Need advice on docsis 3.0 cable modem with DMZ and configurable.
Michael Butash
michael at butash.net
Sat Sep 15 11:22:01 MST 2018
Cox modems (not combo access point/router/modem) are hard-coded to
192.168.100.1 in firmware and as part of the docsis configuration process,
that cannot change.
If using one of their combo modem/routers, it *should* be reconfigurable
from the default subnet... I've only played with one once, in an airbnb
rental that was working like crap I decided to help the owner try and fix,
but ymmv. I never use the combo modem/routers myself, rather using a
separate router always as they're never that great.
As Stephen said, I was using a r7000 netgear with dd-wrt for the past few
years and like it too, recently upgrading to a fortigate firewall only
because I do a lot of security consulting these days around their
products. Ebay is great for old/used network kit, particularly if you're
in IT and you want to dog food your own products at home. You can always
pick up a small Fortigate or PAN pretty cheap to play with, maybe even with
feature licenses still working, but the consumer routers are usually OK so
long as they're powerful enough and run tomato/ddwrt for long-term support
when the vendor stops supporting them.
With port 80, it has been blocked all the way back to @home days, and
likely will be in perpetuity. It's really their only differentiator
between that and business services (well smtp, and support too), so don't
expect them to lift this. That said, they do allow 443 which wasn't always
so, which is fine for using ssl vpn and basic https sevices, just no 80 for
redirecting the http session to https. You shouldn't use unencrypted
websites these days anyways, even basic ones.
-mb
On Thu, Sep 13, 2018 at 12:05 PM, Bob Elzer <bob.elzer at gmail.com> wrote:
> ahhh, you're right about https, thanks for reminding me, so I'll have to
> give all my links with https, interesting.
>
> yeah i saw that it had all the bells and whistles on your modem, i already
> had my bells (WiFi), so now I'm looking for my whistles(cable modem)
> separately.
>
>
>
> On Thu, Sep 13, 2018, 11:55 AM Stephen Partington <cryptworks at gmail.com>
> wrote:
>
>> I haven't found one yet, wreaks havoc on my letsencrypt cert processes.
>> however https is not blocked.
>>
>> On Thu, Sep 13, 2018 at 11:43 AM Bob Elzer <bob.elzer at gmail.com> wrote:
>>
>>> thanks Stephen, the c7000 is listed at $199, i can get docsis 3.1 for
>>> less than that.
>>>
>>> I just want my linux box which is my firewall in the dmz of my cable
>>> modem for Cox cable.
>>>
>>> I'm also finding out they block port 80, anyone know if I can get that
>>> lifted?
>>>
>>> The joys of switching ISPs
>>>
>>>
>>> On Thu, Sep 13, 2018, 10:11 AM Stephen Partington <cryptworks at gmail.com>
>>> wrote:
>>>
>>>> you have 2 options, Im my case I used an ubiquity edgerouter lite and
>>>> it has Wan +2 Lan ports and full commercial tools for management. but it
>>>> can be set to amd a dmz on one port, and your network on the other port in
>>>> very little time.
>>>> https://www.ubnt.com/edgemax/edgerouter-lite/
>>>>
>>>> If you want the All in one route, the other one I have used with great
>>>> success is the netgear Nighthawk c7000, I only retired it when I moved from
>>>> Cable to Fiber.
>>>> https://www.netgear.com/home/products/networking/cable-
>>>> modems-routers/C7000.aspx
>>>>
>>>> On Thu, Sep 13, 2018 at 9:04 AM Bob Elzer <bob.elzer at gmail.com> wrote:
>>>>
>>>>> I need advice on a docs is 3.0 cable modem.
>>>>>
>>>>> I just bought a Motorola mb7220-10, it turns out there is nothing that
>>>>> is configurable.
>>>>>
>>>>> It's hard coded to 192.168.100 and I want 192.168.0
>>>>>
>>>>> There's no DMZ or port forwarding. This was not clear when I ordered
>>>>> it.
>>>>>
>>>>> So I'm looking for one that I can configure with a DMZ and set to
>>>>> 192.168.0, I don't need WiFi and I'd like it to cost under $100. My
>>>>> download speed will only be 30mb so I don't need docsis 3.1
>>>>>
>>>>> Anyone have any recommendations?
>>>>>
>>>>> Thanks
>>>>> Bob
>>>>>
>>>>>
>>>>> On Wed, Sep 12, 2018, 1:36 PM Stephen Partington <cryptworks at gmail.com>
>>>>> wrote:
>>>>>
>>>>>> In some places they even have fiber to the prem. (me)
>>>>>>
>>>>>> On Wed, Sep 12, 2018 at 12:02 PM Michael Butash <michael at butash.net>
>>>>>> wrote:
>>>>>>
>>>>>>> You need to make sure your modem supports 3.1 too, don't forget that.
>>>>>>>
>>>>>>> Cox has just recently finished upgrading to all the new 3.1 hardware
>>>>>>> here, and phoenix tends to be their technology leader market due to being
>>>>>>> their biggest, so I'd be surprised if comcast has done more rural areas.
>>>>>>> They always seem to be the first to fight any sort of rural network
>>>>>>> legislation as they hate wasting their capital on non-rich areas, so make
>>>>>>> sure they can even support the 8-24 channels down needed for those speeds.
