Class 8 Assignment - Locate And Report The Advanced Features Of Your Router

Avatar
John Scanlan
May 17, 2018
IPVM • IPVMU Certified

Log into your router and take a screenshot of the advanced features that are available such as port forwarding, VPN, VLANs, and QoS.

Let us know if you use or have used any of these features and why. Also let us know what router model you are connecting to.

Here are some guidelines on how to locate your router's IP address:

1) Locate your default gateway, as this is most commonly the same IP as your router

  • For Windows PCs, open a command prompt by clicking on the start menu and typing 'cmd'. Click on the Command Prompt to open.
  • Type 'ipconfig' and press enter
  • Look for the default gateway address

2) Type the gateway (router's) IP address into a browser

    • Login using the appropriate credentials
    • Take a screenshot of your router's advanced settings and share it

Note, each router is a little different and may have advanced features in different places.

Here are the results from a SonicWall SoHo W which I use at home:

I highlighted 3G/4G/Modem, VPN and SSL VPN Settings.

In terms of use, I use the VPN for Site to Site VPN configuration.  This connects my home router directly to the office VPN concentrator.  SSL VPN (remote access VPN) is configured so that I can connect to my home network from elsewhere via a configuration on my laptop or phone. While I may add the service in the future I have not started using 3G/4G/modem as a backup WAN link yet.

In previous classes we have had a few people that do not have access to a router. If that is the case, you can use this simulator (or find another simulator) and report on the advanced features of this router. If you have questions, please let us know - we are happy to help.

We look forward to seeing your results!

Avatar
Daniel Gelinas
May 17, 2018
IPVMU Certified

I attempted to access my work router by going the CMD/ipconfig route, but didn't get too far. Here're some screenshots of that...

And then here's where I was stopped in my tracks...

I spoke with my IT director. I explained the homework assignment and he nodded and smiled as I explained what I was trying to do. 

"uh-huh... Yeah, you ain't getting in there," he said. I don't have the proper credentials to get int our router. I will try from  home later and finish the assignment in a follow up post later.

(1)
BB
Benjamin Bestic
May 17, 2018
IPVMU Certified

My router is an ASUS RTACA68U running the ASUSWRT-Merlin firmware.  The only semi-advanced feature I use is port forwarding for remote viewing of my small camera system.

 

Avatar
Fabian Muyawa
May 17, 2018
LONTECH SYSTEMS • IPVMU Certified

I used Cisco CVR100W Wireless-N VPN Router provided in Class 8 Assignment as a simulator and this initiative deserves a high commendation as it gives every participant in this class a chance to dive into the router and look inside the Router. This Great!.

Portforwarding

VPN

VLAN

 

QoS

Personally, i have participated in the installation of Integrated Security Management System constitutes IP Surveillance, IP Intercom, Public Address, IP Access Control, and VLANs were implemented however, i was not directly involved in the configurations and by then i the above features where no making much sense as they are now.

I now feel more confident with the application of the above features and a Router is now my good friend.

(1)
TS
Tom Stanley
May 18, 2018
IPVMU Certified

 

(1)
Avatar
Daniel Gelinas
May 18, 2018
IPVMU Certified

Following up on my earlier post, I attempted to research my home router in the same manner I did earlier, using the CMD/ipconfig method.

this part worked fine. I can tell you my IP address is 192.168.1.1. It looks like I also have an IPv6 address there that reads fe88::18ea:a2ff:fe74:b87%5. At first I took the IPv4 address and entered that into a browser and was met with an error that there was no page there. I then figured out that I had cut and pasted the wrong address.

I entered the correct IP and was asked to log in. I was stumped however as to the correct credentials. I have a router that is on-board my ISP-provided modem. I tried everything I could think of. My email, my username when I log into my ISP's app, the name of the router, etc... I tried everything I could think of for the router, my password when I log into the app, my Security Key when I log into the router, etc. But I couldn't get anything to work. I did finally just go to my ISP's website and drill down and was able to get to advanced settings. Here's what I found:

It's a Sagecom router with a MAC adress of 3835FBAA5888. The security type is WPA2-Personal. 

