I HACKED my Internet Service Provider's router. So I could get rid of it. 

welcome to (current year) -- all ISPs are trash and haven't updated anything in decades but their prices.

Thank you Tomaz for doing these videos. There is an equal community of tech (&infosec) enthusiast here in EU and having something available here (not to mention piece of equipment I actually have) that we can work with .. and on... is really nice. Otherwise I never even thought about this issue until you mentioned the brand of your router. Most things regarding tech aren't border/country specific, but this one kinda is. So thank you. Again.

? So you get free 5G Broadband now ? 🤔 I don't understand a single word you're saying but bro 😂❤ If you were in Australia I'd send my unit to u

​@@TurboLoveTraintoday's education I doubt they already could update it if they tried 😮😢

my comes with a sock that I use to keep my part... warm for 5 dollars a month. and its even got wifi! It's called a router. lol. something like you pay for the modem but the other parts 5 dollars extra. dangle bits and all.

From the perspective of an ISP, 99% of all users can't figure it out, they can't even log into an SSID with a set password you give them, much less set their own and keep up with it. Whether you want to believe it or not, those of us that can manage their own routers and Wifi are in the minority. Tell the ISP you're running a VPN, you *require* a bridged modem, run your own router.

Same here, with shell energy except with their older ac router. Had to wipe it before it could work with the internet

Sorry, Shell Energy….as in SHELL ENERGY is an ISP?! Would literally rather go back to Dial up than fund those ghouls.

They stop you from changing the admin password?! That is not good news.

since when did shell do wifi ????

Same here in NL. The ISP has to provide all the relevant information, though they do not have to provide technical support.

As a german myself I was a bit surprised that he can't simply plug in his own device (I couldn't imagine using the crap router vodafone provided. That thing was basically a piece of e-waste).

As much as people like to bitch and moan about regulations in the EU, you guys get cool shit like that or Windows EU edition.

Wish we had that here in the states. I refuse to use an ISP router and let them have full agency over my LAN.

@@lyianx What do you mean? I live in Texas, and my dad has ALWAYS used his own routers, without even giving the ISP routers a chance lol. We haven't had a business-class connection in AT LEAST 10 years, and we've even switched ISPs in the last few years. Still able to use our own routers lol

Just sitting in a network room of the Brotherhood of Steel.

it looks kinda like the maliwan chest from borderlands 2

Looks like something from Thunderbirds lol

Thanks!

I was able to track down the settings for my previous ISP so that I could bypass their equipment. However, when my area started having trouble, they tried to blame me for the outage, even after I swapped back to their equipment with stock settings. I really miss having fibreoptic internet, but I refuse to be a scapegoat for support people that don't know what they're talking about.

My ISP was being non-compliant circa 2018 because I was using an aftermarket (Asus) xDSL modem/router, so in the end I plugged up a Siemens Speedstream 4200 they sent me in 2004 in bridge mode and said "there ya go, I'm using the hardware YOU supplied, now fix the issue at YOUR end!" Suffice to say they were confused when trying to TR-069 the antiquated hardware, but they admitted defeat 👍 They even sent me out their latest modem at the time for free so they could troubleshoot easier in future 🤣

"Ive always had a problem with the way ISPs force you to do things their way." That statement there says more about you than than any company ...

​@@lillerosin2915what the f ck are you on about m8?😂😂😂

And thank god for that, i'm never gonna be using that Vodafone pos "router" ever again haha Thanks to this when i switched contracts to O2, i was able to buy a 7530 in black on ebay for 50€, instead of having to pay for a provided one monthly, it's honestly the best fritzbox in it's own terms have ever used (I never liked the ones shown in the videos either tbh ahah)

What do you mean "lock down the connection"

@@seagie382the ISPs are not allowed to lock you to their provided router and need to be open to any router that should be physically compatible.

very cool @@BergischNRW

@@seagie382 Law states ISP need to provide some industry standard passive edge-of-premise-endpoint + the access credentials to allow consumers to install their own "router", and was a response to public campaigns by consumer/tech advocacy groups (like CCC) and companies like AVM. I guess from the government's POV the main point of this was to open up the market for more-than-bare-basics home network vendors like AVM more (which I guess is why they supported it) but I think the CCC folks had motivations more similar to Tomaž's.

