Thomson TG585 Remote access

Forums › LAN (ethernet/Wifi/routers/Bluetooth) › Thomson TG585 Remote access

nickb800

1802 posts

Uber Geek
+1 received by user: 216

Trusted

Topic # 111971 21-Nov-2012 12:03

Like most geeks here, I support a few family members with their broadband, so I like to have remote access to their routers to help with troubleshooting.
With TP-Link & Dynalink routers, I have dynamic dns and remote admin setup (and NOT on the default username/password!) so that I can view their admin webpages.

On this Thomson (TG585, was received new from Telecom this year, not sure which version number that is) I have dynamic dns updating fine, but the remote admin config is seemingly temporary. It only lets me open a remote config 'session', no the permanent access that I would like. So after a reboot it closes the session, and I cannot remote config it again without going on site and opening another session. Does anyone know a way around this, to open a permanent remote config session?

I know that the Thomson is a complete POS, however it is more than capable for someone who recently upgraded from dialup, so I'd rather not replace it.

Cheers
Nick

DrStrangelove

368 posts

Ultimate Geek
+1 received by user: 1

Reply # 720839 21-Nov-2012 16:02

Just to confirm, this is what we're talking about.

We (Not me, but you) would be attempting to modify the configuration to subvert the default behaviour.

Have you gone beyond just using the default GUI to configure this service? You'll know what I mean if you've attempted cmd configuration.

I go out of my way to make sure this service is disabled and that all default users are removed (Sorry Telecom) so I've never tried to modify the service in the 'affirmative' to keep it up and accessible.

I have back-end services which allow access from within, but I'm not your average home punter.

My first response would be 'Yes' it's possible. BUT I've never tried so couldn't confirm that.

I'll check.

[P.S.] Don't you be disrespecting my Thomson modems now. :-)
I have a whole guest network built on Telecom NZ Thomson modems(routers). (VLANs, bridged/switched, WiFi extenders etc etc etc they're doing it all)

nickb800

1802 posts

Uber Geek
+1 received by user: 216

Trusted

Reply # 720857 21-Nov-2012 16:31

Thanks for your reply!

Ah yes, 'remote assistance' is the term im looking for. I'm reasonably sure that the option for 'permanent mode' wasnt there when I set it up last time, perhaps its for a different hardware revision or firmware version. I might have a go at upgrading the firmware next time I'm there (is the firmware user upgradable?).

I havent tried command line, found this guide which outlines commands for most things, but only includesd *ISP* remote assistance. Do you know of any guides that are even more comprehensive?

DrStrangelove

368 posts

Ultimate Geek
+1 received by user: 1

Reply # 720881 21-Nov-2012 17:07

Top man, you're on the right track.

You can't upgrade the firmware as it's as good as it gets and ever so slightly hinge'd on a Telecom NZ setup and ALSO bespoke to the current modem hw being supplied by Telecom NZ at the time.

So, I'm using a Thomson TG582n and I've just tool'd around in the config and restarted the modem and was still able to log in from my mobile phone after the reboot.

OK. I'll have a look at a Thomson TG585v8 (which is what I think you have) config and see if the same thing can be done.
Pretty sure it can be done on this modem too. It's basically the same OS on both modems, but the TG585v8 OS is a bit less 'robust' when it comes to the feature set.

This is all done under the covers and not via the GUI.

DrStrangelove

368 posts

Ultimate Geek
+1 received by user: 1

Reply # 720909 21-Nov-2012 18:27

Thomson TG585v8 has a similar setup as the TG582n.

This can be set to permanent Mode too.

Fig 1-1 Thomson TG585v8 Remote Access panel.

I'll PM you some details on how I got the Remote Access to 'stick' between reboots.

I don't advocate enabling such a 'robust' connection service to a device AND would NOT do this myself.

Any access to my modem directly from the Internet is Much to much access for my liking. And this is someone who thinks PPTP is to insecure for my liking. ;-)

DrStrangelove

368 posts

Ultimate Geek
+1 received by user: 1

Reply # 720993 21-Nov-2012 21:55

Just as an update, I'd say you may be able to enable a permanent connection with a 'static' password on both the TG585v8 and TG582n from the GUI, without having to resort to the command line.

My limited tests indicate this should survive a system restart too.

I would suggest a VERY strong password with extended characters 'punt' (\]\[!"#$%&'()*+,./:;<=>?@\^_`{|}~-) and not just those in 'alnum' (numbers and characters)

nickb800

1802 posts

Uber Geek
+1 received by user: 216

Trusted

Reply # 721429 22-Nov-2012 16:04

Awesome, thanks Dr Strangelove, ill give it a shot next time I'm around there. I'll try the GUI again, and if not go into CL

Llory

25 posts

Geek
+1 received by user: 1

Reply # 728121 6-Dec-2012 15:30

Hi Guys.

I suggest go into CLI and change the priviledges your user has for remote assistance, I havent worked with these particular units before, but we at work do alot of other Thomson gateways. This option you are looking for may not show up in remote connection, but it will once you are on site, access priviledges.

And no, dont use long password, the remote assistance can only take 6 characters, if you typed a long password and you are refused, type the first 6 characters of the password.

Temporary setup will last 15 mins max, Permanent last for ever. These are good units pity Telecom locked it with there firmware.

Another alternative is to use the ALG of the router, port forward port 80 (http) or 443 (HTTPS) to the local gateway address (192.168.x.x), then use the WAN IP to access the routers GUI, To lock this connection down, it must be done by CLI, lock port 80 or 443 to only allow incoming connections from your WAN IP address, and swith ping responder off to prevent ping attacks, also this way you are gaining highest priviledges and you can set a long as freakin password.. If you want Syntax CLI help let me know I can help.