There are two different radios with different speeds. One is 2.4 GHz and the other is 5 GHz. 

right now the settings are the same--same WPA2 security key. There are no other features that I can discern from here. No VPN or anything... Though I do have VPN on this laptop so that I can tunnel into the server at work and access our common drive. 

Though I can also choose to run a Remote Desktop session as I've pictured below. That's an interesting Question: What's the difference between setting up the VPN tunnel and just starting a remote desktop session? Both will allow me to access files on our server at work from offsite... 

(1)
Avatar
John Scanlan
May 18, 2018
IPVM • IPVMU Certified

Daniel - Many modem/router manufacturers put unique credentials on the bottom of the device.  You can check there for the username / password.

VPN provides your computer with a secure connection to your LAN as if you are in the same building.  e.g. If you have a viewing client on your laptop at home and connect via VPN to the site with the VMS, you will be to remote view / manage that system from your laptop at home. It's like you are on the LAN.

RDP provides you a remote session to a specific computer or VM on your LAN from your laptop - you are remotely controlling a windows session.  You are dependent upon the remote desktop machine having all software that you need installed or policy giving you access to the same.

With this in mind if you have a laptop from work at home then VPN may be better, however if you are working from your personal computer then RDP may be more powerful.

VPN's big benefit is that it is more secure. Even if RDP is required/mandated I would not implement RDP without VPN.

 

 

 

(1)
Avatar
Daniel Gelinas
May 21, 2018
IPVMU Certified

Thanks John, that makes sense. Regardless of whether I'm using VPN or Remote Desktop, I keep all my files and work on our common drive on the server at work, so my access is the same. I understand the difference, though. 

 

I'll search the bottom of the modem/router at home later on today. Thanks!

(1)
Avatar
Daniel Gelinas
May 22, 2018
IPVMU Certified

Okay, so I followed your direction, John, and checked the bottom of the router. Found the IP address and the login credentials (admin, admin wouldn't ya know?) 

 

I found a whole bunch of really cool info and settings!

That's just the landing page. Here's the device info:

I took those screenshots last night and then planned to log into my home router from work today using the same IP address, but when I enter in that IP address here at work on my work laptop, it doesn't bring me to my home router, it brings me to my work intranet... 

I guess I'm misunderstanding how IP addresses work. I thought that the IP address written on the back of my router would take me to my router, regardless of where I was... I probably would have needed to set up a VPN or something?

 

So I'm unable right now to get more screen shots of advanced features, but there was port forwarding and VPN and a bunch of other stuff, including the switch to turn WPS on and off, which was nice, because my WiFi printer hadn't been working since I'd gotten the new router, and I just thought the button was broken. Turns out it's turned off by default. I was able to enable WPS and then connect my printer to my network. I'll get more screenshots tonight when I get home.

 

(1)
Avatar
Daniel Gelinas
May 23, 2018
IPVMU Certified

Okay, this will be the last entry on this assignment. There are some pretty cool options on the admin section of my router. Here're some shots the advanced stuff I found.

The advanced settings doesn't really seem to contain much that I understand or want to interact with. However, when I look at Access Control, that's all pretty cool. 

There's Parental Controls, which I'll drill down into in a moment, Port Forwarding, Port Triggering (what's the latter?), Firewall, DMZ (I did some independent google research on this one, but still don't really get why you'd do it. It seems like it sets up one small section of your network to expose to the Internet... But why?), User info, and Remote Access. Remote access seems cool... Is that a way that I could allow myself to access my home network from the internet? For example, if I was at work and I wanted to access my home laptop to grab some photos, or a document I was working on on my C: drive, could I facilitate that with this setting?

anyway, then I wanted to drill down into Parental Controls (I have a 10-year-old boy). 

 Under Parental Control, there is another setting called INternet Access Control Planning. I thought this was cool, because I could (as is pictured) select just my son's tablet and the router will apparently grant that access to the internet for just 1 hour a day. This is also similar to the URL filter button below, which looks like I can set a black/white list for specific URLs. 

