I am thinking of changing from TOT (as was) to True for my internet connection - they supply a router - 2 questions:

 

1. Does anyone know if it can operate in bridge mode?

2. Does it or True at some point block encrypted traffic e.g. a VPN?

Thanks

It's about 8 years since I ditched TOT (absolute s.h.i.t.e  even then). Moved to AIS who were great. AIS did not offer full fibre so left them once 3BB offered full fibre. 18 months on, 3BB have been great and fast 900/500mbps at about 600Baht/Mth by paying a full year upfront. Never any outages with 3BB so far. Never used True.

 

I have been using True for a few years now without a problem.

 

Win

16 hours ago, Negita43 said:

Does anyone know if it can operate in bridge mode?

The real answer is: "it depends".

I use their service BUT with the older version PON modem and bridge mode IS supported but if you use their current upgraded gigatex router / PON hybrid combination then no, bridge mode is not supported as I found out when they showed up to upgrade their hardware at my location and after a few discussions with their network Eng's they inform me bridge mode is not available with their new equipment. If you can use their service with previous generation of PON modems then you are good to go with "bit-mode" as the thai's call it. The other option is ToT which does support bridge mode with their current PON modem.

I connect to a local TRUE VPN server in TH with OpenVPN from locations worldwide and never experienced any problems connecting and using their service.

Check with the torrent community as they might use VPN's with TRUE and can provide some feedback.

Thanks FJB 24. You probably saved my bacon! I already use TOT and bridge to my ASUS WRT router and was thinking of changing because their IPTV no longer has many (or any)  programs in English. Do you know how may LAN ports there on the new True router?

Thanks again.

I've been seeking the truth for 50 years ......  but sadly they have all died along with the past

Just to wind this subject up.

 

TRUE - excessively expensive (with any sort of TV) and no bridge mode available 4 LAN ports on new router (I looked)  sales assistant unable to answer if I would have access to router settings.

TOT - Have had very few issues on the Internet side but IPTV has become progressively poorer value for money. Router now very old but full access to settings and bridge mode currently being used. Costs over 1000 Baht a month with TV.

3BB I was with them before and no issues but I moved to an area they did not cover - but now they do. 3BB tell me router has 4 LAN ports, bridge mode available and full access to router settings. Their package at 699Baht/month including some English language TV and program 29 for my GF looks to be my best best.

Thanks for all the helpful answers.

2 hours ago, Negita43 said:

3BB tell me router has 4 LAN ports, bridge mode available and full access to router settings.

Their FiberHome AN5506-04-FA is the worst piece of cráp I've ever dealt with. Ping me if you'd be unlucky enough to get the same model.

 

P.S. I wasn't using 3BB services so can't comment on their quality, only used their particular router and it was pain.

Hello fdsa,

Thanks for your post.

Yes I have a fiberhome router with TOT - model AN5506-04-B it works fine but there was (it's at least 5 years old)  absolutely no English Documentation and no firmware updates but as I said in the original post it basically just bridging to my ASUS Merlin router. After your post I've asked 3BB what model router they would install - that's caused a few scratched heads I think - I'm waiting on their call back!

11 minutes ago, Negita43 said:

Hello fdsa,

Thanks for your post.

Yes I have a fiberhome router with TOT - model AN5506-04-B it works fine but there was (it's at least 5 years old)  absolutely no English Documentation and no firmware updates but as I said in the original post it basically just bridging to my ASUS Merlin router. After your post I've asked 3BB what model router they would install - that's caused a few scratched heads I think - I'm waiting on their call back!

Don’t ask 3BB, If you want to use your own router they offer an ONT, a Huawei HG801H GPON which they refer to as a “one port (router)” it’s taken me 6 months to get them to learn how to configure their own kit. Just ignore the “no have” because they do. In the quest to get my network setup they sent a couple of different models, some brand new in boxes, some used, but their techs have no idea how to configure them. 

 

The ONT is already in bridge mode, it’s a matter of configuring with your existing credentials and one other setting from the local area. 

or buy your own router/modem and configure it to use the connection.

they aren't expensive.

 

my 3BB-provided router has been sitting in its sealed box for 3 years.

Does not block VPN ..

