Wow. I didn't see this coming. Thanks everyone for kind words of support, I'll do my best to answer to everyone asap, but there are so many of you it'll take me a minute or two. Much love! ❤ (And for all of you who have subscribed - or are about to - a warm welcome!) I'm also working on my own router (currently in the planning stage). If you can spare two minutes, please fill out this pricing survey: research.typeform.com/to/KegRLBkD
Thank you Tomaz for doing these videos. There is an equal community of tech (&infosec) enthusiast here in EU and having something available here (not to mention piece of equipment I actually have) that we can work with .. and on... is really nice. Otherwise I never even thought about this issue until you mentioned the brand of your router. Most things regarding tech aren't border/country specific, but this one kinda is. So thank you. Again.
my comes with a sock that I use to keep my part... warm for 5 dollars a month. and its even got wifi! It's called a router. lol. something like you pay for the modem but the other parts 5 dollars extra. dangle bits and all.
Since 2016 there's "Freie Routerwahl" (free choice of router) in Germany by law. The ISP has to provide you all the login data and has to allow using whatever router you want. It's great.
As a german myself I was a bit surprised that he can't simply plug in his own device (I couldn't imagine using the crap router vodafone provided. That thing was basically a piece of e-waste).
@@lyianx What do you mean? I live in Texas, and my dad has ALWAYS used his own routers, without even giving the ISP routers a chance lol. We haven't had a business-class connection in AT LEAST 10 years, and we've even switched ISPs in the last few years. Still able to use our own routers lol
I know the feeling, in the UK, Shell Energy's new wi-fi 6 router is so locked down that you can't even change the default admin password. Talk about putting the needs of the ISP above the security of the user.
From the perspective of an ISP, 99% of all users can't figure it out, they can't even log into an SSID with a set password you give them, much less set their own and keep up with it. Whether you want to believe it or not, those of us that can manage their own routers and Wifi are in the minority. Tell the ISP you're running a VPN, you *require* a bridged modem, run your own router.
@Siri_lankita He may refer to the law: Telekommunikationsgesetz (TKG) § 73 Under section 3 it reads like this: "Sie können dem Endnutzer Telekommunikationsendeinrichtungen überlassen, dürfen aber deren Anschluss und Nutzung nicht zwingend vorschreiben. " I suspect that "Telekommunikationsendeinrichtungen" means the router/modem.
I was able to track down the settings for my previous ISP so that I could bypass their equipment. However, when my area started having trouble, they tried to blame me for the outage, even after I swapped back to their equipment with stock settings. I really miss having fibreoptic internet, but I refuse to be a scapegoat for support people that don't know what they're talking about.
My ISP was being non-compliant circa 2018 because I was using an aftermarket (Asus) xDSL modem/router, so in the end I plugged up a Siemens Speedstream 4200 they sent me in 2004 in bridge mode and said "there ya go, I'm using the hardware YOU supplied, now fix the issue at YOUR end!" Suffice to say they were confused when trying to TR-069 the antiquated hardware, but they admitted defeat 👍 They even sent me out their latest modem at the time for free so they could troubleshoot easier in future 🤣
Since you mentioned AVM: yes they are very popular here, specifically because their routers are easy to use, but much higher quality than what your ISP might give you (in Germany it’s illegal to lock down the connection)
And thank god for that, i'm never gonna be using that Vodafone pos "router" ever again haha Thanks to this when i switched contracts to O2, i was able to buy a 7530 in black on ebay for 50€, instead of having to pay for a provided one monthly, it's honestly the best fritzbox in it's own terms have ever used (I never liked the ones shown in the videos either tbh ahah)
@@seagie382 Law states ISP need to provide some industry standard passive edge-of-premise-endpoint + the access credentials to allow consumers to install their own "router", and was a response to public campaigns by consumer/tech advocacy groups (like CCC) and companies like AVM. I guess from the government's POV the main point of this was to open up the market for more-than-bare-basics home network vendors like AVM more (which I guess is why they supported it) but I think the CCC folks had motivations more similar to Tomaž's.
As a fiber optic technician in Italy i can say that here (and i actually think in all europe) the ISP is forced by law to give you a way to use your own router. I work for the company that manages the infrastructure, so we work for every ISP that uses it, we install mainly 3 types of devices: Direct PON (Fiber direct to modem/router), SFP (SFP Module in router), external ONT (External terminal that you connect to a router's WAN. I first and usually second case the ISP will provide an ONT to allow you to use your own router. Anyway the ISP using FritzBoxes use 7530/7590 for 1gbps and 5530 for 2.5gbps
I don't know if we have the same law in the US, but I've never had a problem with any ISP here letting me use my own equipment. At first they'll tell you it's required (because they charge a monthly rental for their crap modems and routers!) but the slightest push back and they'll drop it in my experience.
@@Hellosirrrr difficile visto che il gpon tim è serializzato a sistema e si dovrebbe trovare un sistema per clonare quel seriale. gpon interno o esterno?
Unfortunately it depends on the country. The law that is in place mentions customers need to be able to use their own device after the "connection point". In austria for example this is accepted to be behind the modem, allowing ISPs to force you to use their shitty modem, only allowing a bridge mode to be enabled. It's really sad how such an actually good law from the EU can still be dragged to shit through local legislation :/
It would be an awesome move to figure out what the ISP uses to log in to the original router and run a service that responds to them trying to enter your network with some kind of "access denied" message.
@@cartoonhead9222 And probably "Anonymous data for marketing purposes". Also don't forget having an mandatory Backdoor into your network which you have to trust a third party with maintaining is a security risk....especially for a business.
@@cartoonhead9222 except when they don't secure their communication and now your home network is open to being taken over by anyone who wants to try. most likely, burgulars who want to get into your smart security system.
Very satisfying video. I can hear the screams from the ISP all the way here. Decades ago I made an IPcop router out of an old PC. I had some ISP problems and called their support and they went babbling about "click on the windows icon..." and trying to make me reboot my PC since that was their normal approach to all problems even if it was unrelated. I told them that I didn't run windows on that machine and that it didn't work for any of the other machines I had behind my router. Uttering the word "router" made the supportdesk person go ballistic screaming that I need to remove it and that I was not allowed to use such periferals "and and and..." Quite interesting how things develop over the years.
Speaking as an engineer in the ISP space- I'm fairly surprised they didn't offer other a plain (non-router) ONT or have a bridge mode function built into the router, at least for a business customer. It's very normal for a fiber ISP to want to have control over the ONT device and to authenticate the customer based off of the serial number - you don't have the convenient authentication mechanisms with GPON that you get with DOCSIS and there has to be a way to verify you're providing service to a paying customer. The TR-069 support is also quite normal as it's how the provider is able to actually support home users and believe me when I say this is absolutely a requirement in this day and age. The really odd bit is them not providing a way to bypass all of this: business customers will generally not want to be forced into putting their equipment behind the NAT on a soho router. Though it sounded like there might be a 1918 IP on the WAN interface so maybe they're doing some sort of fucked up CGNAT that doesn't comply with the normal standards. Perhaps this was only used for communication between the router and the SFP? I suspect they're a smaller provider and doing a number of fairly odd things here, at leastpartially in a misguided attempt to save money with regards to the router. I am very curious what would happen if they ever wanted shut you off for non-payment - maybe they can just de-auth that serial number but there's a decent chance they'd just be sort of stuck until someone realized they could just physically disconnect you.
Oftentimes yes but it's going to cause enough friction that I wouldn't recommend it. Requiring the customer to use the provider ONT or modem is one thing and often not unreasonable. The router is a different deal to me entirely. @@FedjaHvastija
In my experience, here in Canada, this is fairly standard practice. ISPs, both facilities based and resellers (some literally just resell the bigger ISPs service but handle all billing/customer service/tech support, though most have the ISP do onsite support, others control some or all of the service and just use the larger ISP for last mile) either use DHCP/Static IP or PPPoE (if using PPPoE, the static IP is usually assigned via DHCP after authentication). Troubleshooting when PPPoE is involved is a pain in the butt. As for equipment, the cable companies generally are easy to work with, just put their modem/gateway in bridge mode and connect it to the WAN port of your own router, configure for DHCP or static (business account only) as needed. Even when using IPTV from the cable companies (the main 1, as of earlier this year, there is only 1 cable company, Rogers, that covers the majority of Canada after they bought the 2nd largest, Shaw) works when using your own router on ethernet or wifi. Some people say the modem/gateway still broadcasts hidden SSIDs need for the IPTV, I can't find these in my setups. The except is when you have XGS-PON FTTx from Rogers, while it's still DHCP/Static thankfully, the modem/gateway (it's a Rogers Ignite branded Comcast Xfinity modem used on cable via RG-6 Coax or ethernet to a WAN port from the ONT/ONU) can't provide multi-gig when in bridge mode because it's RJ-45 WAN port is the only multi-gig port (it's used for multi-gig LAN when using Coax WAN), but IPTV works, however if you connect your router to the ONT/ONU (I think the only option is ethernet, no SFP option) then internet works but IPTv fails after a random period of time, suspicion is that the TV set top boxes stop working after a while if they can't talk to Rogers over the hidden wifi from the modem/gateway. I have yet to personally come across a customer with Rogers XGS-PON FTTx. Unlike Comcast in the US, Rogers' branded version of the Xfinity app doesn't run on anything other than your Android phone or iPhone, so you are forced to cast and can't use it on an Android smart TV or TV box. I've complained, even told them I'm willing to pay $2.00-$4.00/month per device to be able to use their app on a smartTV or Android TV box instead of renting one of their set top boxes. However, the phone companies (at least the major one, Bell Canada), their current modem/gateway provided on their GPON service (most common in my area) has a "bug" that turns the wifi back on after a reboot, so even if you disable it and have your router connect via PPPoE passthrough (so it gets a Public IP) there is no way to avoid the modem/gateway from broadcasting WiFi. The previous modem/gateway modem did have an SFP adapter that was fairly compatible with many routers, but it's been discontinued. As for their IPTV, in my experience, I have not been able to get the boxes to work over ethernet, only wifi, when on the ISP modem/gateway, and they also require some convoluted IGMP and VLAN configuration which I have yet to properly figure out (some have). Eventhough it's usually cheaper (marginally) and easier to go with Bell Canada to get faster uploads (Rogers cable internet maxes out at 50Mbps, but this is fine, even for me being in IT and working from home, at least most of the time), I usually discourage clients from going with Bell because they are even worse than the cable company to deal with, and it's very impractical to use your own router, especially if you get IPTV service from them (proper full service IPTV service is only legally available in Canada when bundled with internet service, it's slowly changing). Unfortunately, bad customer education here in Canada has lead people to believe that they subscribe to wifi and that wifi is synonymous with internet, and that they need to use their ISP provided equipment (same concept as believing that they need to only get their car serviced by the manufacturer at the dealership or get their phone repaired only by the manufacturer, whether in or out of warranty for both situations). It makes my job harder, both interms of support and interms of convincing a customer to get their own router. Even when I do, if an ISP technician comes by to do work, then then to leave the modem not in bridge mode or remove the customer's own router all together, and then the customer calls me saying things aren't working right, and then I go in, and fix it, when they ask me what I did and explain thst the ISP tech messed things up, they get frustrated (usually with the ISP, not me).