 

Also, back on the home page, if I clicked on the individual radio I was interested in (2G or 5G), I see a cool setting called MAC Filter...

This appears to let me white/black list connected devices by MAC Address.... Very cool.

(1)
ST
Scott Triemstra
May 18, 2018
IPVMU Certified

I logged into my xfinity comcast gateway and found the following.  The port forwarding section had a link to go to another website to set it up so I chose this one instead.  I have not been in these settings in a while and it was nice to update it too.

Avatar
Anthony Burti
May 18, 2018
IPVMU Certified

I logged into my Fios Quantum Gateway router. I have Port Forwarding and Port Triggering as some of my advanced settings available.

 

(1)
Avatar
Joel Brunson
May 18, 2018
IPVMU Certified

The only router that I have access to right now is my router at my house.  When I had this router installed I had no knowledge of routers and networks so I had to rely exclusively on my ISP and the equipment they provided.  The router in question is a Actiontec MI424WR Rev.1 mass produced with limited functionality.  I still do not consider myself a network guru but this course has provided me the skills to migrate around by myself and make more informed choices/selections.  Adding to my stress is the fact that I work with a Mac Notebook Pro running the macOS 13.14.2 s/w.  Therefore, easy command like running ip config under Windows must be translated by me into other commands and must be run under the Terminal shell. 

With all this said, I found this exercise to be very worthwhile.  After finding my default gateway (see below) I logged into it (after numerous attempts since my failing eyesight read the wrong default password incorrectly) to see the various features available:

This router does not support VPN.  It does offer QoS but I do not currently use it.  However, it turned the next two hours into exploring this wireless router.  Some of the things I did notice was I had ten wireless devices connected.  Since I live alone, I was concerned that I might have someone stealing my signal and god-forbid hacking into my system.  Based on an earlier class I was able to locate the MAC address of these connected devices and based upon the OUI determine what they were (i.e. Roku streaming device, Wireless TV, cell phone, chromecast, etc.)

My router also does employ port-forwarding

and this is mainly so my ISP can monitor the health of the router.

This exercise has intrigued me enough to purchase a new router as soon as I complete the remainder of this class.  I want to learn about hacking, etc.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

(1)
WS
Wade Storie
May 19, 2018
IPVMU Certified

From my WD N600 Wireless Router:

 

(1)
DO
Dan Oneill
May 19, 2018
IPVMU Certified

My router is provided by the ISP. I logged into it and was linked to Comcast's webpage for advanced features. I did find out that Port Forwarding some remote access features are available. 

 

(1)
NA
Neel Adhikari
May 19, 2018
IPVMU Certified

The default gateway is below. 

I have a basic router from AT&T in my home and it supports LAN, Broadband, Firewall setup and helps with basic diagnostics that a typical home would need. Looks like this model does not support VPN setup, port forwarding etc. 

 

(1)
ML
Mikko Laiso
May 19, 2018
IPVMU Certified

Hello

My ADSL-router is ASUS DSL-AC68U.

I have VPN feature, but I am not using it.

I also have Qos feature, but I not using that either

It has port forwarding and that I am using for my Hikvision recorder and Texecom Alarm Panel.

It does not have the VLAN feature nor do I need it. I have a separate Cisco Switch on the network and it has to VLAN feature, but it is not turned on.

(1)
ER
Eddie Robinson
May 20, 2018
IPVMU Certified

I'm not using any of these advanced features; learning about them is one of my objectives for attending this class.

a.) I don't have a high-end home router; it apparently doesn't support VLAN. But, I think that the virtual server feature could accomplish what I want, accessing a home NVR from a remote computer or phone:

b.) Port forwarding seems to be straightforward:

c.) QoS, too, seems to be a straightforward setup:

d.) I can't configure a VPN with this router. But, the firewall apparently can restrict or allow VPN traffic:

(1)
JG
Jonathan Gonzalez
May 20, 2018

I have used port forwarding for residential clients but have not done that within my own home. No vpn use or anything like that. 

