My Billion bipac7800n has thrown a wobbly after a power cut.
It fails to remember settings and won't connect.
If this proves to be terminal, I'll be on the lookout for a new router.
What are your recommendations?
It has to have a strong WiFi signal as my walls are over 2 feet thick.
I happen to have an idle 7800n at the moment if you want to stick with the same? I bought it from Pen a while back but ISP swapped router with a wireless one and we repositioned things better so now the 7800n is sat in a drawer :rolleyes:
Coincidentally, I have been searching on routers yesterday as I'm probably going to buy one as well.
Have been reading some good stuff on the Nighthawk (several models).
I'm not sure if it's going to be a consumer single unit type thing, or perhaps a stand alone MikroTik router (http://www.eurodk.com/en/products/routers/routerboard-3011uias-rm) with a couple of Ubiquiti UniFi APs (http://www.eurodk.com/en/products/unifi).
Price comes to around the same, if you're going for a high-end consumer unit. The MikroTik does need to be configured.
Perhaps someone with router purchasing experience can throw a bone?
Mikrotik gets a huge thumbs up here: Either this: http://routerboard.com/RB2011UiAS-2HnD-IN
Or this: http://routerboard.com/RB3011UiAS-RM (Which is what I've got at home)
Fantastic routers and very powerful with a full feature set that you'll not find on any other router at that price.
If you're hardcore, try a Juniper SRX210. The CLI is pretty easy to learn and they do most things the bigger boxes do right down to BGP.
http://www.ebay.co.uk/sch/i.html?_odkw=%22juniper+mx210%22&_osacat=0&_from=R40&_trksid=p2045573.m570.l1313.TR0.TRC0.H0.X%22juniper+srx210%22.TRS0&_nkw=%22juniper+srx210%22&_sacat=0
Thanks for the replies fellas.
I don't think I'm 'hardcore' enough to manage the last 3 selections though.
I'm interested in the spare bipac though monkey, I've been happy with mine till now. I'll PM you.
Quote from: Gandalf;411084Mikrotik gets a huge thumbs up here: Either this: http://routerboard.com/RB2011UiAS-2HnD-IN
Or this: http://routerboard.com/RB3011UiAS-RM (Which is what I've got at home)
Fantastic routers and very powerful with a full feature set that you'll not find on any other router at that price.
The 3011UiAS-RM is the one I'm looking at. I was going to buy the older model last year, but that one still had 10/100 ports in it.
Configuring the thing will not be easy though. I'm rusty with networking as I haven't done anything in the past year.
I'll have to think about it.
Quote from: Gorion;411088The 3011UiAS-RM is the one I'm looking at. I was going to buy the older model last year, but that one still had 10/100 ports in it.
Configuring the thing will not be easy though. I'm rusty with networking as I haven't done anything in the past year.
I'll have to think about it.
I've got some great starting configs I can send if you want. Depending on how you're connecting to the interwebs of course. Mine is dhcp client on the WAN.
I an asus n66u blunt it works great for me and has very good wireless range, it is also easy to configure for cs:go to get priority traffic :)
https://www.overclockers.co.uk/asus-rt-n66u-black-diamond-dual-band-wireless-n900-gigabit-router-nw-049-as.html
There is also a newer version with the ac wifi..
I can thoroughly recommend the Linksys EA range of routers.
Ive had a fair number of routers over the years and all of them have had issues at one point or another and all needed to be rebooted on a number of occasions, with the exception of my EA4500. Since I've had it it just worked and I've never had the need to reboot it (other than after firmware updates), and although it's now a few years old, it's still one of the fastest routers around.
If I ever feel the need to upgrade then I'll be looking at the newer EA models myself.
Quote from: Gandalf;411089I've got some great starting configs I can send if you want. Depending on how you're connecting to the interwebs of course. Mine is dhcp client on the WAN.
That would be very handy.
