Change Nokia Router/ONT to bridge mode

varkey

Regulars
Messages
922
Thanks @C3PO How much did you pay for that device? The base variant seems to 160 USD or so. Is it available in India directly?

Yep, I agree, although if you run OpenWRT or something, you can have any number of WAN interface. A MikroTik also would let you add any number of WAN interfaces. But yeah with OpenWRT, the WAN throughput would be limited, but then it isn't a problem unless we are talking gigabit speeds.

Yeah the IPS/IDS things would be bit resource intensive.

I had looked at pfSense earlier, but then I felt it was overkill at least for my use cases. So stuck with OpenWRT and MikroTik for now.

There's also pfSense supported mini pcs available on AliExpress with 4 Intel NICs etc for around 150 USD or so, can try that approach too, if anyone else is interested in going the pfSense path. ;)
 

C3PO

Regulars
Messages
92
Location
Pune
Thanks @C3PO How much did you pay for that device? The base variant seems to 160 USD or so. Is it available in India directly?
No, this was ordered directly from the US for about $550 including shipping.

Yep, I agree, although if you run OpenWRT or something, you can have any number of WAN interface. A MikroTik also would let you add any number of WAN interfaces. But yeah with OpenWRT, the WAN throughput would be limited, but then it isn't a problem unless we are talking gigabit speeds.
I am glad to see options like this. The only reason why i went with pfSense is because it is open source and I didn't want to shell out money for an annual subscription plan for the router/firewall maintenance updates.

Yeah the IPS/IDS things would be bit resource intensive.
It can be, hence they advise you to run it only on the main LAN port, not on all interfaces.

I had looked at pfSense earlier, but then I felt it was overkill at least for my use cases. So stuck with OpenWRT and MikroTik for now. There's also pfSense supported mini pcs available on AliExpress with 4 Intel NICs etc for around 150 USD or so, can try that approach too, if anyone else is interested in going the pfSense path.
Yes, it would be better if you bought a Chinese low power PC with min 4 GB RAM, 4 Intel NICs (important to have only Intel not Realtek) an an AES-NI capable CPU. MMC or SSD storage is up to you. These are avaialble on AliExpress. I use a Transcend 128 GB MSata SSD on my Netgate box. It dual boots OPNSense, another open source firewall, which is installed on the built in and non removable MMC.

My router isn't capable of 1 Gbps on PPPoE but when I bought it in early 2016 these speeds were just a dream. Now with Jio maybe it will push the market to offer faster services though they will be expensive to start. It may be time for an upgrade.

To its credit the Netgate appliance has performed faultlessly.
 

varkey

Regulars
Messages
922
I am glad to see options like this. The only reason why i went with pfSense is because it is open source and I didn't want to shell out money for an annual subscription plan for the router/firewall maintenance updates.
The MikroTik hAP ac² is a pretty decent device, you can get it for about 5k or so. Continous maintenance updates, supports multiple WAN interfaces and pretty much anything you want. The hardware is decent too, can do Gigabit WAN with basic IP filters and queues if you need it.

Wireless performance is pretty good too.

MikroTik

Yeah, you'll not get any other IPS/IDS and the flexibility of pfSense though, but as a router it does a great job.

Yes, it would be better if you bought a Chinese low power PC with min 4 GB RAM, 4 Intel NICs (important to have only Intel not Realtek) an an AES-NI capable CPU. MMC or SSD storage is up to you. These are avaialble on AliExpress. I use a Transcend 128 GB MSata SSD on my Netgate box. It dual boots OPNSense, another open source firewall, which is installed on the built in and non removable MMC.
Yep, I spent some time researching and then decided against it at least for now. But yeah, if I need to go for something more powerful in the future, will definitely go for a minipc + pfsense.
 


C3PO

Regulars
Messages
92
Location
Pune
The MikroTik hAP ac² is a pretty decent device, you can get it for about 5k or so. Continous maintenance updates, supports multiple WAN interfaces and pretty much anything you want. The hardware is decent too, can do Gigabit WAN with basic IP filters and queues if you need it. Wireless performance is pretty good too.
Sounds like a very good deal for the price.

Yep, I spent some time researching and then decided against it at least for now. But yeah, if I need to go for something more powerful in the future, will definitely go for a minipc + pfsense.
Other than being free, the thing with pfSense/OPNSense is both provide not just power but flexibility. They can scale up to an enterprise level solution if required given the right hardware. It's a bit complex to set up compared to home routers but once done it just hums along for years on end. And both solutions get regular updates in form of bug fixes, feature additions, applicable to FreeBSD OS updates too.
 

Dragooon

Member
Messages
5
@C3PO do you have any sort of special configuration on the ONT? I am on Airtel with the same router and they are simply refusing to give me any sort of ONT, I bought a Tenda one from Amazon but I am unable to get it to work.
 

varkey

Regulars
Messages
922
@Dragooon They most likely allow only whitelisted ONTs or those which are able to authenticate with the OLT. Just buying one from Amazon won't work out. Unless you can make it appear as though its your Airtel provided ONT.
 


C3PO

Regulars
Messages
92
Location
Pune
@C3PO do you have any sort of special configuration on the ONT? I am on Airtel with the same router and they are simply refusing to give me any sort of ONT, I bought a Tenda one from Amazon but I am unable to get it to work.
As mentioned in my post my router was swapped for a dumb ONT/ONU (Nokia G-010G) that operates only in bridge mode. The techs were not willing to change the router (Nokia G-140) to bridge mode because it's against their policy.

Also, the Tenda will not work (PON keeps flashing) until the LOID is registered in the OLT. The alternative is to use the same LOID as the previous CPE. It is also registered by MAC address and possibly serial number as well. You will need to get Airtel to do that for you.
 

Dragooon

Member
Messages
5
@C3PO can you tell me the PPPoE / VLAN settings (except the username / password) for your TataSky Broadband? My stupid thing got reset and I am unable to find it online.
 

C3PO

Regulars
Messages
92
Location
Pune
@Dragooon sorry mate, the router was returned over a month back..mentioned in my earlier post. I do not remember the VLAN # any more. I am now using a dumb ONT which cannot be accessed via the WAN port of my router/firewall. For PPPoE you need to use your current username & password combination. If you cannot reconfigure the router contact TSBB's call centre for assistance. They can also help in resetting the username and password. This is sent to your RMN by SMS.
 

Dragooon

Member
Messages
5
All right, thanks! I contacted them but they refused to do anything except send a technician, so I'll just wait I guess.
 

Similar threads


Top