Glad to have you on board! Also, great taste in music!

"Uh uh uh! You didn't say the magic word!"

Stop it lmfao 🤣

They don't care. It's just so you get firmware upgrades. It also probably means whenever you call support they can't pull any diagnostic information.

@@cartoonhead9222 And probably "Anonymous data for marketing purposes". Also don't forget having an mandatory Backdoor into your network which you have to trust a third party with maintaining is a security risk....especially for a business.

@@cartoonhead9222 except when they don't secure their communication and now your home network is open to being taken over by anyone who wants to try. most likely, burgulars who want to get into your smart security system.

what does it mean? i'm confused

I bet their business and enterprise tiers are different services. This still makes sense for mom&pop shops.

Oftentimes yes but it's going to cause enough friction that I wouldn't recommend it. Requiring the customer to use the provider ONT or modem is one thing and often not unreasonable. The router is a different deal to me entirely. @@FedjaHvastija

In my experience, here in Canada, this is fairly standard practice. ISPs, both facilities based and resellers (some literally just resell the bigger ISPs service but handle all billing/customer service/tech support, though most have the ISP do onsite support, others control some or all of the service and just use the larger ISP for last mile) either use DHCP/Static IP or PPPoE (if using PPPoE, the static IP is usually assigned via DHCP after authentication). Troubleshooting when PPPoE is involved is a pain in the butt. As for equipment, the cable companies generally are easy to work with, just put their modem/gateway in bridge mode and connect it to the WAN port of your own router, configure for DHCP or static (business account only) as needed. Even when using IPTV from the cable companies (the main 1, as of earlier this year, there is only 1 cable company, Rogers, that covers the majority of Canada after they bought the 2nd largest, Shaw) works when using your own router on ethernet or wifi. Some people say the modem/gateway still broadcasts hidden SSIDs need for the IPTV, I can't find these in my setups. The except is when you have XGS-PON FTTx from Rogers, while it's still DHCP/Static thankfully, the modem/gateway (it's a Rogers Ignite branded Comcast Xfinity modem used on cable via RG-6 Coax or ethernet to a WAN port from the ONT/ONU) can't provide multi-gig when in bridge mode because it's RJ-45 WAN port is the only multi-gig port (it's used for multi-gig LAN when using Coax WAN), but IPTV works, however if you connect your router to the ONT/ONU (I think the only option is ethernet, no SFP option) then internet works but IPTv fails after a random period of time, suspicion is that the TV set top boxes stop working after a while if they can't talk to Rogers over the hidden wifi from the modem/gateway. I have yet to personally come across a customer with Rogers XGS-PON FTTx. Unlike Comcast in the US, Rogers' branded version of the Xfinity app doesn't run on anything other than your Android phone or iPhone, so you are forced to cast and can't use it on an Android smart TV or TV box. I've complained, even told them I'm willing to pay $2.00-$4.00/month per device to be able to use their app on a smartTV or Android TV box instead of renting one of their set top boxes. However, the phone companies (at least the major one, Bell Canada), their current modem/gateway provided on their GPON service (most common in my area) has a "bug" that turns the wifi back on after a reboot, so even if you disable it and have your router connect via PPPoE passthrough (so it gets a Public IP) there is no way to avoid the modem/gateway from broadcasting WiFi. The previous modem/gateway modem did have an SFP adapter that was fairly compatible with many routers, but it's been discontinued. As for their IPTV, in my experience, I have not been able to get the boxes to work over ethernet, only wifi, when on the ISP modem/gateway, and they also require some convoluted IGMP and VLAN configuration which I have yet to properly figure out (some have). Eventhough it's usually cheaper (marginally) and easier to go with Bell Canada to get faster uploads (Rogers cable internet maxes out at 50Mbps, but this is fine, even for me being in IT and working from home, at least most of the time), I usually discourage clients from going with Bell because they are even worse than the cable company to deal with, and it's very impractical to use your own router, especially if you get IPTV service from them (proper full service IPTV service is only legally available in Canada when bundled with internet service, it's slowly changing). Unfortunately, bad customer education here in Canada has lead people to believe that they subscribe to wifi and that wifi is synonymous with internet, and that they need to use their ISP provided equipment (same concept as believing that they need to only get their car serviced by the manufacturer at the dealership or get their phone repaired only by the manufacturer, whether in or out of warranty for both situations). It makes my job harder, both interms of support and interms of convincing a customer to get their own router. Even when I do, if an ISP technician comes by to do work, then then to leave the modem not in bridge mode or remove the customer's own router all together, and then the customer calls me saying things aren't working right, and then I go in, and fix it, when they ask me what I did and explain thst the ISP tech messed things up, they get frustrated (usually with the ISP, not me).