(1)
CH
Chris Horn
May 20, 2018
IPVMU Certified

I'm using an ipTIME N8004 router at the moment. It doesn't have many advanced features, but it does support VPN, DDNS, and DMZ features:

I don't actually utilize any of these advanced features, but I have used VPN in the past for company intranet connections.

This is a fairly old model (I think this was purchased back in 2012), so I am looking at upgrading to a new model in the near future. Hopefully the new model I purchase does have some more advanced configuration options.

(1)
Avatar
Dennis Eaton
May 21, 2018
IPVMU Certified

Unfortunately, the cable guy set up my router and left no info on the user name or password.

Avatar
Will Doherty
May 21, 2018
Liberty Consulting, Inc • IPVMU Certified

I used the simulator because I currently just have the mediacomm router.  I am going to buy new hardware once I complete this course. I do not need a VPN at both ends however I think there is a way to connect via VPN on one side only to help add a layer of security.  If I use a hosted VPN service won't it hide my IP address and network from the public?

 

 

Here is the advanced VPN settings screen.

(1)
TS
Ty Sagiao
May 21, 2018
IPVMU Certified

Logged into my home router/modem. There is nothing advanced in this household since we are not home very often and live off of our phones.  At least I changed the default password though.

 

 

 

(1)
Avatar
Dave Gideon
May 22, 2018
IPVMU Certified

Logged into my Netgear R6050 which I have done many times in the past to set up port forwarding to enable up/downloading of various intrusion control panels from my office, screen shot of the advanced menu-

(1)
Avatar
Melissa Jean
May 22, 2018
IPVMU Certified

I also had to use my home network as my office network is locked down. 

Main Menu: 

Media Prioritization/QoS:

VLAN:

Advanced Routing:

OpenVPN Server:

Port Forwarding:

(1)
JG
Justin Gomez
May 22, 2018
IPVMU Certified

I am responsible for all port forwarding features in the field for our technicians, so I am familiar with router functionality, yet for some reason I use an Apple Airport Extreme that was leftover from a project. A quick overview shot:

with a port forward that I setup for a game. As you can see, has IPV6 support, and basic firewall integration, but does not support VPN. Definitely would not recommend this for heavy use. 

 

Interestingly, it does not allow access from a browser, and requires a specific utility in order to access. I got curious and searched, and apparently there is some firmware that can be downloaded to provide VPN functionality on this device. It does at least offer bridge mode for extending a network, but overall, does very little. 

 

(1)
GD
Guillaume Diniz
May 24, 2018
IPVMU Certified

For security reason I don't have access to the office router so I use your simulator

There is 2 VLAN configured:

In the firewall DoS protection and Block WAN request are enabled, this is not the case in most default configuration of router I have seen:

Port forwarding:

And QoS are set with the same priority for the 4 ports:

(1)
Avatar
Roman Roxer
May 24, 2018
IPVMU Certified

Hi

my gateway and router address is 192.168.1.1

I have TP Link router at home 

I am using Port forwarding because of my NVR which I have at home and sometimes I am connecting to it while at road. It is easier than to carry everything on business trip :).

I do not use DDNS even though it is available.

For home use I found useful parental control feature

RR

 

(1)
Avatar
Cary Menage
May 25, 2018
IPVMU Certified

Just the initial Dash board is fairly advanced compared to higher priced consumer routers on my Ubiquiti Edgemax:

And I like to give key hosts on my home network Static Ip Addresses:

 

Note, potential hackable info was cut out of images....

(1)
Avatar
Diarmuid O Neill
May 28, 2018
IPVMU Certified

Class 8 Assignment - Locate And Report The Advanced Features Of Your Router

I interrogated my home router (first time ever).  The advanced setting are above and I researched their impact as best as I could:

  1. Mutlicast is disabled - Assume because we don't have IPTV ??
  2. UPnP is disabled - Blocks devices on the home network from discovery??
  3. WAN blocking was enabled. researching - This feature protects if an attacker knows your IP address, this will prevent them from finding anything else out. The router will ignore pings from the WAN side (the Internet), as well as hide portscans. It’s basically a no-exceptions firewall.
  4. IFsec enabled - A feature of routers which allows computers on a private network to establish outbound VPNs unhindered
  5. PPTP Enabled: Allows VPN through the router.
  6. There were many other options that were not in use incuding:
    • Parental Control
    • MAC & Port & IP Filters
    • Port Forwarding
    • DMZ Host
    • Firewall - see below screen shot - nothing enabled