We need governments to step in and regulate ISPs (more than they are) and prevent them from providing routers, modems only, even if providing IPTV, or at least providing separate modems and routers from mainstream manufactures (no small companies like Sagemcom, Technicolour, Hitron, Arris, SmartRG, etc., I want to see ISPs provide Ubiquiti, Asus, Netgear, TP-Link, Linksys, even Cisco. I want to be able to subscribe to a dumb pipe like it used to be.
@@FedjaHvastija The whole Fritz!box series are (fairly pricey) higher end consumer devices. The only businesses that really use stuff like that are those with consumer levels of IT sophistication but why waste resources on something more complex if all you want is to connect a bunch of notebooks to the Internet.
A lot of work. A whole lot of work. We all know what countless hours means when it comes to such...projects. Thanks a million for your time, effort and sharing all that work and many many hours with us. The very leat I can do is like and subscribe.
So happy that I have the options of ISPs that let you bring your own router. The network in fibre areas basically just have a media converter device (NTD) that is the infrastructure boundary, and then the router just grabs an IP via DHCP. No PPPoE or anything anymore these days around here.
Here in NZ, you are provided with a basic ONT which you can plug your own router into. Also, the companies that manage the fibre network are by law not allowed to be an ISP, which leaves a more free and open market for internet service provider's. If I was forced to use a locked downed router, I would be very upset; Happy that you managed to find a work-around, although you shouldn't have to.
@@tomazzamanI know you probably don't want to point out which isp it is, but I just wanted to chime in that I've never had this much trouble setting up my own router. Either a bridge mode/trunk with copying pppoe credentials, or just straight up replacing it and just properly configuring the ipoe has always worked for me. Otoh, I know some friends have had lots of trouble with doing similar stuff with some other providers...
@@everythingpony What's the point of what? If you are referring to the fibre networks, they sell contracts to service provider's to use their network.
I don't know where you are from, but at least here in Germany where the AVM devices are very popular in the consumer market, you have freedom of choice which modem/Router you want to use and you also have full access to the FritzBox and can set it to passthrough / modem mode yourself. So the FritzBox will just act as a modem if you want. I think there is nothing wrong with the AVM devices. They offer everything and much more than most home consumers need, are easy to set up and are of good quality and performance and have a good customer support.
So happy to see FS get some recognition here. I've been using their stuff for awhile now. Such great products and they have everything you can think off. Great prices, great customer support, and they sell direct to consumer. Glad to see them getting some praise
depends. some switches and wifi system are stupidly programmed, outdated und poorly documented. sfps are great and some 10g switches arealso great. hit and miss.
In the UK our fibre providers place an ONT inside the property. The fibre goes in 1 port and there is an ethernet port where you can attach their supplied router, or your own if you know your login details. It seems crazy that that you have a fibre going straight into an SFP that then plugs into your router where the fibre can get disturbed, or worse, unplugged from the SFP and for someone to look down the fibre 😎
I'm familiar with a number of small telephone cooperatives here in the US who have run fiber, and they do the same as the UK. Fiber to the outside of the building, and twisted pair into the building. Don't even need a log-in, just connect whatever router you want to the ethernet cable.
The downstream power at the customer is actually pretty low, -17dBm or so it typical (20microwatt). This is from going through the passive splitter (the P in gpon). The upstream output of the SFP module is 'hot', but it won't transmit unless it is hearing the OLT, so when you start unmating the connector, it stops. Still, I don't stare into fiber ends unless I know that it is safe. I have some very unsafe-to-stare-into links.
My ISP in the UK allows you to use your own router, and will give you either a locked down Nokia router, or a Nokia ONT if you want to bring your own gear. The rub is, they use PPPoE and a VLAN. The PPPoE details they provided, but not the VLAN ID, so it took me a while to work that out (the Nokia router had the VLAN ID visible, thankfully). The other problem was PPPoE is complex enough that it just sinks a lot of domestic routers at gigabit speeds. Never mind, Mikrotik to the rescue :D
In Bulgaria, the biggest ISP doesn't give you access to the settings page at all. You have to login online to port forward even... but get this... they recently removed port forwarding from the website. Now, you have to submit a request to their customer support for port forwarding. The only thing you can control online now is your SSID and password. That's it. I'm thinking about writing a script that keeps making random requests for port forwarding to their support every day just to piss them off and show them why it's a terrible idea to make me go through them for basic configuration lol.
In terms of your ISP having a protocol that allows them inside your/their router, that isn't even the worst part. My ISP (and probably most or all) uses deep packet inspection on everything going in and out of your network. They see everything unless you run all your traffic through a VPN. They still know you are using a VPN but at least they can't see exactly what all the traffic is.
@@laus9953 Because the traffic through the tunnel is encrypted. The ISP sees the packets that are carrying the tunnel, but can't decrypt the payloads. The best they can do is infer generally what type of traffic it could be by packet timing, such as a video stream vs. an online multiplayer game. But can't tell what the endpoints are or the specific data carried.
* The ISP sees everything, unless it is encrytped. So if you use basically any modern website or programm this is not a problem, since everything is encrypted. The same with VPNs: if you use them, they see everything unencrypted. If a VPN is better for you depends on whether you use a lot of ancient (unencrypted) websites and who you trust more, the ISP or VPN.
Glad you got it sorted out. Another thing to watch out for, is the wavelength FREQUENCY, because depending on your provider, they may be using CWDM or DWDM which is essentially a device that consolidates many optical signals into a single fiber, then when it gets to its destination, it splits them back out to the individual "channels'' or frequencies. Additionally, while most of those SFP's are fixed frequency, there are also some that are programmable and can change their frequency, (and they are expensive too compared to common SFP's) and may need to talk to your hardware to determine what frequency they need to be on, if they are preset to go with your equipment.
@@tomazzaman You are welcome, how I know this I was helping one of the sales guys from one of the sister companies of the company I work for with a demo for a major telecommunication carrier in their lab and their main goal was to test compatibility of the various manufacturers SFP's, with the various devices they use in the field. The SFPs only work when everything is just right, and naturally we discovered far more ways they don't, lol! Our company made SFP's that were smart and if they were connected to a CWDM or DWDM, they would automatically adjust their frequency with the opposite end and establish communications. This meant the telecommunications carrier didn't have to stock every single fixed-frequency SFP's to go with those optical frequency splitters which would save them a load of money and make implementation tremendously easier because there are literally hundreds of frequencies they operate on.
I wondered how you in particular got into my feed. When I realized you were from Slovenia, it all made sense. I've been listening to Siddharta all day.
@@andybrice2711 It's a brand thing. For some reason AVM have almost captured the customer provided home router market in Germany, its almost a kind of fashion item for the i-think-i-know-more-than-you-about-computers-but-not-really-actuallt crowd (very much in sync with certain cultural traits :) )
Great video, I learned a lot. I've been looking into this ever since I realized my ISP could remotely log in to the router and change a setting. Does not feel ok. I believe my ISP allows to use my own stuff, but if it's locked down like yours I'm going to war :)
Yup, had the same thoughts :) There is a downside though, you implicitly waive the rights to any kind of support since they can't remotely check what's going on. But I prefer it that way.
I have two ISP. Both allow me to use my own router, and provide no support for my own. But, I have their device, so if there is a problem, I can plug it in for them to do some test or whatever. Then make the network work again for me to swap it out. One uses the MAC address as "security" and my router has the option to input a MAC so it works.
Tomaz, that was some really great troubleshooting there! I can only imagine how many "billable" hours it actually took you to get to were you are at the end of the video! I only just found your channel and since I'm a retired Network Admin from the US Air Force and US Army, you have definitely earned my SUB brother! Now I'm going to go watch your Router Build video! (Love your accent, LOL) Keep up the great videos and G-d bless you!
Oh man. What a crazy amount of work you put into this. Great job. Thanks for sharing what you learned through this process. I secretly love when stuff breaks or does not work. It's sometimes the only time where we dig in and learn new things.
It shows you how close we are to that communism 2.0 that is called the "Great Reset". These last 3 years we had to fight to keep our jobs for not being vaccinated by a poisonous COVID vaccine. Remember? So yes, people have to fight for a thing called freedom these days.
Hi from France ! I'm discovering your channel with this video, and I gotta say : WOAW. This is explained clearly, packed with interesting stuff, and the technical side is also very interesting to me. Keep up, I love it and I'm subscribing !
Thank you! Comments like your make my day and push me to try and make every video better than the last. I don't always succeed, but the motivation and will are there! Have a good day yourself!
I'm from Germany and my provider gave me an own device from them, but now I also have a FritBox, and I'm so happy to could configure much more (It's still from the provider but with much more capability). What I can recommend is a proper Rack-Mount! For Fritz boxes are some to find and are beautifully than only a plate where it stands on. :)
Here in NL we have free choice of router and/or modem. The ISPs have to provide all information necessary to replace their systems if you want to. If you have fiber you're even allowed to change your ONT out for one you get yourself, or for a router with a fiber connection.
I wish that was the case here in the UK. I've switched providers several times as only new customers, in my experience at least, are given the best deals. When I sign up, there's never an option where I can say I wish to use my own router.