We need governments to step in and regulate ISPs (more than they are) and prevent them from providing routers, modems only, even if providing IPTV, or at least providing separate modems and routers from mainstream manufactures (no small companies like Sagemcom, Technicolour, Hitron, Arris, SmartRG, etc., I want to see ISPs provide Ubiquiti, Asus, Netgear, TP-Link, Linksys, even Cisco. I want to be able to subscribe to a dumb pipe like it used to be.

@@FedjaHvastija The whole Fritz!box series are (fairly pricey) higher end consumer devices. The only businesses that really use stuff like that are those with consumer levels of IT sophistication but why waste resources on something more complex if all you want is to connect a bunch of notebooks to the Internet.

Is this the orange or the blue ISP?

Nevermind. I saw that you explain this in your first YT video :)

I don't know where you are from, but at least here in Germany where the AVM devices are very popular in the consumer market, you have freedom of choice which modem/Router you want to use and you also have full access to the FritzBox and can set it to passthrough / modem mode yourself. So the FritzBox will just act as a modem if you want. I think there is nothing wrong with the AVM devices. They offer everything and much more than most home consumers need, are easy to set up and are of good quality and performance and have a good customer support.

Thank you! The key is being very curious, then digging how far the rabbit hole goes. Like in the Matrix. 💪

My ISP is government-owned which is a blessing and a curse. We're forced to use their devices, but the network is rock-solid and pricing acceptable.

​@@tomazzamanI know you probably don't want to point out which isp it is, but I just wanted to chime in that I've never had this much trouble setting up my own router. Either a bridge mode/trunk with copying pppoe credentials, or just straight up replacing it and just properly configuring the ipoe has always worked for me. Otoh, I know some friends have had lots of trouble with doing similar stuff with some other providers...

What? Then what's the point then?

​@@everythingpony What's the point of what? If you are referring to the fibre networks, they sell contracts to service provider's to use their network.

Thanks!

The newer ones are looking quite fresh though.

It looks like something straight out of Futurama. I'm not sure whether to love it or hate it for that.

@@andybrice2711 It's a brand thing. For some reason AVM have almost captured the customer provided home router market in Germany, its almost a kind of fashion item for the i-think-i-know-more-than-you-about-computers-but-not-really-actuallt crowd (very much in sync with certain cultural traits :) )

The design actually changed and they are quite good looking now. But his ISP not only gave him an underpowered one, but also an outdated one

To their credit, this was 4 years ago.

Same, I bought in the aftermarket a few 7490 for my personal and family use and I've never had any issues with them. Support for WiFi and network stability is superb and powerlines actually are decently managed lol. The design isn't the best but I'm not really buying a modem for the looks tbh

Also a 7490 fan.

Thank you!

actually own router makes it harder to do, that and this is why some ISP's want or force their router.

why would VPN traffic be immune to deep packet inspection ?

@@laus9953 Because the traffic through the tunnel is encrypted. The ISP sees the packets that are carrying the tunnel, but can't decrypt the payloads. The best they can do is infer generally what type of traffic it could be by packet timing, such as a video stream vs. an online multiplayer game. But can't tell what the endpoints are or the specific data carried.

​@@strehlow Our isp's will disconnect your internet if they can no longer decrypt the data.

* The ISP sees everything, unless it is encrytped. So if you use basically any modern website or programm this is not a problem, since everything is encrypted. The same with VPNs: if you use them, they see everything unencrypted. If a VPN is better for you depends on whether you use a lot of ancient (unencrypted) websites and who you trust more, the ISP or VPN.

