Solved

Can't access Internet Routers via web

Posted on 2015-02-23
15
429 Views
Last Modified: 2015-03-03
I never used to have this problem before until recently:
If you have an internet router like Linksys, DLink, or Netgear and enabled "Remote Management" functionality in UI, you can log to your router over the internet by using IP addresss. http://64.44.33.112:80 or http://64.44.33.112:8080 depending on how you set the port.
Well gone are the days when it used to work.

I have recently purchased two Linksys E2500s and DLink  DIR-601 at two separate locations. I can't access one of two Linksys E2500s and DIR-601. It fails with the message: This page can't be displayed.
If I restart the routers, then it works for a while (days), but then I can't access them anymore. The strange thing is that while I can't access them remotely, they continue to provide Internet access to users.

Of course I called tech support of both companies located overseas - useless piece of whatever. They all say "apply firmware". Well that is what I do first whenever I purchase these internet routers. Then they say "reset to factory setting" like they are reading off the script.

Having said that, are people out there experiencing the same problem with these piece of what garbage routers?
Is this what I should come to expect when I buy $100 range routers anymore?
Should I buy expensive routers like Linksys AC1900 or Netgear Nighthawk X6 AC3200? I like to hear from you what are some of the better routers out there as they are so many out there anymore.
0
Comment
Question by:sglee
  • 6
  • 6
  • 3
15 Comments
 
LVL 37

Assisted Solution

by:Bing CISM / CISSP
Bing CISM / CISSP earned 375 total points
Comment Utility
> It fails with the message: This page can't be displayed.

first a silly question - have your properly enabled the remote management setting on the two routers? :) for some routers, an additional firewall rule should be also applied.

one more thing to confirm: which protocol (HTTP or HTTPS) is set for remote management connection? if HTTPS, commonly a self-signed certificate should be manually accepted on the brower running at remote side.

> If I restart the routers, then it works for a while (days), but then I can't access them
anymore.

a bit confusing. are you saying you can't remotely managed the router but you can restart it anyway? or, you were doing some tests physically beside the router and restarted it from a local computer?

this way, how did you try managing the router remotely? just access it from your LAN but to the WAN interface of the router? if so, for some routers, rules or limits may apply for this kind self-access to WAN.
0
 
LVL 6

Expert Comment

by:Matt
Comment Utility
Why would you like to manage router from outside interface? Did you at least set filter which IP is allowed to Access management page?
0
 

Author Comment

by:sglee
Comment Utility
Browser AddressRouter LoginLinksys UIRouter Internet Setup
@bbao & matt
In any of these routers, you can enable Remote Management and change the port number as seen in the screenshots above.
This linksys router WRT54G2 is at my customer site and I am accessing it from my office using either static IP address (or Dynamic DNS).

Let me explain the network structure:
Typically I have my router connected to ISP's Internet modem (Time warner, for example) and the ISP's modem is set as Bridge Mode. If the Internet account comes with Static IP address, then I populate Static IP information on the router. If it comes with Dynamic IP account, then I set it as to get IP information from ISP's DHCP server.

You can access your internet router from anywhere there is an internet connection using IP address and make necessary changes (i.e.., port forwarding, password update ...).
0
 
LVL 6

Accepted Solution

by:
Matt earned 125 total points
Comment Utility
Use at least HTTPS. You are here playing with fire. HTTP - clear text for user and password, you could be easily hacked.

Can you check if this Linksys supports DD-WRT, Tomato? They allow SSH Access.
0
 
LVL 37

Expert Comment

by:Bing CISM / CISSP
Comment Utility
ever tested the uplink speed? too slow?
0
 

Author Comment

by:sglee
Comment Utility
@Matt
I will use https instead. Thanks for the suggestion.
What does DD-WRT, TOMATO do for us with respect to this problem?

@bbao
Uplink speed is typically 0.75 Mbsp to 2Mbps depending on the site.

Let me ask you both: Have you installed these retail/home grade internet routers and enabled remote management in the past?
0
 
LVL 6

Expert Comment

by:Matt
Comment Utility
I never manage SOHO router from the outside. Management should be fixed to specific IP addresses, SSH, HTTPS is really minimum.
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Author Comment

by:sglee
Comment Utility
I like to hear from the experts who have experience in dealing with SOHO (Linksys, DLink, NetGear ... etc)  routers.
0
 
LVL 37

Expert Comment

by:Bing CISM / CISSP
Comment Utility
i have both Linksys and D-Link products at home office though not the exact same models mentioned above, one of them has been enabled remote management (not directly to the internet as they are internal).