My WAN is also based on DHCP, on the ISP's end. Service is given via PPTP.
ok, this is only really firewall info. Do quickset first to get up and running. Then comment all the existing auto added firewall rules as they change depending on the release. This config is from the latest stable 6.34.2
Paste the lot in, assuming you're using the default 192.168.88.0/24 range internally.
Once in, check the firewall rules for duplicates and remove as necessary.
# mar/02/2016 18:46:10 by RouterOS 6.34.2
#
/system logging action
set 0 memory-lines=300
set 1 disk-lines-per-file=300
add memory-lines=2000 name=FirewallHits target=memory
/ip firewall address-list
add address=192.168.88.0/24 list=safe
/ip firewall filter
add action=fasttrack-connection chain=forward comment="Brightstar configuration" connection-state=established,related
add chain=forward comment="Allow related and established" connection-state=established,related
add action=drop chain=forward comment="Drop invalid packets" connection-state=invalid
add action=drop chain=forward comment="Drop invalid packets" connection-nat-state=!dstnat connection-state=new in-interface=ether1-gateway
add chain=input comment="Allow related and established" connection-state=established,related
add chain=input comment="Allow access to router from known network" src-address-list=safe
add action=drop chain=input comment="Drop invalid packets" connection-state=invalid
add action=drop chain=input comment="Detect and drop port scan connections" protocol=tcp psd=21,3s,3,1
add action=tarpit chain=input comment="Suppress DoS attack" connection-limit=3,32 protocol=tcp src-address-list=black_list
add action=add-src-to-address-list address-list=black_list address-list-timeout=1d chain=input comment="Detect DoS attack" connection-limit=10,32 protocol=tcp
add action=jump chain=input comment="Jump to chain ICMP" jump-target=ICMP protocol=icmp
add action=jump chain=input comment="Jump to chain services" jump-target=services
add chain=input comment="Allow Broadcast Traffic" dst-address-type=broadcast
add action=log chain=input log-prefix=Filter:
add action=drop chain=input comment="Drop everything else"
add chain=ICMP comment="0:0 and limit for 5pac/s" icmp-options=0 limit=5,5:packet protocol=icmp
add chain=ICMP comment="3:3 and limit for 5pac/s" icmp-options=3:3 limit=5,5:packet protocol=icmp
add chain=ICMP comment="3:4 and limit for 5pac/s" icmp-options=3:4 limit=5,5:packet protocol=icmp
add chain=ICMP comment="8:0 and limit for 5pac/s" icmp-options=8 limit=5,5:packet protocol=icmp
add chain=ICMP comment="11:0 and limit for 5pac/s" icmp-options=11 limit=5,5:packet protocol=icmp
add action=drop chain=ICMP comment="Drop everything else" protocol=icmp
add chain=services comment="Accept localhost" dst-address=127.0.0.1 src-address=127.0.0.1
add chain=services comment="Allow MACwinbox " disabled=yes dst-port=20561 protocol=udp
add chain=services comment="Bandwidth server" disabled=yes dst-port=2000 protocol=tcp
add chain=services comment=" MT Discovery Protocol" disabled=yes dst-port=5678 protocol=udp
add chain=services comment="Allow SNMP" disabled=yes dst-port=161 protocol=tcp
add chain=services comment="Allow BGP" disabled=yes dst-port=179 protocol=tcp
add chain=services comment="Allow BGP" disabled=yes dst-port=5000-5100 protocol=udp
add chain=services comment="Allow NTP" disabled=yes dst-port=123 protocol=udp
add chain=services comment="Allow PPTP" disabled=yes dst-port=1723 protocol=tcp
add chain=services comment="Allow PPTP and EoIP" disabled=yes protocol=gre
add chain=services comment="Allow DNS request" disabled=yes dst-port=53 protocol=tcp
add chain=services comment="Allow DNS request" disabled=yes dst-port=53 protocol=udp