I've had ISPs that at least had the decency to provide a 'bypass' mode where their device would then act like a transparent pipe to your router behind it. I've also had ISPs who insisted that you use their device even when their device is defective and drops your connection every hour on the hour for a few seconds for ~reasons~. In the latter case it was also a VOIP phone terminal and they wouldn't tell me the ports or protocols needed to pass the traffic to the phone would work if I put that behind my own router, so I had to take matters in to my own hands.
I had one ISP where their (required) modem would need to be factory reset & configured into their network every couple weeks, to the point where eventually a technician gave me a specific URL to bookmark to do it myself whenever needed.
My Cable Router is like this. There is a bypass, but I also get my TV through it using an encrypted VPN. The Router oversees local key management (Renewing, requesting, and transmitting to local devices) I am required to have it available for software updates as well (Failing to do so will result in immediate termination) I am also required to have it available for diagnostics at random times. So, I can bypass I can't eliminate it entirely.
Hi from Switzerland, this is exactly the content I am looking for on youtube. First time I saw you today, I immediately subscribed! keep up the good work, the precise description of the steps, the thought process and the links to the products shown in the video. C U soon!
Brilliant vid! Loved the investigation works that you did. I completely understand the feeling of doing anything and everything you can to get your ISP's grubby hands off of networking kit that sits inside your own house.
Tomaz, outstanding content and production quality. I'm amazed that you have just ~2.2K subscribers as of this writing. You have one more in me now and I'm sure you and the channel will do great things! You already are. Nice work!
Awesome, congratulations - I like this spirit of going against what someone tells you it isn't possible! You also managed to do a short but informative video! Greetings from Switzerland
Hi from Portugal. Around these shores ISPs use a single device that contains Wi-Fi, routing and ONT. No SFP modules here. They all use cloud connected stuff and are fully remote managed. You can use other equipment on some ISPs, but that's not allowed on others. I, for peace of mind, just put their stuff in bridge mode, and use my own OPNSense box.
Good job man! I too have hacked my last two different providers so that I can use only my equipment to connect to their network. It's a great feeling to get the crappy provider equipment out of the path.
In the USA, we have a few ISP's that don't allow you to select your routers. It's difficult. My ISP allows me to own my own modem (non-router) as long as it's on their compatible list... Then I can choose whatever router I please.
To deny your ISP access to your equipment (computers, printers, phones, etc) just connect a router to it, and connect through THAT router. I even have a second router to let guests connect to the internet when visiting, but to deny them access to my home network. This set up works very well. I've been doing it since 2005.
@@tomazzaman Not a bridge. Just another router connected to the other router. The second router act as a natural firewall prohibiting unsolicited traffic from gaining access. In such a set up the ISP cannot see anything.
If the router features of the modem aren't used (wifi/etc), the power consumption is minimal at best (less than 10W). If you dislike how the modem looks, gut the pcb out and stick it inside the other router. Using a second router is cheaper and easier than the hack method, but less fun.
I'd make sure you've got a couple of spares of that SFP module. They have a habit of burning out, and I've seen it several times in data centres where a dead or faulty SFP has taken out massive networks or network segments.
@@dnatech4477 i had an sfp blow and IC before, had to get the bell tech to come out, when he pulled the sfp out of the modem, it came apart revealing the blown up IC on the board. the metal casing was stuck inside the sfp port, had to replace the modem.
I would love to see a video on the procedure to ssh into the new GPON module and set the serial number or just the commands needed, thanks great video.
Here you go: $ ssh ONTUSER@ip-of-the-SFP-moule password: "7sp!lwUBz1" (no quotes) then run the following command: $ set_serial_number 12345678 (change numbers to your serial)
Awesome video, and the fact that you were cautious about not damaging the ISP equipment on the other side, shows how awesome knowledgeable you are about this. Great stuff! Greetings from Porto!
And that is how it's done! Outstanding job, not only because of your working result but because I would have reasoned the same process and made it work as I did on all ISPs I've ever had since the 90's. Fortunately there's no need for that anymore as my current fibre provider gives full access as standard with great overhead on top of the subscribed speed - so for the first time ever I decided to not waste time on breaking in already open doors and be happy with an honest, full service as is. Obviously yours was a tricky solution and all the best to you for solving the issue, but what matters is your mindset and determination to get to the bottom of the issue and get the full service you are paying for. That's litterally how the world moves forward, so do keep that mindset and you'll solve any problem that gets in it's way. Thank you for that - and the great video.
Thank you for the kind words. I'm not like that on purpose, it's just when my brain decides to get to the bottom of something, then I literally have problems falling asleep because I can't stop thinking about it. It's a blessing and a curse! 😅
Also need to state that he had the funds to buy many components that ended up being dead ends. If I had the space and a few thousand dollars more per year income, I'd put together my own electronics bench and putchase components for experimentation. A nerd is great, but a well funded nerd is better!
If you had the BGW210 (iirc) and the old ONT setup you could actually bypass the BGW by rooting it, extracting a few files, and running them on your own device. I did this and used my own router directly for years until I moved and AT&T switched to the new BGW320
ATT Fiber does this crap as well using EAPoL/EAP-TLS x509 device certs built into their routers. It should be illegal, but … Freedom! (For corps to do what they want). Luckily, at least for gigabit and below (older GPON) you can extract these certs and run this on your own router with wpa_supplicant to handle this device authentication.
@@antikommunistischaktion I can't wait for someone to figure out a way to bypass the BGW320. I have the BGW210, and I'm using pfSense to make the handshake and bypass the unit. Unfortunately, this unit maxes out at 1Gbps, so if I want one of the faster services, I need the BGW320.
Here in the US of A were still using copper coax. I still return any Xfinity modems. Were running an Arris surfboard and tplink wifi6e mesh system on 2.5gig networking. It's really nice.
I have a Fritzbox DSL router and I love it. I have played with other boxes (ASUS, Linksys) and installed DD-WRT on all of them but the AVM I have kept stock. It has everything I need and more. Yes, the Fritz is a rather closed system and that does concern me a little about the security but since it is not so common (outside of Europe). The box you got there is quite an old model, I have a similar box for an upstairs AP but it is gone now (no Wifi 6). I am waiting for fibre, I literally see the cable 100 metres down the road waiting to be installed. For context I have 30 years of Network experience.
Yeah, I does the job for most people and I do have it in my drawer as a backup (never needed it though). I just wasn't too keen on having a locked/closed system in my house. Just out of principle I guess. Good luck with the fibre, I hope it comes soon - it is a game changer (I got a big family, so you might imagine we put the extra bandwidth to good use 😅)
@@tomazzaman Agreed! Hell, I live in a (small) German town and I am very angry currently, because the village I used to live in now has fibre to the home, while the town will most likely not get it for a while! Sure I am by myself (don't have kids or a girlfriend - no, never a wife! I am not getting married - PERIOD!), still I'd love some more speed! Would speed up downloading larger games and images for the Raspberry Pi5 (took a while to get the Batocera image for the Raspi, it's a 470 or so GB file after all)
Used to run a FritzBox 7490 (I think), they work pretty well from what I remember but I didn't have a ISP locked down model. I still have mine in the cupboard, had it running for something around a year ago and it was still being supported after 9 years.
Same, I bought in the aftermarket a few 7490 for my personal and family use and I've never had any issues with them. Support for WiFi and network stability is superb and powerlines actually are decently managed lol. The design isn't the best but I'm not really buying a modem for the looks tbh
I've been looking for ages to get rid of my ISP-provided Nokia ONT, thanks to your video I finally have a reference for an SFP module that might actually work! Thanks!
I have the same situation with a Nokia ONT, however I need a 10Gb FSP+ module for my router. Then I need to figure out to replicate the serial nu,ber of the Nokia ONT port, which isn't easy, since it's a converter device, not a router. Any ideas?
@@kosbos1985 you should be able to get the serial number from your ISP if you ask nicely. It might also be printed on the device itself. For example my ISP added a sticker with the S/N on my ONT. There might be other ways to retrieve the S/N but I guess they would require hardware. Then again I'm no expert here, maybe someone with more experience could help here.
Well done for figuring out what was necessary to bypass the ISP restrictions. ISP should understand that capable network experts do not wish to have someone else in control of the network.
I admire your perseverance, I'm much the same. But I actually like the Fritzbox industrial design and find their user interface to be excellent. I have a similar model that I use only as a wireless AP because the signal strength is superb.
This is the only way to treat these awful devices. It's a crime against humanity to not let people choose their Internet access point hardware. Edit: it seems German law agrees with me. Nice.
I got a bulbous nightmare modem from AT&T that’s been a pain to integrate into my homelab. What happened to the black boxy ones with mounting holes?? They were fine?? Now I’m stuck with a fat white batard that makes the PS5 look like high art.
ATT routers are limited and you need to disable their dns redirects via their website. I have not done it yet, but generally, you turn everything off and set a real router as the dmz or forward all ports. Dual nat. Then you can control your internal dns and use stuff like pfsense. I'll probably give this kind of thing a try at some point, hopefully someone else figures out all the details for replacing the att router entirely and it will be easy for anyone to do. People figured out how to use your own router on google fiber real fast so back when i had that, i used my own router for google fiber.
As someone who previously worked for a service provider I tried to help people set up their own routers all the time, but it can be such a pain since our side we did things like RADIUS and provisioning via the SN/MAC. Thankfully in the US it's very common to have an ONT, gl replacing that, so I could almost always get whatever router they wanted working with our system. ISPs really like having their own equipment though since it allows them to do all sorts of helpful things, but also so they can try to value add with services like being able to fix an issue by going to their site and auto-resolving it. Thankfully in the US there's a lot of laws in place that allows the consumer to use their own equipment.
Yeah, I completely understand why ISPs very much prefer using their own equipment and I support that. What I hate is that I was *forced* into it and not given a choice.
Yeah, but then I'd need to make sure the device with the Boot Script was always online, properly configured, etc. Easier with SFP module, just works. Always.
Honestly one of the biggest pet peeves when dealing with ISPs is their crappy proprietary boxes. It makes me love the ISPs that just give you an ethernet only box because they only worry about giving you the connection and you get full control of your homes network with whatever router or switch you want.