33 minutes ago, recom273 said:

Don’t ask 3BB, If you want to use your own router they offer an ONT, a Huawei HG801H GPON which they refer to as a “one port (router)” it’s taken me 6 months to get them to learn how to configure their own kit. Just ignore the “no have” because they do. In the quest to get my network setup they sent a couple of different models, some brand new in boxes, some used, but their techs have no idea how to configure them. 

 

The ONT is already in bridge mode, it’s a matter of configuring with your existing credentials and one other setting from the local area. 

Simple!

Well as I said in my previous post I do already have an ASUS (Merlin router) - the problem I had with the Fiberhome was that I couldn't get the ISP password and credentials out of TOT> Are you saying 3BB will supply them on request?

28 minutes ago, Negita43 said:

Well as I said in my previous post I do already have an ASUS (Merlin router) - the problem I had with the Fiberhome was that I couldn't get the ISP password and credentials out of TOT> Are you saying 3BB will supply them on request?

not sure about fiber, but user and password are printed on my 3BB contract for VDSL.  just ask 3BB?

18 hours ago, Negita43 said:

model AN5506-04-B

If you will use it just as a bridge and will have a second router for routing then you won't need any special configuration.

Also it's a different model than the one I have (AN5506-04-FA), but the configuration process and backdoor accounts might be the same. I'll share my notes for those desperate souls who have this router and need a more advanced configuration.

 

Possible backdoor accounts:

USER: f9!6b1e1rhO3es~u!p@e#r$a%d^m*i(n
PASS: s)f_U+h|g{u@5h2o1q0b1l

Username: f~i!b@e#r$h%o^m*esuperadmin
Password: s(f)u_h+g|u

Username: fiberhomesuperadmin
Password: sfuhgu

Username: admin1234
Password: admin1234

 

How to gain root access:

1) login to web panel http://192.168.1.1/ using one of backdoor accounts (my router has "f9!6b1e1rhO3es~u!p@e#r$a%d^m*i(n", if all above accounts did not work - you will need to dump the firmware and check file "/fhcfg/umconfig.txt")

2) go to http://192.168.1.1/fiberhome/telnet_enable.asp and enable "debug access"

3) telnet to 192.168.1.1 port 23 with "admin" account (check the sticker at the bottom of the router - my one has login "admin", password "098A")

4) run commands "ddd" and then "shell":

ddd

(yes, three "d" letters)

shell

5) telnet to 192.168.1.1 port 26 with "root" account (my router has root password = "GEPON", if it won't work for you then you need to google other possible passwords or to dump the firmware and bruteforce the password hash from file "/etc/passwd")

6) voila - you've got the "real" root access.

 

 

Now my particular problem - this router does not share traffic between Wi-Fi and LAN interfaces (I wasn't able to connect to PC from the smartphone)

To fix:

0) telnet to port 26 as root

1) remount the file system to enable writing

mount -o remount,rw /fh/extend

2) delete all default firewall rules

iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F
iptables -t mangle -X

3) allow traffic forwarding

sysctl -w net.ipv4.ip_forward=1
iptables -I FORWARD -i wlan1 -o eth0 -j ACCEPT
iptables -I FORWARD -i eth0 -o wlan1 -j ACCEPT
# (your interfaces' names could be different, check "ifconfig" first)

4) check if WiFi devices could connect to LAN devices already. If could not - try to delete LAN interface (eth0 in my example) from the bridge first; but if the previous commands worked - DO NOT DELETE it from the bridge.

brctl delif br0 eth0
# manually add every computer connected to LAN ports (in this example 192.168.1.10 = computer 1, and 192.168.1.20 = computer 2):
route add -host 192.168.1.10 dev eth0
route add -host 192.168.1.20 dev eth0

 

5) IMPORTANT: internet provider will fkuc up your settings with TR-069 backdoor over time (which exists in every single router on the market BTW, not only Fiberhome), so you need to disable it:

login to web panel, open http://192.168.1.1/tr069/tr069.asp and disable it and/or clear all fields (but make a note of all settings, just in case)

 

 

 

URLs for more RTFMing:

- https://gist.github.com/kleo/de3b1610b1879f8e92966ba106f83f97

- https://github.com/bkspc/fiberhomesuperadmin

- https://kleo.github.io/pldt-home-fiber-router-hacking

- https://kleo.github.io/pldt-home-fiber-router-console-access

- https://kleo.github.io/pldt-home-fiber-router-firmware-and-files

- https://kleo.github.io/pldt-home-fiber-web-interface-admin-access