The other interesting thing from a security perspective was that the password was "admin"

 

(1)
JM
Justin Meyers
May 29, 2018
IPVMU Certified

I used the provided Cisco simulator for this assignment:

1) Default Gateway is 192.168.1.1 as shown in the router IP and routing table:

2) Advanced settings gives access to features such as LAN/WAN networking, wireless networking, Firewall, VPN and QoS.  Below are a couple advanced features that could have uses in IP networking of security systems, such as QoS and VPN:

(1)
DM
David Martin
May 29, 2018
IPVMU Certified

PM
Paul Messenger
May 29, 2018
IPVMU Certified

I have ASUS RT-AC68U, I have port forwarding enabled for to allow remote access to my camera system.

Avatar
Keegan Kinslow
May 30, 2018
IPVMU Certified

Only advanced setting I have are port forwarding for a couple cameras on my house.

TB
Troy Borlinha
Jun 03, 2018
IPVMU Certified

At home I am using a TP-Link AC1750 Wireless Dual Band Gigabit Router. I am unable to make use of my work-associated VPN due to our IT restrictions.

Here are the statuses of the networks:

Here are the only settings relating to VPN I could find (note, I am not running a VPN at/from home):

Dv
Danny van der Pol
Jun 04, 2018
IPVMU Certified

I do not have access to the router of the company (it is managed by our IT department). So I used the simulator as suggested.

Here some of the advanced features I could find. I never worked with routers, so I am not sure what is supposed to be advanced.

WG
Wade Graham
Jun 07, 2018

My Home Modem Router

 

(1)
UE
Undisclosed End User #1
Jun 08, 2018

My netgear r6400 supports the following:

2 wireless frequencies, port forwarding/triggering, dynamic DNS, VPN, Static routes and VLAN/bridge settings

(1)
JD
John Durnell
Jun 08, 2018
IPVMU Certified

Home network

 

JD
John Durnell
Jun 08, 2018
IPVMU Certified

Advanced functions of the router are Remote Access

JD
John Durnell
Jun 08, 2018
IPVMU Certified

Had some very good information and glossary of terms

Avatar
Robert Fee
Jun 09, 2018
IPVMU Certified

After 1 1/2 hours of trying to find and then login to my Xfinity Comcast home router (Dual-Band WiFi, 802.11ac), I finally called them only to find out that the login and password was "admin" and "password"!!! 

Advanced > Remote Management

Advanced > Port Forwarding

Advanced > Firewall

Advanced > DMZ (allow a single computer on your LAN to open all of its ports.)

JP
Jonathan Pautlitz
Jun 10, 2018
IPVMU Certified

At our office we use a Netgear Nighthawk R7000 as we are a relatively small business. Here are the screenshots of the advanced features available.

 

 

And that's it! It actually surprises me how limited it is with the advanced features, however it is nice to be able to have QoS when needed. I would've loved to have been able to setup VLANs and what not.

Avatar
Sadiek Sonneveld
Jun 12, 2018
IPVMU Certified

mC
mike Chavez
Jun 12, 2018
IPVMU Certified

I logged into my home router, an Xfinity Cisco Model DPC3941T.  

The advance features list is as follows:

1. Port Forwarding

2. Port Triggering

3. Remote Management 

4. DMZ

5. Device Discovery

In terms of use, there are very few if any features I use on the home router.  Remote management is set up in case there is a need for my ISP to troubleshoot the device.  There is not an option for VPN.  

 

DB
Dean B
Jun 17, 2018
IPVMU Certified

My linksys router didn't seem to have much for advanced features so I show a screen shot of the VPN server page and advanced routing page

 

 

New discussion

Ask questions and get answers to your physical security questions from IPVM team members and fellow subscribers.

Newest discussions