Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
Buying anything on Amazon? Please use the Geekzone Amazon aff link.




1483 posts

Uber Geek
+1 received by user: 112

Trusted
Subscriber

Topic # 111971 21-Nov-2012 12:03 Send private message

Like most geeks here, I support a few family members with their broadband, so I like to have remote access to their routers to help with troubleshooting.
With TP-Link & Dynalink routers, I have dynamic dns and remote admin setup (and NOT on the default username/password!) so that I can view their admin webpages.

On this Thomson (TG585, was received new from Telecom this year, not sure which version number that is) I have dynamic dns updating fine, but the remote admin config is seemingly temporary. It only lets me open a remote config 'session', no the permanent access that I would like. So after a reboot it closes the session, and I cannot remote config it again without going on site and opening another session. Does anyone know a way around this, to open a permanent remote config session?

I know that the Thomson is a complete POS, however it is more than capable for someone who recently upgraded from dialup, so I'd rather not replace it.

Cheers
Nick

Create new topic
368 posts

Ultimate Geek
+1 received by user: 1


  Reply # 720839 21-Nov-2012 16:02 Send private message

Just to confirm, this is what we're talking about.



We (Not me, but you) would be attempting to modify the configuration to subvert the default behaviour.

Have you gone beyond just using the default GUI to configure this service? You'll know what I mean if you've attempted cmd configuration.

I go out of my way to make sure this service is disabled and that all default users are removed (Sorry Telecom) so I've never tried to modify the service in the 'affirmative' to keep it up and accessible.

I have back-end services which allow access from within, but I'm not your average home punter.

My first response would be 'Yes' it's possible. BUT I've never tried so couldn't confirm that.

I'll check.

[P.S.]  Don't you be disrespecting my Thomson modems now. :-) 
          I have a whole guest network built on Telecom NZ Thomson modems(routers). (VLANs, bridged/switched, WiFi extenders etc etc etc they're doing it all)



1483 posts

Uber Geek
+1 received by user: 112

Trusted
Subscriber

  Reply # 720857 21-Nov-2012 16:31 Send private message

Thanks for your reply!

Ah yes, 'remote assistance' is the term im looking for. I'm reasonably sure that the option for 'permanent mode' wasnt there when I set it up last time, perhaps its for a different hardware revision or firmware version. I might have a go at upgrading the firmware next time I'm there (is the firmware user upgradable?).

I havent tried command line, found this guide which outlines commands for most things, but only includesd *ISP* remote assistance. Do you know of any guides that are even more comprehensive?


368 posts

Ultimate Geek
+1 received by user: 1


  Reply # 720881 21-Nov-2012 17:07 Send private message

Top man, you're on the right track.

You can't upgrade the firmware as it's as good as it gets and ever so slightly hinge'd on a Telecom NZ setup and ALSO bespoke to the current modem hw being supplied by Telecom NZ at the time.

So, I'm using a Thomson TG582n and I've just tool'd around in the config and restarted the modem and was still able to log in from my mobile phone after the reboot.

OK. I'll have a look at a Thomson TG585v8 (which is what I think you have) config and see if the same thing can be done.
Pretty sure it can be done on this modem too. It's basically the same OS on both modems, but the TG585v8 OS is a bit less 'robust' when it comes to the feature set.

This is all done under the covers and not via the GUI.




368 posts

Ultimate Geek
+1 received by user: 1


  Reply # 720909 21-Nov-2012 18:27 Send private message

Thomson TG585v8 has a similar setup as the TG582n.

This can be set to permanent Mode too.

Fig 1-1 Thomson TG585v8 Remote Access panel.


I'll PM you some details on how I got the Remote Access to 'stick' between reboots.

I don't advocate enabling such a 'robust' connection service to a device AND would NOT do this myself.

Any access to my modem directly from the Internet is Much to much access for my liking. And this is someone who thinks PPTP is to insecure for my liking. ;-)

368 posts

Ultimate Geek
+1 received by user: 1


  Reply # 720993 21-Nov-2012 21:55 Send private message

Just as an update, I'd say you may be able to enable a permanent connection with a 'static' password on both the TG585v8 and TG582n from the GUI, without having to resort to the command line.

My limited tests indicate this should survive a system restart too.

I would suggest a VERY strong password with extended characters 'punt' (\]\[!"#$%&'()*+,./:;<=>?@\^_`{|}~-) and not just those in 'alnum' (numbers and characters)




1483 posts

Uber Geek
+1 received by user: 112

Trusted
Subscriber

  Reply # 721429 22-Nov-2012 16:04 Send private message

Awesome, thanks Dr Strangelove, ill give it a shot next time I'm around there. I'll try the GUI again, and if not go into CL

24 posts

Geek
+1 received by user: 1


  Reply # 728121 6-Dec-2012 15:30 Send private message

Hi Guys.

I suggest go into CLI and change the priviledges your user has for remote assistance, I havent worked with these particular units before, but we at work do alot of other Thomson gateways. This option you are looking for may not show up in remote connection, but it will once you are on site, access priviledges.

And no, dont use long password, the remote assistance can only take 6 characters, if you typed a long password and you are refused, type the first 6 characters of the password.

Temporary setup will last 15 mins max, Permanent last for ever. These are good units pity Telecom locked it with there firmware.

Another alternative is to use the ALG of the router, port forward port 80 (http) or 443 (HTTPS) to the local gateway address (192.168.x.x), then use the WAN IP to access the routers GUI, To lock this connection down, it must be done by CLI, lock port 80 or 443 to only allow incoming connections from your WAN IP address, and swith ping responder off to prevent ping attacks, also this way you are gaining highest priviledges and you can set a long as freakin password.. If you want Syntax CLI help let me know I can help.

Create new topic




Twitter »
Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





Trending now »

Hot discussions in our forums right now:

My un-consented UFB install
Created by thurthur, last reply by mdooher on 28-Nov-2014 18:57 (79 replies)
Pages... 4 5 6


Seen any good Black Friday / Cyber Monday deals?
Created by Jaxson, last reply by ckc on 28-Nov-2014 15:08 (24 replies)
Pages... 2


Gigatown winner town and plans
Created by freitasm, last reply by NonprayingMantis on 29-Nov-2014 07:40 (78 replies)
Pages... 4 5 6


Gull Employment Dispute.
Created by networkn, last reply by richms on 28-Nov-2014 17:57 (153 replies)
Pages... 9 10 11


This is the end ...
Created by joker97, last reply by benokobi on 29-Nov-2014 00:31 (56 replies)
Pages... 2 3 4


Do Chorus Still Fit ADSL to Rural Cabinets?
Created by TLD, last reply by TLD on 28-Nov-2014 21:56 (17 replies)
Pages... 2


What the hell MyRepublic!?
Created by gished, last reply by pohutukawa on 28-Nov-2014 17:45 (16 replies)
Pages... 2


The Warehouse pulling R18 games and DVD's
Created by semigeek, last reply by Geektastic on 27-Nov-2014 18:32 (64 replies)
Pages... 3 4 5



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.