In the UK you have to really know your stuff and look for an appropriate ISP which doesn't provide their own modems / routers so they "allow" you to use whatever you want. I've had great success using Andrews & Arnold, though their prices aren't the best and they don't give you unlimited bandwidth unless you pay through the teeth. Aquiss have also been great and their prices are more in line with the market. A middle ground is to find an ISP that allows their router to go into a bridged mode.
The concept of shopping for internet provider doesn't exist in the US. You have whatever around you. they're the only one. Where I live spectrum offers 1 GB cable. They don't offer fiber. The only alternative is satellite or 5 MB download through AT&t.
I’m with Zen internet and got on when they said they won’t put the price up when you stay in contract so still paying the same as I was when I joined. Have my own router on it that’s entirely mine with no access from their side. Also you speak to uk engineers who actually know their stuff not read from a script. As I’ve been in IT since 1986 I’m pretty comfortable with configing It kit. Just waiting on them to finalise the VoIP stuff on something other than their supplied router, but I’m in no rush.
@@davideyres955 Another happy Zenner, since we moved here from Germany 20 years ago. The Fritz! kit looked good, and I was happy to take the 7530 gratis from them because It. Just. Works., though I'd like telnet or SSH.
I have had that same device for many years, bought it myself and absolutely love it. The modem(s) my ISP provided magically stopped working properly every couple of years, just after my 2 year contract expired. To get a replacement modem required taking another 2 year contract... what a coincidence! Sadly, when we moved and I changed ISP, I couldn't get the Fritzbox to work with the provided settings (probably my own fault for not doing a full reset)... so I reconfigured it as a wireless repeater up the other end of the house and continued using it for several years. Don't know what your ISP did to the unit they delivered to you, but that's not at all typical of the Fritzbox. It is unfortunate that that particular model looks like a reject from an episode of 'The Jetsons'.
In the uk virgin media you are forced to put there router into modem mode to use your own router its impossible to use a 3rd party router without using it in modem mode because of the way how they activate the router on the docsis cable line so even if u used a different official virgin media router if it isnt activated on your line it wont work maybe u could spoof a different router with the same mac address etc idk
ISPs locking you to thier shit routers should be ilegal. Here in Sweden you can use whatever you want. When you get Fiber you usually get a Fiber converter that just is a like a switch. Fiber in. Ethernet out. Then you connect whatever router you want. Many ISPs give you a router but you dont have to use it.
Heya , i have a question. My ISP requires the use of a ONR in which the fibre optic plugs into then into the router. I'm completely clueless on anything networking. I usually run servers for my friends to play however , upon switching to this ISP , I found out that they do not allow port forwarding. I always thought that it's a router setting however no matter what I tried , i couldn't get the ports to be opened. I've disabled firewalls , ran the port forward in the router but to no avail. i then googled that it's due to my WAN ip being a private IP . However , when i called my ISP , they said they will not assign my a public WAN ip due to security reasons. I'm stuck in a contract for the next 3 years. Is this something that I can change on my end?
Easy. Tell them that you are moving somewhere where they cant provide services to you and using that as a basis they themselves will have to void "contract" with you because if they don't and they arent providing what they supposed to provide you can sue the f out of them.
ISPs use modem stats and data to profile the state of the network on that leg. This allows the network engineers to look at the data for network analysis of issues causing faults. EG light levels that might have shifted, network alignment errors, and noise ingress. Statistical data from customer's modems is far more useful for network analysis because it allows you to narrow the search down rather than from the data center/headend which only reports issues on the entire node.
I work tech support for various ISPs across America and I've gotta say that while I understand why this isn't desired for most, I'd love it if it was an officially supported option for the tech savvy. I've always been of the opinion that you should always own your network or at least have the option to own it all.
I didn't even know that the video is 9 minutes long, I was amazed on how you narrate the story and it's quite amusing on how you reverse engineer it. Btw, that router looks like from the early 2000's when DSL still exists HAHA.
Wow, I have replicated this set up in the US with Verizon FiOS for quite a few years now! I did it with a used Nokia G-010S-A from eBay for only about $25 USD and a media converter from China that has a break-out board inside that allows for direct UART access to the SFP+ module without soldering. This combined with a USB-TTL module allowed me to program not only the serial number but also quite a few other parameters to avoid detection in the future, eg model number and so on. Verizon similarly only authenticates on serial # though. :) I was surprised during my own journey then how little information there was on bypassing this plastic crap box, that unfortunately only had fiber connection and not removable SFP+ like yours did.
Oh wow, I had no idea one could get a media converter with UART. That would have saved me so much time! Instead I had to program an Arduino to serve as a UART bridge and the wires would stick out of the SFP module all the time. Oh well. :)
I’m a Telco tech, it depends on the underlying tech on the fiber. For our company the registration is associated to the sfp connector on GPON but for XGSPON the registration is associated to the gateway. But we can bridge a 10G port direct to WAN so you can do anything you want pretty much.
Wow. I didn't see this coming. Thanks everyone for kind words of support, I'll do my best to answer to everyone asap, but there are so many of you it'll take me a minute or two. Much love! ❤ (And for all of you who have subscribed - or are about to - a warm welcome!)
I'm also working on my own router (currently in the planning stage). If you can spare two minutes, please fill out this pricing survey: research.typeform.com/to/KegRLBkD
welcome to (current year) -- all ISPs are trash and haven't updated anything in decades but their prices.
Thank you Tomaz for doing these videos. There is an equal community of tech (&infosec) enthusiast here in EU and having something available here (not to mention piece of equipment I actually have) that we can work with .. and on... is really nice. Otherwise I never even thought about this issue until you mentioned the brand of your router. Most things regarding tech aren't border/country specific, but this one kinda is. So thank you. Again.
? So you get free 5G Broadband now ? 🤔 I don't understand a single word you're saying but bro 😂❤ If you were in Australia I'd send my unit to u
@@TurboLoveTraintoday's education I doubt they already could update it if they tried 😮😢
my comes with a sock that I use to keep my part... warm for 5 dollars a month. and its even got wifi! It's called a router. lol. something like you pay for the modem but the other parts 5 dollars extra. dangle bits and all.
Since 2016 there's "Freie Routerwahl" (free choice of router) in Germany by law. The ISP has to provide you all the login data and has to allow using whatever router you want. It's great.
Same here in NL. The ISP has to provide all the relevant information, though they do not have to provide technical support.
As a german myself I was a bit surprised that he can't simply plug in his own device (I couldn't imagine using the crap router vodafone provided. That thing was basically a piece of e-waste).
As much as people like to bitch and moan about regulations in the EU, you guys get cool shit like that or Windows EU edition.
Wish we had that here in the states. I refuse to use an ISP router and let them have full agency over my LAN.
@@lyianx What do you mean? I live in Texas, and my dad has ALWAYS used his own routers, without even giving the ISP routers a chance lol. We haven't had a business-class connection in AT LEAST 10 years, and we've even switched ISPs in the last few years. Still able to use our own routers lol
I know the feeling, in the UK, Shell Energy's new wi-fi 6 router is so locked down that you can't even change the default admin password. Talk about putting the needs of the ISP above the security of the user.
From the perspective of an ISP, 99% of all users can't figure it out, they can't even log into an SSID with a set password you give them, much less set their own and keep up with it.
Whether you want to believe it or not, those of us that can manage their own routers and Wifi are in the minority.
Tell the ISP you're running a VPN, you *require* a bridged modem, run your own router.
Same here, with shell energy except with their older ac router. Had to wipe it before it could work with the internet
Sorry, Shell Energy….as in SHELL ENERGY is an ISP?! Would literally rather go back to Dial up than fund those ghouls.
They stop you from changing the admin password?! That is not good news.
since when did shell do wifi ????
Fun fact: Forcing you to use a specific router is illegal in Germany
Can you provide source?
@Siri_lankita
He may refer to the law: Telekommunikationsgesetz (TKG) § 73
Under section 3 it reads like this:
"Sie können dem Endnutzer Telekommunikationsendeinrichtungen überlassen, dürfen aber deren Anschluss und Nutzung nicht zwingend vorschreiben. "
I suspect that "Telekommunikationsendeinrichtungen" means the router/modem.
@@hama3254 probably depends on the type of service if Telephony is regulated in Germany in any similarity with the US.
@@Avestruz-sionistasome guy above this comment wrote about this.
Ive always had a problem with the way ISPs force you to do things their way. It was satisfying to watch someone with your skills solve the problem
Thanks!
I was able to track down the settings for my previous ISP so that I could bypass their equipment. However, when my area started having trouble, they tried to blame me for the outage, even after I swapped back to their equipment with stock settings. I really miss having fibreoptic internet, but I refuse to be a scapegoat for support people that don't know what they're talking about.
My ISP was being non-compliant circa 2018 because I was using an aftermarket (Asus) xDSL modem/router, so in the end I plugged up a Siemens Speedstream 4200 they sent me in 2004 in bridge mode and said "there ya go, I'm using the hardware YOU supplied, now fix the issue at YOUR end!"
Suffice to say they were confused when trying to TR-069 the antiquated hardware, but they admitted defeat 👍
They even sent me out their latest modem at the time for free so they could troubleshoot easier in future 🤣
"Ive always had a problem with the way ISPs force you to do things their way." That statement there says more about you than than any company ...
@@lillerosin2915what the f ck are you on about m8?😂😂😂
Since you mentioned AVM: yes they are very popular here, specifically because their routers are easy to use, but much higher quality than what your ISP might give you (in Germany it’s illegal to lock down the connection)
And thank god for that, i'm never gonna be using that Vodafone pos "router" ever again haha
Thanks to this when i switched contracts to O2, i was able to buy a 7530 in black on ebay for 50€, instead of having to pay for a provided one monthly, it's honestly the best fritzbox in it's own terms have ever used (I never liked the ones shown in the videos either tbh ahah)
What do you mean "lock down the connection"
@@seagie382the ISPs are not allowed to lock you to their provided router and need to be open to any router that should be physically compatible.
very cool @@BergischNRW
@@seagie382 Law states ISP need to provide some industry standard passive edge-of-premise-endpoint + the access credentials to allow consumers to install their own "router", and was a response to public campaigns by consumer/tech advocacy groups (like CCC) and companies like AVM. I guess from the government's POV the main point of this was to open up the market for more-than-bare-basics home network vendors like AVM more (which I guess is why they supported it) but I think the CCC folks had motivations more similar to Tomaž's.