add chain=services comment=UPnP disabled=yes dst-port=1900 protocol=udp
add chain=services comment=UPnP disabled=yes dst-port=2828 protocol=tcp
add chain=services comment="Allow DHCP" disabled=yes dst-port=67-68 protocol=udp
add chain=services comment="Allow Web Proxy" disabled=yes dst-port=8080 protocol=tcp
add chain=services comment="Allow IPIP" disabled=yes protocol=ipencap
add chain=services comment="Allow https for Hotspot" disabled=yes dst-port=443 protocol=tcp
add chain=services comment="Allow Socks for Hotspot" disabled=yes dst-port=1080 protocol=tcp
add chain=services comment="Allow IPSec connections" disabled=yes dst-port=500 protocol=udp
add chain=services comment="Allow IPSec" disabled=yes protocol=ipsec-esp
add chain=services comment="Allow IPSec" disabled=yes protocol=ipsec-ah
add chain=services comment="Allow RIP" disabled=yes dst-port=520-521 protocol=udp
add chain=services comment="Allow OSPF" disabled=yes protocol=ospf
add action=return chain=services
/ip firewall nat
add action=masquerade chain=srcnat comment="default NAT rule - gw" out-interface=ether1-gateway src-address=192.168.88.0/24
/ip firewall service-port
set sip disabled=yes ports=5060,5062
/ip service
set telnet address=192.168.88.0/24
set ftp address=192.168.88.0/24 disabled=yes
set www address=192.168.88.0/24 disabled=yes
set ssh address=192.168.88.0/24
set www-ssl address=192.168.88.0/24
set api address=192.168.88.0/24 disabled=yes
set winbox address=192.168.88.0/24
set api-ssl address=192.168.88.0/24 disabled=yes
/system logging
set 0 topics=info,!firewall
set 1 action=disk
set 2 action=disk
add action=disk topics=critical
add action=FirewallHits topics=firewall
Quote from: Gorion;411083with a couple of Ubiquiti UniFi APs (http://www.eurodk.com/en/products/unifi).
...
Perhaps someone with router purchasing experience can throw a bone?
I'm really tempted to drop money on those AP's as they have a reputation of being the most reliable for throughput with many devices rather than high speed for a few clients.
My aging OpenWRT flashed TP-Link AP's keep failing and need constant reboots (although OpenWRT is still more reliable than the vendor ROM).
For the actual router itself, I splashed on a Ubiquiti EdgeRouter LITE (http://www.ubnt.com/edgemax/edgerouter-lite/).
Seriously good router for the money, just bring your own wireless to the party.
For the more technical, this router's firmware is on a removable USB stick inside the housing - so I removed that and put a NetBSD image in there instead as that's my OS of choice.
Up time of months ... well the only thing that reboots it is a power outage. Fast and reliable.
However, this is a technical product, even the vendor supplied OS isn't that great for an easy confiugration.
Nice suggestions but a little complicated for me.
I'm trying to find a simple modem router but with large wi-fi coverage. Someone suggested it needed to be AC so I looked at this. http://www.amazon.co.uk/R8000-100UKS-Nighthawk-X6-AC3200-Processors-Beamforming/dp/B00TDV2IS4/ref=sr_1_1?ie=UTF8&qid=1458135887&sr=8-1&keywords=netgear+nighthawk
But am I right in thinking this isn't a modem so how does one connect to it from the phone socket. I know this makes me sound totally techi-echallenged
Depends on how you're connected.
If you're ADSL then you'll need a PPPoA <> PPPoE bridge between the router and the phone socket - like this:
http://www.amazon.co.uk/DrayTek-Vigor-ADSL-Ethernet-Modem/dp/B00F9E5LQA/ref=sr_1_1?ie=UTF8&qid=1458137998&sr=8-1&keywords=pppoe+bridge
If you're FTTC then you probably don't as I think the NETGEAR R8000-100UKS R8000 has a PPPoE client built in, so just connect it to your OpenReach modem via a standard RJ45 patch cable.
Quote from: Penfold;411552Nice suggestions but a little complicated for me.