BTW, to be honest i don't really like your last comment as it sounds unfriendly and directly ignores @Matt's comment. experts here are volunteers and not paid for helping people, and they should be respected for their contributions. you probably pay EE for their services but not the experts here.
0
 

Author Comment

by:sglee
Comment Utility
@bbao,
 
  I am sorry that my comment (ID: 40629838) came across unfriendly.

  Here is my take. The reason I posted this question is because  I have exhausted all my options. Therefore, I like to hear from people who actually have handled these  type of situations with home grade routers.

  I know the fact that the experts here are not paid and I appreciate their effort greatly. But sometime I wish they only responded to the questions that they have direct & personal experience with.

  In this case, if you have been installing these retail grade routers ( as I do frequently for small businesses/network), you would have experienced what I have experienced.

  Again please accept my apology.
0
 
LVL 37

Expert Comment

by:Bing CISM / CISSP
Comment Utility
@sglee i understand your point and the requirement but please be aware it's not uncommon that an expert knows how-to against a particular product which s/he never touched in the past simply because the concepts, principles and practices are the same.

i have checked the screenshots given above and they all look fine for me. i think you have done everything correct in the firmware configuration for enabling remote management. if it simply does not work then it might be something wrong in the middle between the router and your remote site. (let's assume your router and firmware works as expected.)

what i would do is to, when you are on-site, directly connect your laptop to the WAN port of the client's Linksys device over a crossover cable. after manually configuring your laptop's LAN interface with a proper IP (such as 7.6.200.19 or even to directly simulate the gateway 7.6.200.17), you can use the exact same way to access the router over its WAN port without anything blocked in the middle. this will make sure the router can hear you, or in other words, the request can be delivered.

of course, you may ask your client to do the same thing if you can't be on-site and your client is technically eligible to do so.

again, as @matt suggested above, it is highly not recommended to enable remote management over HTTP as your client's sensitive information will be completely exposed to the internet. use HTTPS least. personally, i would set up a VPN to the client's site and access the router over its LAN port as usual.
0
 

Author Comment

by:sglee
Comment Utility
@bbao
I know for a fact that if I connect a computer to the router directly, then I can access the router by 192.168.x.1. We all know that.

Again I am looking to hear from those who do install SOHO routers on a regular basis and also experiencing the same problem as I do to solve this particular problem.
0
 
LVL 37

Assisted Solution

by:Bing CISM / CISSP
Bing CISM / CISSP earned 375 total points
Comment Utility
> I can access the router by 192.168.x.1.
We all know that.

you got me wrong, i was NOT asking you to acess the router by its LAN interface on 192.168.x.1.

it's to the WAN interface!

this lets your laptop directly talk to the WAN interace on the static IP 7.6.200.18 / 255.255.255.252, and get rid of anything possibly blocking your remote access to the router over WAN (again, NOT LAN) as you expect.

your laptop has to use the IP 7.6.200.17 / 255.255.255.252 to simulator the default gateway.

BTW, your laptop can't use the IP 7.6.200.19. sorry last time i didn't notice the router's mask was restricted to 255.255.255.252. the picture looked small on my mobile.

for more details, please better read my last comment again:

"directly connect your laptop to the
WAN port of the client's Linksys device
over a crossover cable. after manually
configuring your laptop's LAN interface
with a proper IP (such as 7.6.200.19 or even to directly simulate the gateway
7.6.200.17), you can use the exact same
way to access the router over its WAN
port without anything blocked in the
middle. this will make sure the router
can hear you."
0
 

Author Comment

by:sglee
Comment Utility
@bbao
Thanks for the suggestion, but I don't want to keep a laptop or desktop onsite to monitor the router. The remote management should simply work period. No other device or configuration necessary.
0
 
LVL 37

Assisted Solution

by:Bing CISM / CISSP
Bing CISM / CISSP earned 375 total points
Comment Utility
> I don't want to keep a laptop or desktop onsite to monitor the router.

come on mate, that's for TEST only, to troubleshoot the problem!

who told you to monitor the router this way? actually, this way will disconnect the client's internent connection at all (the router no longer connects to the modem), hence you can't monitor the traffic at all. that's why you have to be on-site physically doing this test.

as mentioned in my previously, it is to SIMULATE the gateway in order to determine where the hell the problem is!

if you could access the router this way, that means something must be wrong in the middle between your client's site to your office. NOT anything wrong on router.

If you could NOT access the router this way either, then it must be something wrong with the router itself as your configuratiin looks good.

again, it is for TEST, just a way to find where the problem is!

does it make sense now?
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
This paper addresses the security of Sennheiser DECT Contact Center and Office (CC&O) headsets. It describes the DECT security chain comprised of “Pairing”, “Per Call Authentication” and “Encryption”, which are all part of the standard DECT protocol.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now