This is a perfect reverse engineering of the box and what is done. Fair play mate.
As a fiber optic technician in Italy i can say that here (and i actually think in all europe) the ISP is forced by law to give you a way to use your own router. I work for the company that manages the infrastructure, so we work for every ISP that uses it, we install mainly 3 types of devices: Direct PON (Fiber direct to modem/router), SFP (SFP Module in router), external ONT (External terminal that you connect to a router's WAN. I first and usually second case the ISP will provide an ONT to allow you to use your own router.
Anyway the ISP using FritzBoxes use 7530/7590 for 1gbps and 5530 for 2.5gbps
Grande! Mi servirai per cambiare quello di Telecom (ftth 2.5gbps)
I don't know if we have the same law in the US, but I've never had a problem with any ISP here letting me use my own equipment.
At first they'll tell you it's required (because they charge a monthly rental for their crap modems and routers!) but the slightest push back and they'll drop it in my experience.
@@Hellosirrrr difficile visto che il gpon tim è serializzato a sistema e si dovrebbe trovare un sistema per clonare quel seriale. gpon interno o esterno?
Unfortunately it depends on the country. The law that is in place mentions customers need to be able to use their own device after the "connection point". In austria for example this is accepted to be behind the modem, allowing ISPs to force you to use their shitty modem, only allowing a bridge mode to be enabled.
It's really sad how such an actually good law from the EU can still be dragged to shit through local legislation :/
Io uso Fritzbox + Tim
Il MF del tecnico non mi ha dato le credenziali
Che faccio? Querelo? 😂
It would be an awesome move to figure out what the ISP uses to log in to the original router and run a service that responds to them trying to enter your network with some kind of "access denied" message.
"Uh uh uh! You didn't say the magic word!"
Stop it lmfao 🤣
They don't care. It's just so you get firmware upgrades. It also probably means whenever you call support they can't pull any diagnostic information.
@@cartoonhead9222 And probably "Anonymous data for marketing purposes". Also don't forget having an mandatory Backdoor into your network which you have to trust a third party with maintaining is a security risk....especially for a business.
@@cartoonhead9222 except when they don't secure their communication and now your home network is open to being taken over by anyone who wants to try. most likely, burgulars who want to get into your smart security system.
Very satisfying video. I can hear the screams from the ISP all the way here.
Decades ago I made an IPcop router out of an old PC. I had some ISP problems and called their support and they went babbling about "click on the windows icon..." and trying to make me reboot my PC since that was their normal approach to all problems even if it was unrelated. I told them that I didn't run windows on that machine and that it didn't work for any of the other machines I had behind my router.
Uttering the word "router" made the supportdesk person go ballistic screaming that I need to remove it and that I was not allowed to use such periferals "and and and..."
Quite interesting how things develop over the years.
Speaking as an engineer in the ISP space-
I'm fairly surprised they didn't offer other a plain (non-router) ONT or have a bridge mode function built into the router, at least for a business customer. It's very normal for a fiber ISP to want to have control over the ONT device and to authenticate the customer based off of the serial number - you don't have the convenient authentication mechanisms with GPON that you get with DOCSIS and there has to be a way to verify you're providing service to a paying customer. The TR-069 support is also quite normal as it's how the provider is able to actually support home users and believe me when I say this is absolutely a requirement in this day and age. The really odd bit is them not providing a way to bypass all of this: business customers will generally not want to be forced into putting their equipment behind the NAT on a soho router. Though it sounded like there might be a 1918 IP on the WAN interface so maybe they're doing some sort of fucked up CGNAT that doesn't comply with the normal standards. Perhaps this was only used for communication between the router and the SFP?
I suspect they're a smaller provider and doing a number of fairly odd things here, at leastpartially in a misguided attempt to save money with regards to the router. I am very curious what would happen if they ever wanted shut you off for non-payment - maybe they can just de-auth that serial number but there's a decent chance they'd just be sort of stuck until someone realized they could just physically disconnect you.
I bet their business and enterprise tiers are different services. This still makes sense for mom&pop shops.
Oftentimes yes but it's going to cause enough friction that I wouldn't recommend it. Requiring the customer to use the provider ONT or modem is one thing and often not unreasonable. The router is a different deal to me entirely. @@FedjaHvastija
In my experience, here in Canada, this is fairly standard practice. ISPs, both facilities based and resellers (some literally just resell the bigger ISPs service but handle all billing/customer service/tech support, though most have the ISP do onsite support, others control some or all of the service and just use the larger ISP for last mile) either use DHCP/Static IP or PPPoE (if using PPPoE, the static IP is usually assigned via DHCP after authentication). Troubleshooting when PPPoE is involved is a pain in the butt.
As for equipment, the cable companies generally are easy to work with, just put their modem/gateway in bridge mode and connect it to the WAN port of your own router, configure for DHCP or static (business account only) as needed. Even when using IPTV from the cable companies (the main 1, as of earlier this year, there is only 1 cable company, Rogers, that covers the majority of Canada after they bought the 2nd largest, Shaw) works when using your own router on ethernet or wifi. Some people say the modem/gateway still broadcasts hidden SSIDs need for the IPTV, I can't find these in my setups. The except is when you have XGS-PON FTTx from Rogers, while it's still DHCP/Static thankfully, the modem/gateway (it's a Rogers Ignite branded Comcast Xfinity modem used on cable via RG-6 Coax or ethernet to a WAN port from the ONT/ONU) can't provide multi-gig when in bridge mode because it's RJ-45 WAN port is the only multi-gig port (it's used for multi-gig LAN when using Coax WAN), but IPTV works, however if you connect your router to the ONT/ONU (I think the only option is ethernet, no SFP option) then internet works but IPTv fails after a random period of time, suspicion is that the TV set top boxes stop working after a while if they can't talk to Rogers over the hidden wifi from the modem/gateway. I have yet to personally come across a customer with Rogers XGS-PON FTTx. Unlike Comcast in the US, Rogers' branded version of the Xfinity app doesn't run on anything other than your Android phone or iPhone, so you are forced to cast and can't use it on an Android smart TV or TV box. I've complained, even told them I'm willing to pay $2.00-$4.00/month per device to be able to use their app on a smartTV or Android TV box instead of renting one of their set top boxes.
However, the phone companies (at least the major one, Bell Canada), their current modem/gateway provided on their GPON service (most common in my area) has a "bug" that turns the wifi back on after a reboot, so even if you disable it and have your router connect via PPPoE passthrough (so it gets a Public IP) there is no way to avoid the modem/gateway from broadcasting WiFi. The previous modem/gateway modem did have an SFP adapter that was fairly compatible with many routers, but it's been discontinued. As for their IPTV, in my experience, I have not been able to get the boxes to work over ethernet, only wifi, when on the ISP modem/gateway, and they also require some convoluted IGMP and VLAN configuration which I have yet to properly figure out (some have).
Eventhough it's usually cheaper (marginally) and easier to go with Bell Canada to get faster uploads (Rogers cable internet maxes out at 50Mbps, but this is fine, even for me being in IT and working from home, at least most of the time), I usually discourage clients from going with Bell because they are even worse than the cable company to deal with, and it's very impractical to use your own router, especially if you get IPTV service from them (proper full service IPTV service is only legally available in Canada when bundled with internet service, it's slowly changing).
Unfortunately, bad customer education here in Canada has lead people to believe that they subscribe to wifi and that wifi is synonymous with internet, and that they need to use their ISP provided equipment (same concept as believing that they need to only get their car serviced by the manufacturer at the dealership or get their phone repaired only by the manufacturer, whether in or out of warranty for both situations). It makes my job harder, both interms of support and interms of convincing a customer to get their own router. Even when I do, if an ISP technician comes by to do work, then then to leave the modem not in bridge mode or remove the customer's own router all together, and then the customer calls me saying things aren't working right, and then I go in, and fix it, when they ask me what I did and explain thst the ISP tech messed things up, they get frustrated (usually with the ISP, not me).
We need governments to step in and regulate ISPs (more than they are) and prevent them from providing routers, modems only, even if providing IPTV, or at least providing separate modems and routers from mainstream manufactures (no small companies like Sagemcom, Technicolour, Hitron, Arris, SmartRG, etc., I want to see ISPs provide Ubiquiti, Asus, Netgear, TP-Link, Linksys, even Cisco. I want to be able to subscribe to a dumb pipe like it used to be.
@@FedjaHvastija The whole Fritz!box series are (fairly pricey) higher end consumer devices. The only businesses that really use stuff like that are those with consumer levels of IT sophistication but why waste resources on something more complex if all you want is to connect a bunch of notebooks to the Internet.
A lot of work. A whole lot of work. We all know what countless hours means when it comes to such...projects. Thanks a million for your time, effort and sharing all that work and many many hours with us. The very leat I can do is like and subscribe.
what does it mean? i'm confused
Telling a German you're not gonna do what he tells you to. Subscribed
That router looks like something you'd find in a Fallout game.
Just sitting in a network room of the Brotherhood of Steel.
it looks kinda like the maliwan chest from borderlands 2
Looks like something from Thunderbirds lol
It looks like a Corvega LMAO
Bethesda has never been a good company to begin with..
So happy that I have the options of ISPs that let you bring your own router. The network in fibre areas basically just have a media converter device (NTD) that is the infrastructure boundary, and then the router just grabs an IP via DHCP. No PPPoE or anything anymore these days around here.
@0:15 It is an AVN Fritzbox, a great internet box, reliable and feature packed but it is a proprietary product.
You literally repeated what he said in the video…
@@user-wn2ho5ij5f But wrong...Its AVM...
Here in NZ, you are provided with a basic ONT which you can plug your own router into.
Also, the companies that manage the fibre network are by law not allowed to be an ISP, which leaves a more free and open market for internet service provider's.
If I was forced to use a locked downed router, I would be very upset; Happy that you managed to find a work-around, although you shouldn't have to.