I'm trying to find a simple modem router but with large wi-fi coverage. Someone suggested it needed to be AC so I looked at this. http://www.amazon.co.uk/R8000-100UKS-Nighthawk-X6-AC3200-Processors-Beamforming/dp/B00TDV2IS4/ref=sr_1_1?ie=UTF8&qid=1458135887&sr=8-1&keywords=netgear+nighthawk
But am I right in thinking this isn't a modem so how does one connect to it from the phone socket. I know this makes me sound totally techi-echallenged
Not sure how versed you are, so I'm going very simple.
To oversimplify it, the modem is used to modulate/demodulate signals. To take an example, say you have an ADSL connection with the ISP's wiring being plain old telephone wires. Your NIC uses digital signals (1/0 / Square Waves), and the ISP cabling uses Sine Waves (Analogue). The modem simply forms/alters digital to analogue and vice-versa. A Chinese to English to Chinese translator.
The router is the one doing all the networking tasks.
The nighthawk is a router and AP, so networking tasks + wireless, and thus you need a modem in between the phone socket and the router. You might also have a centralised filter which is a match box sized piece of plastic splitting your phone output to a phone and RJ11 output; which goes into your modem.
Usually ISPs supply you with their own modem, which is generally a modem, router, and AP all packed into a single box. IF that's your case, you need to set that all-in-one box into bridge mode, so all the networking and AP stuff are handled by the router, and the all-in-one only does the modem tasks.
Another solution if you already have an all-in-one box, is to buy some access points and connect them. This way you'll have all the wireless coverage you need without having to go through any hassle. Some minor configurations are required, but it's straightforward.
If something is confusing/not clear/ or need more help in a particular area; ask away. Knowing how you are connected helps a lot. Take a couple of pictures of your current setup, and the ports your devices have.
Thanks.
An all-in-one would be easier and cheaper but I'm hopeful splitting it out between a modem and a router would give me best wifi coverage.
Quote from: Penfold;411583Thanks.
splitting it out between a modem and a router would give me best wifi coverage.
Not really. Keep in mind that the modem does not provide WiFi. Get an all-in-one, add a good access point, and you're set.
Number of APs needed depend on the size of your house/garden plus wall materials. Considering average UK house sizes, a good all-in-one, or a budget all-in-one plus a single Ubiquiti AP is probably all you need. Might need to check with some brits on how much the WiFi signal is absorbed by UK walls.
Spell Casting THREAD RESURRECTION
Ok some my Billion has also gone the way of Blunts any one got any views on new kit out there?
I got a spare Billion I could pass on for a few beers if you want?
Billion BiPAC 7800N (vintage 2011 model)
Let me know if you want it.
If he doesn't, I will.
Mine sucks.
Thanks TL I have managed to move my wireless to my AP and it sorts my house out. So thanks for the offer but I think I am fine for the moment.
Glad you got it sorted.
Pen, we can add this router to the agenda for our next chat!
Sent from my Nexus 5 using Tapatalk
Finally purchased a RouterBoard 3011UiAS-RM for myself. Quite a bunch of features, however not exactly user friendly.
Unfortunately, UPnP does not work. Have to constantly enable/disable the feature and then perhaps it works for a while.
Port forwarding / NAT doesn't seem to work as it supposed to. The rules I added barely show any traffic on them, with the amounts of packets going through them being strangely low when hosting a server.
For example, a TS3 9987 udp port (voice-server) had a total of 124 bytes after an hour and a half of usage by two persons, which sounds strange to me. Before creating such rule, no one could connect, after creating the rule they managed to connect, and when disabling the rule and asking others to re-connect (for testing purposes), they managed to connect anyhow, which does not make any sense at all. If a rule allowing someone to punch through a firewall is disabled, I expect that someone to be blocked by the firewall, and not manage to connect.
These are they sorts of NAT rules I'm using, which have been recommended as working by users on their forums:
add chain=dstnat action=dst-nat in-interface=pppoe-out1 dst-port=9987 to-addresses=192.168.88.254 to-ports=9987 protocol=udp
There is also an src-nat masquerading the (out interface) pppoe-out1 . This rule is sitting at the top of the NAT list.
