Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




1004 posts

Uber Geek


#271852 29-May-2020 10:53
Send private message quote this post

Is it possible to setup remote access (from WAN side) into the new Spark Smart Modems and lock it down to one IP? I've not got one to play with to see if it can be done. Thanks!


Create new topic


1004 posts

Uber Geek


  #2496473 2-Jun-2020 09:45
Send private message quote this post

Bump sorry - anyone know?


630 posts

Ultimate Geek

Subscriber

  #2496475 2-Jun-2020 09:52
Send private message quote this post

remote management is not a standard feature of a consumer grade router


 
 
 
 


'That VDSL Cat'
12453 posts

Uber Geek

Trusted
Spark
Subscriber

  #2496479 2-Jun-2020 09:57
Send private message quote this post

I'd have to double check, pretty sure we disable turning this functionality off though (I'm not running the public version due to firmware testing)

 

 

 

Regardless, It's not really a great practice, I'd recommend having a VPN and connecting in that way.. 





#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

 


230 posts

Master Geek


  #2496483 2-Jun-2020 10:07
Send private message quote this post

wratterus:

 

Is it possible to setup remote access (from WAN side) into the new Spark Smart Modems and lock it down to one IP? I've not got one to play with to see if it can be done. Thanks!

 

 

Yes it is possible :)

 

Click to see full size


630 posts

Ultimate Geek

Subscriber

  #2496487 2-Jun-2020 10:12
Send private message quote this post

halper86:

 

Yes it is possible :)

 

Click to see full size

 

 

Make sure you untick "any ip address can remotely manage the smart modem" otherwise you have a death wish - is the external remote management https or http? I sure as hell hope its https

 

Personally, all our clients UTMs that we remote manage are via SSH only with private keys, non standard ports, and very limited IP addresses that are allowed


'That VDSL Cat'
12453 posts

Uber Geek

Trusted
Spark
Subscriber

  #2496495 2-Jun-2020 10:20
Send private message quote this post

nztim:

 

Personally, all our clients UTMs that we remote manage are via SSH only with private keys, non standard ports, and very limited IP addresses that are allowed

 

 

nonstandard ports always amuse me. 

 

Sure they stop a port knocker, but anyone looking for it will still find a SSH Daemon sitting on a nonstandard port.... 





#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

 


630 posts

Ultimate Geek

Subscriber

  #2496497 2-Jun-2020 10:22
Send private message quote this post

hio77:

 

nztim:

 

Personally, all our clients UTMs that we remote manage are via SSH only with private keys, non standard ports, and very limited IP addresses that are allowed

 

 

nonstandard ports always amuse me. 

 

Sure they stop a port knocker, but anyone looking for it will still find a SSH Daemon sitting on a nonstandard port.... 

 

 

you still need to be coming from an allowed source IP address - the key thing is the private key set for each of our admins


 
 
 
 




1004 posts

Uber Geek


  #2496498 2-Jun-2020 10:23
Send private message quote this post

Thanks guys. Yes I know it's not best practice and maybe not normal for consumer grade routers, but a Netcomm NF18ACV for example allows this and it can be locked down to one IP, so it's not an awful option as a temporary stop gap measure. 

 

 

 

Thanks again.


Create new topic




News »

Freeview On Demand app launches on Sony Android TVs
Posted 6-Aug-2020 13:35


UFB hits more than one million connections
Posted 6-Aug-2020 09:42


D-Link A/NZ extends COVR Wi-Fi EasyMesh System series with new three-pack
Posted 4-Aug-2020 15:01


New Zealand software Rfider tracks coffee from Colombia all the way to New Zealand businesses
Posted 3-Aug-2020 10:35


Logitech G launches Pro X Wireless gaming headset
Posted 3-Aug-2020 10:21


Sony Alpha 7S III provides supreme imaging performance
Posted 3-Aug-2020 10:11


Sony introduces first CFexpress Type A memory card
Posted 3-Aug-2020 10:05


Marsello acquires Goody consolidating online and in-store marketing position
Posted 30-Jul-2020 16:26


Fonterra first major customer for Microsoft's New Zealand datacentre
Posted 30-Jul-2020 08:07


Everything we learnt at the IBM Cloud Forum 2020
Posted 29-Jul-2020 14:45


Dropbox launches native HelloSign workflow and data residency in Australia
Posted 29-Jul-2020 12:48


Spark launches 5G in Palmerston North
Posted 29-Jul-2020 09:50


Lenovo brings speed and smarter features to new 5G mobile gaming phone
Posted 28-Jul-2020 22:00


Withings raises $60 million to enable bridge between patients and healthcare
Posted 28-Jul-2020 21:51


QNAP integrates Catalyst Cloud Object Storage into Hybrid Backup solution
Posted 28-Jul-2020 21:40



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.