My ISP is government-owned which is a blessing and a curse. We're forced to use their devices, but the network is rock-solid and pricing acceptable.
@@tomazzamanI know you probably don't want to point out which isp it is, but I just wanted to chime in that I've never had this much trouble setting up my own router. Either a bridge mode/trunk with copying pppoe credentials, or just straight up replacing it and just properly configuring the ipoe has always worked for me.
Otoh, I know some friends have had lots of trouble with doing similar stuff with some other providers...
What? Then what's the point then?
@@everythingpony What's the point of what? If you are referring to the fibre networks, they sell contracts to service provider's to use their network.
And I thought I had a cool solution when I convicted the ISP to turn my Frizbox into a pass-through mode.
Is this the orange or the blue ISP?
Nevermind. I saw that you explain this in your first YT video :)
I don't know where you are from, but at least here in Germany where the AVM devices are very popular in the consumer market, you have freedom of choice which modem/Router you want to use and you also have full access to the FritzBox and can set it to passthrough / modem mode yourself. So the FritzBox will just act as a modem if you want. I think there is nothing wrong with the AVM devices. They offer everything and much more than most home consumers need, are easy to set up and are of good quality and performance and have a good customer support.
Convicted? 😂
I don't think I really understood half of what you explained, but I just loved what you were doing ! Keep at it, stay free !
So happy to see FS get some recognition here. I've been using their stuff for awhile now. Such great products and they have everything you can think off. Great prices, great customer support, and they sell direct to consumer. Glad to see them getting some praise
Agreed, have been a happy customer of theirs for years. All my fiber and copper cables are theirs.
@@tomazzamanah, so you’re just holding it for them?
@@reyariass😂😂
depends. some switches and wifi system are stupidly programmed, outdated und poorly documented. sfps are great and some 10g switches arealso great. hit and miss.
I do like their stuff and purchase from them all the time, but the reviews on their website are 100% bogus.
In the UK our fibre providers place an ONT inside the property. The fibre goes in 1 port and there is an ethernet port where you can attach their supplied router, or your own if you know your login details. It seems crazy that that you have a fibre going straight into an SFP that then plugs into your router where the fibre can get disturbed, or worse, unplugged from the SFP and for someone to look down the fibre 😎
I'm familiar with a number of small telephone cooperatives here in the US who have run fiber, and they do the same as the UK. Fiber to the outside of the building, and twisted pair into the building. Don't even need a log-in, just connect whatever router you want to the ethernet cable.
The downstream power at the customer is actually pretty low, -17dBm or so it typical (20microwatt). This is from going through the passive splitter (the P in gpon). The upstream output of the SFP module is 'hot', but it won't transmit unless it is hearing the OLT, so when you start unmating the connector, it stops. Still, I don't stare into fiber ends unless I know that it is safe. I have some very unsafe-to-stare-into links.
Yo can get fibre based ethernet cables.. so run that from the port to directly inside your home.
Same for NZ. Most ISPs let you bring your own router and identify your connection based on the ONT rather than the routers themselves
My ISP in the UK allows you to use your own router, and will give you either a locked down Nokia router, or a Nokia ONT if you want to bring your own gear. The rub is, they use PPPoE and a VLAN. The PPPoE details they provided, but not the VLAN ID, so it took me a while to work that out (the Nokia router had the VLAN ID visible, thankfully).
The other problem was PPPoE is complex enough that it just sinks a lot of domestic routers at gigabit speeds. Never mind, Mikrotik to the rescue :D
In Bulgaria, the biggest ISP doesn't give you access to the settings page at all. You have to login online to port forward even... but get this... they recently removed port forwarding from the website. Now, you have to submit a request to their customer support for port forwarding. The only thing you can control online now is your SSID and password. That's it.
I'm thinking about writing a script that keeps making random requests for port forwarding to their support every day just to piss them off and show them why it's a terrible idea to make me go through them for basic configuration lol.
Do it, please
In terms of your ISP having a protocol that allows them inside your/their router, that isn't even the worst part. My ISP (and probably most or all) uses deep packet inspection on everything going in and out of your network. They see everything unless you run all your traffic through a VPN. They still know you are using a VPN but at least they can't see exactly what all the traffic is.
actually own router makes it harder to do, that and this is why some ISP's want or force their router.
why would VPN traffic be immune to deep packet inspection ?
@@laus9953 Because the traffic through the tunnel is encrypted. The ISP sees the packets that are carrying the tunnel, but can't decrypt the payloads. The best they can do is infer generally what type of traffic it could be by packet timing, such as a video stream vs. an online multiplayer game. But can't tell what the endpoints are or the specific data carried.
@@strehlow Our isp's will disconnect your internet if they can no longer decrypt the data.
* The ISP sees everything, unless it is encrytped. So if you use basically any modern website or programm this is not a problem, since everything is encrypted.
The same with VPNs: if you use them, they see everything unencrypted.
If a VPN is better for you depends on whether you use a lot of ancient (unencrypted) websites and who you trust more, the ISP or VPN.
Glad you got it sorted out. Another thing to watch out for, is the wavelength FREQUENCY, because depending on your provider, they may be using CWDM or DWDM which is essentially a device that consolidates many optical signals into a single fiber, then when it gets to its destination, it splits them back out to the individual "channels'' or frequencies. Additionally, while most of those SFP's are fixed frequency, there are also some that are programmable and can change their frequency, (and they are expensive too compared to common SFP's) and may need to talk to your hardware to determine what frequency they need to be on, if they are preset to go with your equipment.
Thanks for the explanation. That I did not know!
@@tomazzaman You are welcome, how I know this I was helping one of the sales guys from one of the sister companies of the company I work for with a demo for a major telecommunication carrier in their lab and their main goal was to test compatibility of the various manufacturers SFP's, with the various devices they use in the field. The SFPs only work when everything is just right, and naturally we discovered far more ways they don't, lol! Our company made SFP's that were smart and if they were connected to a CWDM or DWDM, they would automatically adjust their frequency with the opposite end and establish communications. This meant the telecommunications carrier didn't have to stock every single fixed-frequency SFP's to go with those optical frequency splitters which would save them a load of money and make implementation tremendously easier because there are literally hundreds of frequencies they operate on.
I wondered how you in particular got into my feed. When I realized you were from Slovenia, it all made sense. I've been listening to Siddharta all day.
Glad to have you on board! Also, great taste in music!
Good to see fritzbox design literally hasn't changed in 20 years. I remember having a smaller one like that sans the "wings" (just modem)
The newer ones are looking quite fresh though.
It looks like something straight out of Futurama. I'm not sure whether to love it or hate it for that.
@@andybrice2711 It's a brand thing. For some reason AVM have almost captured the customer provided home router market in Germany, its almost a kind of fashion item for the i-think-i-know-more-than-you-about-computers-but-not-really-actuallt crowd (very much in sync with certain cultural traits :) )
The design actually changed and they are quite good looking now. But his ISP not only gave him an underpowered one, but also an outdated one
To their credit, this was 4 years ago.
Great video, I learned a lot. I've been looking into this ever since I realized my ISP could remotely log in to the router and change a setting. Does not feel ok. I believe my ISP allows to use my own stuff, but if it's locked down like yours I'm going to war :)
Yup, had the same thoughts :)
There is a downside though, you implicitly waive the rights to any kind of support since they can't remotely check what's going on. But I prefer it that way.
@@tomazzamanYeah that makes sense. Luckily I'm pretty confident managing networks.
You have to trust your ISP anyway, so imo this isn't a huge issue. And for 99% of people, it's good for getting help.
I have two ISP. Both allow me to use my own router, and provide no support for my own. But, I have their device, so if there is a problem, I can plug it in for them to do some test or whatever. Then make the network work again for me to swap it out. One uses the MAC address as "security" and my router has the option to input a MAC so it works.
Good point, will do the same.@@boomergames8094
Tomaz, that was some really great troubleshooting there! I can only imagine how many "billable" hours it actually took you to get to were you are at the end of the video! I only just found your channel and since I'm a retired Network Admin from the US Air Force and US Army, you have definitely earned my SUB brother! Now I'm going to go watch your Router Build video! (Love your accent, LOL) Keep up the great videos and G-d bless you!
Thank you for the kind words, I'll do my best to make it educational and entertaining! Welcome aboard! 🫡
I have very little clue what you just said but I love every minute of it. Amazing you figured it out. Wish I had this kind of capability
Thank you! The key is being very curious, then digging how far the rabbit hole goes. Like in the Matrix. 💪
Incredible work ! Never get between a nerd and a problem - we will spend as many hours as it takes to resolve it 🤣
Yup, stubborness, curiosity and time. That's all it takes. 😅
😄That's funny.
Definitely.
Nerds rule!
2:25 ready for a flashbang
Oh man. What a crazy amount of work you put into this. Great job. Thanks for sharing what you learned through this process. I secretly love when stuff breaks or does not work. It's sometimes the only time where we dig in and learn new things.
Yup. If only I was capable of letting it go hahah. Thanks! :)
the lengths people go to when they really want something. amazing work!
Thank you!
It shows you how close we are to that communism 2.0 that is called the "Great Reset".
These last 3 years we had to fight to keep our jobs for not being vaccinated by a poisonous COVID vaccine. Remember?
So yes, people have to fight for a thing called freedom these days.
Not a big fan of tech ytubers, but definitely earned a follow for this video. Love the energy and character here. Great video man!
Thank you! 🙌
Hi from France ! I'm discovering your channel with this video, and I gotta say : WOAW.
This is explained clearly, packed with interesting stuff, and the technical side is also very interesting to me. Keep up, I love it and I'm subscribing !
Thank you! Comments like your make my day and push me to try and make every video better than the last. I don't always succeed, but the motivation and will are there! Have a good day yourself!
I'm from Germany and my provider gave me an own device from them, but now I also have a FritBox, and I'm so happy to could configure much more (It's still from the provider but with much more capability).
What I can recommend is a proper Rack-Mount! For Fritz boxes are some to find and are beautifully than only a plate where it stands on. :)
Here in NL we have free choice of router and/or modem. The ISPs have to provide all information necessary to replace their systems if you want to. If you have fiber you're even allowed to change your ONT out for one you get yourself, or for a router with a fiber connection.
