows port 80 is open. Why is this? How can it be closed?
5) What are the ethernet ports on the rear of the Media Players used for? Could they connect to my LAN?
6) Will VPN into my router work behind the gateway (no chance to test this yet)

Thanks!

lesmikesell

join:2013-06-10
Mount Prospect, IL
Are you logging into the gateway as 'admin'? I see a link on the first page to change the password. If I didn't have the admin password to the router I'd cancel the service without any further discussion.

ShieldsUp said nothing responded on mine - but oddly my TV reception had a big glitch during the probe.

The ethernet ports are not active on the media players - they get an IP on the coax/moca connection from the gateway out of its LAN range, and a DLNA server must be on the same subnet to work. I don't think you can make it work behind your other router.

SSL vpns (juniper, openvpn, etc. "just work" over NAT. The gateway has options for ipsec/pptp/l2tp pass through but I haven't tried them.

alan92rttt

join:2012-02-27
reply to Blackadder
You can not get the wow gateway to just be a bridge. It needs to be the gateway for the media players to function. They are IP over Coax devices.

I installed a second nic in my server and wired that to the gateway. Using the servers firewall I put limits on that NIC so that only DNLA services were available over it. All other traffic goes through the NIC connected to my router.


Blackadder

@wideopenwest.com
reply to lesmikesell
Thanks for your reply.

Turns out I could log in as "admin" simply by leaving the password BLANK! I then got a "Change Password" button on the Basic Setup screen. However, the admin account doesn't show any more gateway configuration options than the "technician" user has. The joke here is that changing the admin password is pointless since there's no way to modify/delete user accounts! Anyone with access to the gateway can use the "technician" user instead which has a fixed password that can be found by a google search or calling WOW tech support.
Good news is that I couldn't get to the gateway login screen from an outside IP so WAN-side admin must be disabled. Although port 80 is open I didn't see a web page and couldn't ping the gateway (I'd enabled ping blocking).

My WOW sales rep got back to me having run the Home Connect router issue past a tech he knows. He claims that in early days of system roll-out the ethernet ports were active on the media players but were subsequently deactivated. Not clear if the ethernet connection was back to the gateway (as an alternative to coax/MoCA) or for connecting to another network (such as a customer's router).

With my router NAT'd behind the WOW gateway I tried to connect to the router's PPTP VPN server. PPTP pass-through was enabled on the gateway but I couldn't establish a connection.
To get VPN access working I had to enable the gateway's DMZ and put my router there. But of course that breaks HomeConnect.


Blackadder

@wideopenwest.com
reply to alan92rttt
Thanks also for your reply.

I wondered about a dual-network solution so it's good to hear that you have it working and can restrict the traffic as you described.
In my case my server is an old HP MediaSmart WHSv1 so I can't add another NIC (well maybe via USB adapter... I'll have to check into that). The solution I'm considering is a separate PC with dual NICs running the DNLA server. Or abandon HomeConnect and use Roku for viewing my home media via the Roksbox app.

lesmikesell

join:2013-06-10
Mount Prospect, IL
reply to Blackadder
I thought you would only need to put your vpn in the DMZ if you want to be able to make inbound connections. But why not PPTP to your computer instead of a router on a different subnet? I can specify my dlna server as the dmz target and still use homeconnect.

The original Arris Moxi used the ethernet ports to connect to the gateway, but I don't think they were ever enabled in the WOW version and even if they were, they probably wouldn't bridge to more equipment.