Agreed, have been a happy customer of theirs for years. All my fiber and copper cables are theirs.

@@tomazzamanah, so you’re just holding it for them?

​@@reyariass😂😂

depends. some switches and wifi system are stupidly programmed, outdated und poorly documented. sfps are great and some 10g switches arealso great. hit and miss.

I do like their stuff and purchase from them all the time, but the reviews on their website are 100% bogus.

I'm familiar with a number of small telephone cooperatives here in the US who have run fiber, and they do the same as the UK. Fiber to the outside of the building, and twisted pair into the building. Don't even need a log-in, just connect whatever router you want to the ethernet cable.

The downstream power at the customer is actually pretty low, -17dBm or so it typical (20microwatt). This is from going through the passive splitter (the P in gpon). The upstream output of the SFP module is 'hot', but it won't transmit unless it is hearing the OLT, so when you start unmating the connector, it stops. Still, I don't stare into fiber ends unless I know that it is safe. I have some very unsafe-to-stare-into links.

Yo can get fibre based ethernet cables.. so run that from the port to directly inside your home.

Same for NZ. Most ISPs let you bring your own router and identify your connection based on the ONT rather than the routers themselves

My ISP in the UK allows you to use your own router, and will give you either a locked down Nokia router, or a Nokia ONT if you want to bring your own gear. The rub is, they use PPPoE and a VLAN. The PPPoE details they provided, but not the VLAN ID, so it took me a while to work that out (the Nokia router had the VLAN ID visible, thankfully). The other problem was PPPoE is complex enough that it just sinks a lot of domestic routers at gigabit speeds. Never mind, Mikrotik to the rescue :D

Yup, stubborness, curiosity and time. That's all it takes. 😅

😄That's funny.

Definitely. Nerds rule!

Thank you for the kind words, I'll do my best to make it educational and entertaining! Welcome aboard! 🫡

Yup, had the same thoughts :) There is a downside though, you implicitly waive the rights to any kind of support since they can't remotely check what's going on. But I prefer it that way.

@@tomazzamanYeah that makes sense. Luckily I'm pretty confident managing networks.

You have to trust your ISP anyway, so imo this isn't a huge issue. And for 99% of people, it's good for getting help.

I have two ISP. Both allow me to use my own router, and provide no support for my own. But, I have their device, so if there is a problem, I can plug it in for them to do some test or whatever. Then make the network work again for me to swap it out. One uses the MAC address as "security" and my router has the option to input a MAC so it works.

Good point, will do the same.@@boomergames8094

Thanks for the explanation. That I did not know!

@@tomazzaman You are welcome, how I know this I was helping one of the sales guys from one of the sister companies of the company I work for with a demo for a major telecommunication carrier in their lab and their main goal was to test compatibility of the various manufacturers SFP's, with the various devices they use in the field. The SFPs only work when everything is just right, and naturally we discovered far more ways they don't, lol! Our company made SFP's that were smart and if they were connected to a CWDM or DWDM, they would automatically adjust their frequency with the opposite end and establish communications. This meant the telecommunications carrier didn't have to stock every single fixed-frequency SFP's to go with those optical frequency splitters which would save them a load of money and make implementation tremendously easier because there are literally hundreds of frequencies they operate on.

I wish that was the case here in the UK. I've switched providers several times as only new customers, in my experience at least, are given the best deals. When I sign up, there's never an option where I can say I wish to use my own router.

@@bernardm231252% of the population voted to revoke these and many other consumer rights.

Wait. You developed your own TCP stack to hack a device online?

Thank you!

It shows you how close we are to that communism 2.0 that is called the "Great Reset". These last 3 years we had to fight to keep our jobs for not being vaccinated by a poisonous COVID vaccine. Remember? So yes, people have to fight for a thing called freedom these days.

Thank you for the kind words. These definitely fuel my creativity and motivation! Welcome aboard!

Thanks! And welcome on board!

Thank you! Comments like your make my day and push me to try and make every video better than the last. I don't always succeed, but the motivation and will are there! Have a good day yourself!