I wish that was the case here in the UK. I've switched providers several times as only new customers, in my experience at least, are given the best deals. When I sign up, there's never an option where I can say I wish to use my own router.
@@bernardm231252% of the population voted to revoke these and many other consumer rights.
I've had ISPs that at least had the decency to provide a 'bypass' mode where their device would then act like a transparent pipe to your router behind it. I've also had ISPs who insisted that you use their device even when their device is defective and drops your connection every hour on the hour for a few seconds for ~reasons~. In the latter case it was also a VOIP phone terminal and they wouldn't tell me the ports or protocols needed to pass the traffic to the phone would work if I put that behind my own router, so I had to take matters in to my own hands.
I had one ISP where their (required) modem would need to be factory reset & configured into their network every couple weeks, to the point where eventually a technician gave me a specific URL to bookmark to do it myself whenever needed.
My Cable Router is like this. There is a bypass, but I also get my TV through it using an encrypted VPN. The Router oversees local key management (Renewing, requesting, and transmitting to local devices) I am required to have it available for software updates as well (Failing to do so will result in immediate termination) I am also required to have it available for diagnostics at random times. So, I can bypass I can't eliminate it entirely.
My ISP did offer to put my Fritzbox into "bridge" mode (same as your bypass), but I still didn't like it. Just because my own ~reasons~ 🤣
The FritzBox offers a bypass option and to use it like a fiber modem. There is no need for all this fuss.
@@silentwater79 Bridge mode, sure, but he didn't say there was a need for all the fuss... it is what he wanted & many of us can see why.
Hi from Switzerland, this is exactly the content I am looking for on youtube. First time I saw you today, I immediately subscribed! keep up the good work, the precise description of the steps, the thought process and the links to the products shown in the video. C U soon!
Thanks! And welcome on board!
Brilliant vid! Loved the investigation works that you did. I completely understand the feeling of doing anything and everything you can to get your ISP's grubby hands off of networking kit that sits inside your own house.
Thanks!
Tomaz, outstanding content and production quality. I'm amazed that you have just ~2.2K subscribers as of this writing. You have one more in me now and I'm sure you and the channel will do great things! You already are. Nice work!
Thank you for the kind words. These definitely fuel my creativity and motivation! Welcome aboard!
Awesome, congratulations - I like this spirit of going against what someone tells you it isn't possible!
You also managed to do a short but informative video!
Greetings from Switzerland
Thank you! Greetings from Slovenia! 🙌
Hi from Portugal. Around these shores ISPs use a single device that contains Wi-Fi, routing and ONT. No SFP modules here. They all use cloud connected stuff and are fully remote managed. You can use other equipment on some ISPs, but that's not allowed on others. I, for peace of mind, just put their stuff in bridge mode, and use my own OPNSense box.
Bem jogado.
Until I found this solution, I used the same, bridge mode + OPNsense.
Good job man! I too have hacked my last two different providers so that I can use only my equipment to connect to their network. It's a great feeling to get the crappy provider equipment out of the path.
I also refuse to use an isp’s router for all the same reasons you mentioned. This was a really cool video learned a lot
What a crazy amount of effort, and requiring such advanced knowledge. Congrats on beating “the system” in the end!
Thank you!
In the USA, we have a few ISP's that don't allow you to select your routers. It's difficult. My ISP allows me to own my own modem (non-router) as long as it's on their compatible list... Then I can choose whatever router I please.
To deny your ISP access to your equipment (computers, printers, phones, etc) just connect a router to it, and connect through THAT router. I even have a second router to let guests connect to the internet when visiting, but to deny them access to my home network. This set up works very well. I've been doing it since 2005.
Yep, bridge mode. I had that for a while, but didn't like it. Why have a device in my stack that serves no purpose and consumes power?
@@tomazzaman Not a bridge. Just another router connected to the other router. The second router act as a natural firewall prohibiting unsolicited traffic from gaining access. In such a set up the ISP cannot see anything.
If the router features of the modem aren't used (wifi/etc), the power consumption is minimal at best (less than 10W). If you dislike how the modem looks, gut the pcb out and stick it inside the other router. Using a second router is cheaper and easier than the hack method, but less fun.
"Hideous"?!
That's classic 1950s rocketship aesthetics.
Yep, can't deny that :D
I'd make sure you've got a couple of spares of that SFP module. They have a habit of burning out, and I've seen it several times in data centres where a dead or faulty SFP has taken out massive networks or network segments.
Yeah, but pretty rare.....
Would it help if you setup a water drip on it ....😂😂😂😂😂 , IYKYK.
@@dnatech4477 i had an sfp blow and IC before, had to get the bell tech to come out, when he pulled the sfp out of the modem, it came apart revealing the blown up IC on the board. the metal casing was stuck inside the sfp port, had to replace the modem.
Yes, but rare^^^@@Dataanti
I can't speak for this specific sfp, but it's hardly a common occurence.
Now that is dedication to solving a problem and maintaining your own independence! I love it! Respect
I would love to see a video on the procedure to ssh into the new GPON module and set the serial number or just the commands needed, thanks great video.
Here you go:
$ ssh ONTUSER@ip-of-the-SFP-moule
password: "7sp!lwUBz1" (no quotes)
then run the following command:
$ set_serial_number 12345678 (change numbers to your serial)
Awesome video, and the fact that you were cautious about not damaging the ISP equipment on the other side, shows how awesome knowledgeable you are about this. Great stuff! Greetings from Porto!
Thank you mate! Much love from Slovenia! ♥️
Fritz has been great for me for over 10 years now 😢
And that is how it's done! Outstanding job, not only because of your working result but because I would have reasoned the same process and made it work as I did on all ISPs I've ever had since the 90's. Fortunately there's no need for that anymore as my current fibre provider gives full access as standard with great overhead on top of the subscribed speed - so for the first time ever I decided to not waste time on breaking in already open doors and be happy with an honest, full service as is. Obviously yours was a tricky solution and all the best to you for solving the issue, but what matters is your mindset and determination to get to the bottom of the issue and get the full service you are paying for. That's litterally how the world moves forward, so do keep that mindset and you'll solve any problem that gets in it's way. Thank you for that - and the great video.
Thank you for the kind words. I'm not like that on purpose, it's just when my brain decides to get to the bottom of something, then I literally have problems falling asleep because I can't stop thinking about it. It's a blessing and a curse! 😅
Also need to state that he had the funds to buy many components that ended up being dead ends. If I had the space and a few thousand dollars more per year income, I'd put together my own electronics bench and putchase components for experimentation. A nerd is great, but a well funded nerd is better!
Now we need to get this to work on the ATT modems in the USA
Send one over, I'll see what I can do 😂
If you had the BGW210 (iirc) and the old ONT setup you could actually bypass the BGW by rooting it, extracting a few files, and running them on your own device. I did this and used my own router directly for years until I moved and AT&T switched to the new BGW320
ATT Fiber does this crap as well using EAPoL/EAP-TLS x509 device certs built into their routers. It should be illegal, but … Freedom! (For corps to do what they want). Luckily, at least for gigabit and below (older GPON) you can extract these certs and run this on your own router with wpa_supplicant to handle this device authentication.
@@antikommunistischaktion I can't wait for someone to figure out a way to bypass the BGW320. I have the BGW210, and I'm using pfSense to make the handshake and bypass the unit. Unfortunately, this unit maxes out at 1Gbps, so if I want one of the faster services, I need the BGW320.
Here in the US of A were still using copper coax. I still return any Xfinity modems. Were running an Arris surfboard and tplink wifi6e mesh system on 2.5gig networking. It's really nice.
I have a Fritzbox DSL router and I love it. I have played with other boxes (ASUS, Linksys) and installed DD-WRT on all of them but the AVM I have kept stock. It has everything I need and more. Yes, the Fritz is a rather closed system and that does concern me a little about the security but since it is not so common (outside of Europe).
The box you got there is quite an old model, I have a similar box for an upstairs AP but it is gone now (no Wifi 6). I am waiting for fibre, I literally see the cable 100 metres down the road waiting to be installed.
For context I have 30 years of Network experience.
Yeah, I does the job for most people and I do have it in my drawer as a backup (never needed it though). I just wasn't too keen on having a locked/closed system in my house. Just out of principle I guess. Good luck with the fibre, I hope it comes soon - it is a game changer (I got a big family, so you might imagine we put the extra bandwidth to good use 😅)
AVM are still releasing firmware / security updates for very old kit.
@@tomazzaman Agreed! Hell, I live in a (small) German town and I am very angry currently, because the village I used to live in now has fibre to the home, while the town will most likely not get it for a while! Sure I am by myself (don't have kids or a girlfriend - no, never a wife! I am not getting married - PERIOD!), still I'd love some more speed! Would speed up downloading larger games and images for the Raspberry Pi5 (took a while to get the Batocera image for the Raspi, it's a 470 or so GB file after all)
I mean Fritz products are really good
Used to run a FritzBox 7490 (I think), they work pretty well from what I remember but I didn't have a ISP locked down model. I still have mine in the cupboard, had it running for something around a year ago and it was still being supported after 9 years.
Same, I bought in the aftermarket a few 7490 for my personal and family use and I've never had any issues with them. Support for WiFi and network stability is superb and powerlines actually are decently managed lol. The design isn't the best but I'm not really buying a modem for the looks tbh
Also a 7490 fan.
call isp, get the data from them... if they won't hand it over, get another isp
I've been looking for ages to get rid of my ISP-provided Nokia ONT, thanks to your video I finally have a reference for an SFP module that might actually work! Thanks!
You are welcome!
I have the same situation with a Nokia ONT, however I need a 10Gb FSP+ module for my router. Then I need to figure out to replicate the serial nu,ber of the Nokia ONT port, which isn't easy, since it's a converter device, not a router. Any ideas?
@@kosbos1985 you should be able to get the serial number from your ISP if you ask nicely. It might also be printed on the device itself. For example my ISP added a sticker with the S/N on my ONT. There might be other ways to retrieve the S/N but I guess they would require hardware. Then again I'm no expert here, maybe someone with more experience could help here.
I had noticed SFP ports seem to have their own IP addresses, but hadn't considered using SSH to get into them.