192.168.88.254 is the first IP that was handed out automatically by the router to my workstation, which I then reserved via the routers DHCP server. (N/A 192.168.88.0/24 GTW 192.168.88.1)
pppoe-out1 is a virtual interface created by the router itself via quickset, which is probably virtualised on ether1 which is the port which is being fed via the modem. The router is being used to dial a pppoe connection to the ISP which hands out dynamic external IPs; not static.
I tried to use ether1 as the out-interface, however that results in no net access, thus apparently one can't do that when using a pppoe ISP connection.
Perhaps someone with more routing experience can shed some light?
Quote from: Gorion;423439Finally purchased a RouterBoard 3011UiAS-RM for myself. Quite a bunch of features, however not exactly user friendly.
Unfortunately, UPnP does not work. Have to constantly enable/disable the feature and then perhaps it works for a while.
Port forwarding / NAT doesn't seem to work as it supposed to. The rules I added barely show any traffic on them, with the amounts of packets going through them being strangely low when hosting a server.
For example, a TS3 9987 udp port (voice-server) had a total of 124 bytes after an hour and a half of usage by two persons, which sounds strange to me. Before creating such rule, no one could connect, after creating the rule they managed to connect, and when disabling the rule and asking others to re-connect (for testing purposes), they managed to connect anyhow, which does not make any sense at all. If a rule allowing someone to punch through a firewall is disabled, I expect that someone to be blocked by the firewall, and not manage to connect.
These are they sorts of NAT rules I'm using, which have been recommended as working by users on their forums:
add chain=dstnat action=dst-nat in-interface=pppoe-out1 dst-port=9987 to-addresses=192.168.88.254 to-ports=9987 protocol=udp
There is also an src-nat masquerading the (out interface) pppoe-out1 . This rule is sitting at the top of the NAT list.
192.168.88.254 is the first IP that was handed out automatically by the router to my workstation, which I then reserved via the routers DHCP server. (N/A 192.168.88.0/24 GTW 192.168.88.1)
pppoe-out1 is a virtual interface created by the router itself via quickset, which is probably virtualised on ether1 which is the port which is being fed via the modem. The router is being used to dial a pppoe connection to the ISP which hands out dynamic external IPs; not static.
I tried to use ether1 as the out-interface, however that results in no net access, thus apparently one can't do that when using a pppoe ISP connection.
Perhaps someone with more routing experience can shed some light?
Upnp should work on the mikrotik boards. (Tho Upnp is notoriously insecure)
https://wiki.mikrotik.com/wiki/Manual:IP/UPnP
If your isp requires PPPoE, it would explain why you can only use the PPPoE out interface. AS the ISP requires the PPPoE connection to be used for datastreams. (PPPoE gives the ISP a lot more control over the costumer)
Could you drop your config here, would make it a tad easier to tshoot
[spoiler=conf]# may/30/2017 13:26:32 by RouterOS 6.39.1
# software id = IW3I-6FZ5
#
/interface bridge
add admin-mac=mac auto-mac=no comment=defconf fast-forward=no name=bridge
/interface ethernet
set [ find default-name=ether2 ] name=ether2-master
set [ find default-name=ether3 ] master-port=ether2-master
set [ find default-name=ether4 ] master-port=ether2-master
set [ find default-name=ether5 ] master-port=ether2-master
set [ find default-name=ether6 ] name=ether6-master
set [ find default-name=ether7 ] master-port=ether6-master
set [ find default-name=ether8 ] master-port=ether6-master
set [ find default-name=ether9 ] master-port=ether6-master
set [ find default-name=ether10 ] master-port=ether6-master
/interface pppoe-client
add add-default-route=yes disabled=no interface=ether1 name=pppoe-out1 password="mypassword" use-peer-dns=yes user=user@isp