Thank you! 🙌

Yep, can't deny that :D

Yup. If only I was capable of letting it go hahah. Thanks! :)

I had one ISP where their (required) modem would need to be factory reset & configured into their network every couple weeks, to the point where eventually a technician gave me a specific URL to bookmark to do it myself whenever needed.

My Cable Router is like this. There is a bypass, but I also get my TV through it using an encrypted VPN. The Router oversees local key management (Renewing, requesting, and transmitting to local devices) I am required to have it available for software updates as well (Failing to do so will result in immediate termination) I am also required to have it available for diagnostics at random times. So, I can bypass I can't eliminate it entirely.

My ISP did offer to put my Fritzbox into "bridge" mode (same as your bypass), but I still didn't like it. Just because my own ~reasons~ 🤣

The FritzBox offers a bypass option and to use it like a fiber modem. There is no need for all this fuss.

@@silentwater79 Bridge mode, sure, but he didn't say there was a need for all the fuss... it is what he wanted & many of us can see why.

Bem jogado.

Until I found this solution, I used the same, bridge mode + OPNsense.

You are welcome!

I have the same situation with a Nokia ONT, however I need a 10Gb FSP+ module for my router. Then I need to figure out to replicate the serial nu,ber of the Nokia ONT port, which isn't easy, since it's a converter device, not a router. Any ideas?

@@kosbos1985 you should be able to get the serial number from your ISP if you ask nicely. It might also be printed on the device itself. For example my ISP added a sticker with the S/N on my ONT. There might be other ways to retrieve the S/N but I guess they would require hardware. Then again I'm no expert here, maybe someone with more experience could help here.

Yeah, but pretty rare.....

Would it help if you setup a water drip on it ....😂😂😂😂😂 , IYKYK.

@@dnatech4477 i had an sfp blow and IC before, had to get the bell tech to come out, when he pulled the sfp out of the modem, it came apart revealing the blown up IC on the board. the metal casing was stuck inside the sfp port, had to replace the modem.

Yes, but rare^^^@@Dataanti

You are welcome!

Customers should not be forced to use such features.

Yes, because the troubleshooting from your ISP is going to do you any good... like enabling 802.11b... who in their right mind would do that?

@@sjoervanderploeg4340 People who say i can't use my prehistoric ultracheap Tuya smart switches. The same who wants to split 2.4 and 5GHz because the device say it should be connected to 2.4GHz. The customer bought always correct functioning hardware. It's always the problem of the ISP in the customer opinion. Same when the old laptop doesn't see the wifi6 network. In their opinion the provider should fix. And this customers say off course is not the manufacturer of the WLAN card. The bought a "good" system.. Because this customers say: it works just once before....

Totally agree. You need to know what you do and it's fun to do. But when you got problems place your ISP router back. But most don't want to do it because they know 100% sure there is a problem by the provider. And when a engineer arrived and find a problem in the customer setup they are angry about they need to pay the bill of the visit of the engineer.

​ @sjoervanderploeg4340 Well, the thing is, the users who can troubleshoot on their own are likely in the vast minority. The ISPs thus cater to the majority of their customer base, who will generally not care about it beyond "Is the wifi working? Yes/No"

Send one over, I'll see what I can do 😂

If you had the BGW210 (iirc) and the old ONT setup you could actually bypass the BGW by rooting it, extracting a few files, and running them on your own device. I did this and used my own router directly for years until I moved and AT&T switched to the new BGW320

ATT Fiber does this crap as well using EAPoL/EAP-TLS x509 device certs built into their routers. It should be illegal, but … Freedom! (For corps to do what they want). Luckily, at least for gigabit and below (older GPON) you can extract these certs and run this on your own router with wpa_supplicant to handle this device authentication.

@@antikommunistischaktion I can't wait for someone to figure out a way to bypass the BGW320. I have the BGW210, and I'm using pfSense to make the handshake and bypass the unit. Unfortunately, this unit maxes out at 1Gbps, so if I want one of the faster services, I need the BGW320.