>>>>>>> You'd be amazed how screwed up cable plants can be in rural/old areas that
>>>>>>> in some cases, they just cannot support the rates. Tempe was like this for
>>>>>>> a long while here due to the original podunk cable co that built it.
>>>>>>>
>>>>>>> Cox is actually one of the better cable MSO's out there sadly. My
>>>>>>> first job in tech in '99 was @home networks that pioneered cable modem
>>>>>>> tech, and taught the cable behemoths about that little internet thing, and
>>>>>>> dealing with them all from comcast, cox, intermedia, att, and others, cox
>>>>>>> was always one of the least crappy of them. So much I even worked for them
>>>>>>> after for a bit (more crappy to work for imho). Not perfect, but
>>>>>>> definitely better. If you like to pirate media, oddly they were one of the
>>>>>>> strongest to reject lawsuits, abuse subpoenas, and other media cartel
>>>>>>> incursions on human rights, where comcast (being the ultimate media whore
>>>>>>> thanks to corrupt/owned fcc) is the opposite...
>>>>>>>
>>>>>>> That said, I've been having more frequent outages (including 2
>>>>>>> yesterday) with Cox, and they're steadily warning and charging me for
>>>>>>> bandwidth now, so I'm having Centurylink installed to check out that is
>>>>>>> almost double the speed and $25 less than my cox bill now. As much as I
>>>>>>> hate Centurylink, they don't have the bandwidth caps, that started with
>>>>>>> Comcast coincidentally, and Cox can stick it now (pun intended) that they
>>>>>>> impose them too if I'm just going to go over monthly. Joy of having both
>>>>>>> services at least temporarily is I can steer traffic out either/both with
>>>>>>> my Fortigate firewall with sd-wan features, so going to play a month or two
>>>>>>> before I can one or the other to see...
>>>>>>>
>>>>>>> -mb
>>>>>>>
>>>>>>> On Tue, Sep 11, 2018 at 10:01 PM, Jim <jim.nantz15 at comcast.net>
>>>>>>> wrote:
>>>>>>>
>>>>>>>> I found out Tuesday what was causing me to not get the speed I was
>>>>>>>> told I should get. Once again the Comcast guy I was talking to said he
>>>>>>>> wanted to send out a repairman to find out why I wasn't getting the 150
>>>>>>>> Mbps everything told him I should be getting. Tuesday morning the
>>>>>>>> repairman showed up with his supervisor. The supervisor told me the 150
>>>>>>>> Mbps speed is for customers in areas that are served with a docsis 3.1
>>>>>>>> network, but where I live is served by a docsis 3.1 network. Because of
>>>>>>>> this I get 100 Mbps, but could get 150 if I wanted to pay more. Then he
>>>>>>>> said the network in this area isn't able to supply everyone with 150 Mbps,
>>>>>>>> and no he doesn't know when this area will be upgraded. I was amazed that
>>>>>>>> all the corporate people I talked to didn't know that this was the case.
>>>>>>>> They all said I should be getting 150.
>>>>>>>>
>>>>>>>> After the repairman and his boss left, I called and emailed the
>>>>>>>> corporate people who had been telling me I should be getting 150 and told
>>>>>>>> them what the local supervisor said. Later one of them called back and
>>>>>>>> agreed with me that since I had been told I should be getting 150, that he
>>>>>>>> would give it to me for the price I'm paying now.
>>>>>>>>
>>>>>>>>
>>>>>>>> Is Cox as fscked up as Comcast?
>>>>>>>> ---------------------------------------------------
>>>>>>>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>>>>>>>> To subscribe, unsubscribe, or to change your mail settings:
>>>>>>>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>>>>>>
>>>>>>>
>>>>>>> ---------------------------------------------------
>>>>>>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>>>>>>> To subscribe, unsubscribe, or to change your mail settings:
>>>>>>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> A mouse trap, placed on top of your alarm clock, will prevent you
>>>>>> from rolling over and going back to sleep after you hit the snooze button.
>>>>>>
>>>>>> Stephen
>>>>>>
>>>>>> ---------------------------------------------------
>>>>>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>>>>>> To subscribe, unsubscribe, or to change your mail settings:
>>>>>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>>>>
>>>>> ---------------------------------------------------
>>>>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>>>>> To subscribe, unsubscribe, or to change your mail settings:
>>>>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>>>
>>>>
>>>>
>>>> --
>>>> A mouse trap, placed on top of your alarm clock, will prevent you from
>>>> rolling over and going back to sleep after you hit the snooze button.
>>>>
>>>> Stephen
>>>>
>>>> ---------------------------------------------------
>>>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>>>> To subscribe, unsubscribe, or to change your mail settings:
>>>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>>
>>> ---------------------------------------------------
>>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>>> To subscribe, unsubscribe, or to change your mail settings:
>>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>
>>
>>
>> --
>> A mouse trap, placed on top of your alarm clock, will prevent you from
>> rolling over and going back to sleep after you hit the snooze button.
>>
>> Stephen
>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phxlinux.org/pipermail/plug-discuss/attachments/20180915/29d0b722/attachment.html>
More information about the PLUG-discuss
mailing list