/ip neighbor discovery
set ether1 discover=no
/ip pool
add name=dhcp ranges=192.168.88.10-192.168.88.254
/ip dhcp-server
add address-pool=dhcp authoritative=after-2sec-delay disabled=no interface=bridge name=defconf
/interface bridge port
add bridge=bridge comment=defconf interface=ether2-master
add bridge=bridge comment=defconf interface=ether6-master
add bridge=bridge comment=defconf interface=sfp1
/interface bridge settings
set use-ip-firewall=yes
/interface l2tp-server server
set caller-id-type=ip-address
/ip address
add address=192.168.88.1/24 comment=defconf interface=ether2-master network=192.168.88.0
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid interface=ether1
/ip dhcp-server lease
add address=192.168.88.253 client-id=id mac-address=mac server=defconf
add address=192.168.88.250 client-id=id mac-address=mac server=defconf
add address=192.168.88.251 client-id=id mac-address=mac server=defconf
add address=192.168.88.254 client-id=id mac-address=mac server=defconf
/ip dhcp-server network
add address=192.168.88.0/24 comment=defconf gateway=192.168.88.1
/ip dns
set allow-remote-requests=yes
/ip dns static
add address=192.168.88.1 name=router
/ip firewall filter
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,related
add action=accept chain=forward comment="defconf: accept established,related" connection-state=established,related
add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid
add action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=new in-interface=\
ether1
add action=accept chain=input protocol=icmp
add action=accept chain=input connection-state=established
add action=accept chain=input connection-state=related
add action=drop chain=input in-interface=pppoe-out1
/ip firewall nat
add action=dst-nat chain=dstnat comment="" dst-port=443 in-interface=pppoe-out1 protocol=tcp to-addresses=\
192.168.88.254 to-ports=443
add action=dst-nat chain=dstnat comment="" dst-port=10000-19999 in-interface=pppoe-out1 protocol=tcp to-addresses=\
192.168.88.254 to-ports=10000-19999
add action=dst-nat chain=dstnat comment="" dst-port=42210 in-interface=pppoe-out1 protocol=tcp to-addresses=\
192.168.88.254 to-ports=42210
add action=dst-nat chain=dstnat comment="" dst-port=42130 in-interface=pppoe-out1 protocol=tcp to-addresses=\
192.168.88.254 to-ports=42130
add action=dst-nat chain=dstnat comment="" dst-port=42230 in-interface=pppoe-out1 protocol=tcp to-addresses=\
192.168.88.254 to-ports=42230
add action=dst-nat chain=dstnat comment="" dst-port=3659 in-interface=pppoe-out1 protocol=udp to-addresses=\
192.168.88.254 to-ports=3659
add action=dst-nat chain=dstnat comment="" dst-port=10000-19999 in-interface=pppoe-out1 protocol=udp to-addresses=\
192.168.88.254 to-ports=10000-19999
add action=masquerade chain=srcnat comment="defconf: masquerade" out-interface=pppoe-out1
add action=dst-nat chain=dstnat comment="TS3" dst-port=9987 in-interface=pppoe-out1 protocol=udp to-addresses=192.168.88.254 to-ports=9987
add action=dst-nat chain=dstnat comment="TS3" dst-port=10011 in-interface=pppoe-out1 protocol=tcp to-addresses=192.168.88.254 to-ports=10011
add action=dst-nat chain=dstnat comment="TS3" dst-port=30033 in-interface=pppoe-out1 protocol=tcp to-addresses=192.168.88.254 to-ports=30033
/ip upnp interfaces
add interface=pppoe-out1 type=external
add interface=bridge type=internal
/lcd
set backlight-timeout=never
/system clock
set time-zone-name=Europe/Malta
/tool mac-server
set [ find default=yes ] disabled=yes
add interface=bridge
/tool mac-server mac-winbox
set [ find default=yes ] disabled=yes
add interface=bridge
/tool traffic-monitor
add interface=ether1 name=tmon1 threshold=0
add interface=ether1 name=tmon2 threshold=0 traffic=received
[/spoiler]
Config attached. Edited out macs and credentials.
Most of the config is the quickset setup. Have been messing around with NAT mostly, since the router is to be used at home.