Thank you! Greetings from Slovenia! 🙌

Yeah, I does the job for most people and I do have it in my drawer as a backup (never needed it though). I just wasn't too keen on having a locked/closed system in my house. Just out of principle I guess. Good luck with the fibre, I hope it comes soon - it is a game changer (I got a big family, so you might imagine we put the extra bandwidth to good use 😅)

AVM are still releasing firmware / security updates for very old kit.

@@tomazzaman Agreed! Hell, I live in a (small) German town and I am very angry currently, because the village I used to live in now has fibre to the home, while the town will most likely not get it for a while! Sure I am by myself (don't have kids or a girlfriend - no, never a wife! I am not getting married - PERIOD!), still I'd love some more speed! Would speed up downloading larger games and images for the Raspberry Pi5 (took a while to get the Batocera image for the Raspi, it's a 470 or so GB file after all)

Thank you!

Thank you! Happy New Year to you as well!

Here you go: $ ssh ONTUSER@ip-of-the-SFP-moule password: "7sp!lwUBz1" (no quotes) then run the following command: $ set_serial_number 12345678 (change numbers to your serial)

Thank you for the kind words. I'm not like that on purpose, it's just when my brain decides to get to the bottom of something, then I literally have problems falling asleep because I can't stop thinking about it. It's a blessing and a curse! 😅

Also need to state that he had the funds to buy many components that ended up being dead ends. If I had the space and a few thousand dollars more per year income, I'd put together my own electronics bench and putchase components for experimentation. A nerd is great, but a well funded nerd is better!

With me, it's the opposite. My ISP is actually great, no issues whatsoever. Except being locked into using this device.

Yep, interestingly enough, while I had it as my primary router, I had no issues with wifi signal in my 200sqm house.

Same. They're easy to tell apart though. The ones with SoC have a much bigger "outer" part, the one that sticks out of the switch when plugged in.

Welcome aboard! I do have a homelab, and yes, a video is planned. Thanks for the sub and Merry Christmas to you as well!

Some activities like online gaming balk at the double NAT or added difficulty opening inbound channels. But it works fine for most people, and this is basically what I do. I left my one IoT device (the photovoltaic panel monitor) on the ISP's router, and have everything else behind mine. That way the company monitoring the solar array can't see into my network.

Maybe if you want to waste power. With average german energy cost it's ~3.24 euros per watt per year to run something 24/7/365.

Wow that's 0.37/kw/hr! Here in the USA I pay. 0.11-0.13/kw/hr

ATT routers are limited and you need to disable their dns redirects via their website. I have not done it yet, but generally, you turn everything off and set a real router as the dmz or forward all ports. Dual nat. Then you can control your internal dns and use stuff like pfsense. I'll probably give this kind of thing a try at some point, hopefully someone else figures out all the details for replacing the att router entirely and it will be easy for anyone to do. People figured out how to use your own router on google fiber real fast so back when i had that, i used my own router for google fiber.

Oh wow, I had no idea one could get a media converter with UART. That would have saved me so much time! Instead I had to program an Arduino to serve as a UART bridge and the wires would stick out of the SFP module all the time. Oh well. :)

Or Fallout! :)

Agreed. I mean, I understand the majority of customers just needs it to work, but I still hate it that power users are forced to use this stuff.

Yeah, but then I'd need to make sure the device with the Boot Script was always online, properly configured, etc. Easier with SFP module, just works. Always.

Also, recent major version UnifiOS releases have changed a lot of things, including breaking older versions of boot scripts and services.

Thanks a lot!

Unfortunately, for a reason unknown to me, my ISP doesn't disclose their VLANs. I had to look for them on my own. You're lucky to have a very flexible ISP!

At least in Germany it is a law to enable users to have theyre own router. I use a Sophos SG115 as my FW with UTM9 only the ONT is still from the ISP.

Thank you mate! Much love from Slovenia! ♥️

Damn, 5gbps is next level. You're living the the future! :D

Hahah, I was thinking to myself "which car does this remind me of?" Now I know :)

If I had to use one of these, I'd be tempted to repaint it in the colour-scheme of the Planet Express ship.

Yeah, I completely understand why ISPs very much prefer using their own equipment and I support that. What I hate is that I was *forced* into it and not given a choice.

Yep, exactly. I have nothing against it. Just wish it was optional and not forced upon me.

Glad it was helpful!