Well done for figuring out what was necessary to bypass the ISP restrictions. ISP should understand that capable network experts do not wish to have someone else in control of the network.
I admire your perseverance, I'm much the same. But I actually like the Fritzbox industrial design and find their user interface to be excellent. I have a similar model that I use only as a wireless AP because the signal strength is superb.
Yep, interestingly enough, while I had it as my primary router, I had no issues with wifi signal in my 200sqm house.
Wouldn't it have been better to use your ISP router as a DMZ gateway and put it behind your own router of which you could fully control?
Maybe if you want to waste power. With average german energy cost it's ~3.24 euros per watt per year to run something 24/7/365.
Wow that's 0.37/kw/hr! Here in the USA I pay. 0.11-0.13/kw/hr
This is the only way to treat these awful devices. It's a crime against humanity to not let people choose their Internet access point hardware.
Edit: it seems German law agrees with me. Nice.
I got a bulbous nightmare modem from AT&T that’s been a pain to integrate into my homelab. What happened to the black boxy ones with mounting holes?? They were fine?? Now I’m stuck with a fat white batard that makes the PS5 look like high art.
ATT routers are limited and you need to disable their dns redirects via their website. I have not done it yet, but generally, you turn everything off and set a real router as the dmz or forward all ports. Dual nat. Then you can control your internal dns and use stuff like pfsense. I'll probably give this kind of thing a try at some point, hopefully someone else figures out all the details for replacing the att router entirely and it will be easy for anyone to do. People figured out how to use your own router on google fiber real fast so back when i had that, i used my own router for google fiber.
After tons of works.
ISP: Okay we are sending you new one.
Those Fritz boxes are a scourge! You're doing gods work.
i would have never imagined that those transceiver modules would have their own operating system, how bizarre
Same. They're easy to tell apart though. The ones with SoC have a much bigger "outer" part, the one that sticks out of the switch when plugged in.
As someone who previously worked for a service provider I tried to help people set up their own routers all the time, but it can be such a pain since our side we did things like RADIUS and provisioning via the SN/MAC. Thankfully in the US it's very common to have an ONT, gl replacing that, so I could almost always get whatever router they wanted working with our system. ISPs really like having their own equipment though since it allows them to do all sorts of helpful things, but also so they can try to value add with services like being able to fix an issue by going to their site and auto-resolving it. Thankfully in the US there's a lot of laws in place that allows the consumer to use their own equipment.
Yeah, I completely understand why ISPs very much prefer using their own equipment and I support that. What I hate is that I was *forced* into it and not given a choice.
Wow, don’t understand any of it but still watch till end because everything sounded so technically smart.
Respect.
You could have avoided the need to buy a new SFP module by installing the UDM Boot Script which allows you to have custom scripts run on startup.
Yeah, but then I'd need to make sure the device with the Boot Script was always online, properly configured, etc. Easier with SFP module, just works. Always.
Also, recent major version UnifiOS releases have changed a lot of things, including breaking older versions of boot scripts and services.
Absolutely brilliant! I am very glad that your hard work paid off.
Thank you!
Honestly one of the biggest pet peeves when dealing with ISPs is their crappy proprietary boxes. It makes me love the ISPs that just give you an ethernet only box because they only worry about giving you the connection and you get full control of your homes network with whatever router or switch you want.
In the UK you have to really know your stuff and look for an appropriate ISP which doesn't provide their own modems / routers so they "allow" you to use whatever you want.
I've had great success using Andrews & Arnold, though their prices aren't the best and they don't give you unlimited bandwidth unless you pay through the teeth. Aquiss have also been great and their prices are more in line with the market.
A middle ground is to find an ISP that allows their router to go into a bridged mode.
plusnet let me use my own router 👍
The concept of shopping for internet provider doesn't exist in the US. You have whatever around you. they're the only one. Where I live spectrum offers 1 GB cable. They don't offer fiber. The only alternative is satellite or 5 MB download through AT&t.
I’m with Zen internet and got on when they said they won’t put the price up when you stay in contract so still paying the same as I was when I joined.
Have my own router on it that’s entirely mine with no access from their side. Also you speak to uk engineers who actually know their stuff not read from a script. As I’ve been in IT since 1986 I’m pretty comfortable with configing It kit. Just waiting on them to finalise the VoIP stuff on something other than their supplied router, but I’m in no rush.
I actually have options, but the downside is they use the same infrastructure and gear so I'd encounter exactly the same issues.
@@davideyres955 Another happy Zenner, since we moved here from Germany 20 years ago.
The Fritz! kit looked good, and I was happy to take the 7530 gratis from them because It. Just. Works., though I'd like telnet or SSH.
We spent the lockdown time traveling around the country visiting all of the places that had absolutely no people around. It was the best of times.
I have had that same device for many years, bought it myself and absolutely love it. The modem(s) my ISP provided magically stopped working properly every couple of years, just after my 2 year contract expired. To get a replacement modem required taking another 2 year contract... what a coincidence!
Sadly, when we moved and I changed ISP, I couldn't get the Fritzbox to work with the provided settings (probably my own fault for not doing a full reset)... so I reconfigured it as a wireless repeater up the other end of the house and continued using it for several years.
Don't know what your ISP did to the unit they delivered to you, but that's not at all typical of the Fritzbox.
It is unfortunate that that particular model looks like a reject from an episode of 'The Jetsons'.
In the uk virgin media you are forced to put there router into modem mode to use your own router its impossible to use a 3rd party router without using it in modem mode because of the way how they activate the router on the docsis cable line so even if u used a different official virgin media router if it isnt activated on your line it wont work maybe u could spoof a different router with the same mac address etc idk
luckly i live in the netherlands where there are forced to open up the internet so i can use my own pfsense router
I literally just learned more in this 10 minute video than I did in my entire four year computer science degree.
ISPs locking you to thier shit routers should be ilegal. Here in Sweden you can use whatever you want. When you get Fiber you usually get a Fiber converter that just is a like a switch. Fiber in. Ethernet out. Then you connect whatever router you want. Many ISPs give you a router but you dont have to use it.
Agreed. I mean, I understand the majority of customers just needs it to work, but I still hate it that power users are forced to use this stuff.
i watched the entire video and i don't have the need for any of this lol. it was interesting!
Cheers, glad you found it entertaining!
What an astonishing piece of detective work, I don't know if you're a madman or a genius 🤣
The real question is, the ISP still able to access your back door
Heya , i have a question. My ISP requires the use of a ONR in which the fibre optic plugs into then into the router. I'm completely clueless on anything networking.
I usually run servers for my friends to play however , upon switching to this ISP , I found out that they do not allow port forwarding. I always thought that it's a router setting however no matter what I tried , i couldn't get the ports to be opened. I've disabled firewalls , ran the port forward in the router but to no avail.
i then googled that it's due to my WAN ip being a private IP . However , when i called my ISP , they said they will not assign my a public WAN ip due to security reasons. I'm stuck in a contract for the next 3 years. Is this something that I can change on my end?
Easy. Tell them that you are moving somewhere where they cant provide services to you and using that as a basis they themselves will have to void "contract" with you because if they don't and they arent providing what they supposed to provide you can sue the f out of them.
It's likely that your ISP uses CGNAT (aka. you share the same IP with other customers) so you're unable to port forward.
I literally only understood half of what you were saying, but it was engaging throughout either way. Great charisma. :D
Thank you! Glad you enjoyed it!
ISPs use modem stats and data to profile the state of the network on that leg. This allows the network engineers to look at the data for network analysis of issues causing faults. EG light levels that might have shifted, network alignment errors, and noise ingress. Statistical data from customer's modems is far more useful for network analysis because it allows you to narrow the search down rather than from the data center/headend which only reports issues on the entire node.
Appreciate the input, I wasn't aware of that. Glad I made the video - learnt so much from the comments!
You have a mic, you don't need to shout.
How about that volume button you have?
That they sold you a GPon router on a business plan blows my mind.
Thank you for this information!
On the bright side, it did come free of charge.
You mean someone else hacked the router, and you downloaded and used the hack😀
Wait. You developed your own TCP stack to hack a device online?
@@PipsTubeHe also reinvented electricity. He's the next Tesla.
I work tech support for various ISPs across America and I've gotta say that while I understand why this isn't desired for most, I'd love it if it was an officially supported option for the tech savvy. I've always been of the opinion that you should always own your network or at least have the option to own it all.
Yep, exactly. I have nothing against it. Just wish it was optional and not forced upon me.
I didn't even know that the video is 9 minutes long, I was amazed on how you narrate the story and it's quite amusing on how you reverse engineer it. Btw, that router looks like from the early 2000's when DSL still exists HAHA.
I'm so glad that my ISP let's me use my own equipment, even if they completely suck.
With me, it's the opposite. My ISP is actually great, no issues whatsoever. Except being locked into using this device.
Wow! Excellent diagnostics and considerations. Thank you so much for sharing what you found out and how you went about it.
As a Sr. net engineer, I found your video fascinating. Great engineering on your part.
Thank you! Glad you enjoyed it!
Wow, I have replicated this set up in the US with Verizon FiOS for quite a few years now! I did it with a used Nokia G-010S-A from eBay for only about $25 USD and a media converter from China that has a break-out board inside that allows for direct UART access to the SFP+ module without soldering. This combined with a USB-TTL module allowed me to program not only the serial number but also quite a few other parameters to avoid detection in the future, eg model number and so on. Verizon similarly only authenticates on serial # though. :)
I was surprised during my own journey then how little information there was on bypassing this plastic crap box, that unfortunately only had fiber connection and not removable SFP+ like yours did.
Oh wow, I had no idea one could get a media converter with UART. That would have saved me so much time! Instead I had to program an Arduino to serve as a UART bridge and the wires would stick out of the SFP module all the time. Oh well. :)
Man and I thought my BT router looked silly, this takes it to a whole new level.
In Serbia, we have admin accounts for every single ISP router. Some people get pissed and found passwords so we can have full access and freedom
I’m a Telco tech, it depends on the underlying tech on the fiber. For our company the registration is associated to the sfp connector on GPON but for XGSPON the registration is associated to the gateway. But we can bridge a 10G port direct to WAN so you can do anything you want pretty much.