From the course: CompTIA Network+ (N10-009) Cert Prep

Tour of a SOHO router

From the course: CompTIA Network+ (N10-009) Cert Prep

Start my 1-month free trial Buy for my team

Tour of a SOHO router

- Now, we've been talking about home routers in these last few episodes, so I figured I better, whoa, whoa, whoa, whoa for a minute, and let's go ahead, and talk about generically, how do we deal with these guys? There's zillions of different models of home routers out there, but there are certain things, if you understand, they all kind of work the same way. In particular, the first thing you have to appreciate, there's going to be some kind of documentation that comes with the router. Now, that documentation is going to have some very important information. The most important information it's going to have is the default IP address for the router, which on 99% of them is 192,168.0.1, or, 192,168.1.1. And it's also going to have the default username and password to log into the router, because without that, you're not going to get too far. And that's probably the most important thing you're going to get in the documentation, are those three bits of information. The other thing you're going to get on a lot of these routers is some kind of installation media, or optical media of some form. In most cases, you don't need it. Nine times out of 10, all you're getting is some little application that gets installed in Windows that helps you do the installation process, which allows you to do really the same thing you would do as if you actually just logged into the thing using your web browser using the default IP address. So once I know what the default IP address is, and the default username and password, I pretty much don't need any of that stuff. Oh, by the way, this stuff's well documented. If anytime you might forget any of this, just make sure you can look at your router and remember what its make and model is, and there's a thousand places on the internet that will get it for you. In fact, like this is a Cisco Linksys E2500, I could just go into Google and type "Linksys E2500 default username password," and there'd be about 30 websites that would bring it up. So, that's first and foremost. So in order to start configuring this guy, what you're going to have to do is plug a laptop, well, it doesn't have to be a laptop, a computer directly into one of the land side ports, it doesn't matter which one. Once you're plugged in, assuming that this guy is passing out DHCP, and he almost always is, you'll get an IP address like 192.168.1.100 or something like that. So the first thing I'm going to do is, I'm going to run an IP config. Ah, don't worry, you've seen me run IP config before. So I run an IP config, and lo and behold, I've got a 192.168.15. IP address. So it's 192.168.15.103, and my default gateway is 192.168.15.1. Now, that isn't 192.168.0 or 192.168.1, is it? Well, that's because I configured it, and I set it up that way. So let's go ahead and dive into this guy and start off by looking at, what are some of the things we can expect to see on a typical router? All right, so I've opened up my web browser, and I typed in 192168.15.1, which is my router, and here I am. Now, a couple of things you need to be aware of. This is a Cisco Linksys router, but it is using a firmware, a hip third-party firmware called DD-WRT. I like to use it because it gives me a few more features, but it's a little risky and a little unstable, doesn't matter, just be aware that that's why you're seeing what you're seeing in front of you. So let's kind of scroll through and see kind of the stuff we would expect. First of all, there's going to be some kind of status, or, where are we at right now? It'll tell us a lot of really good information. For example, it's going to tell me the WAN IP address, here's my LAN IP address for the router. It'll tell me, this is also, this particular router is also a wireless access point, I've got it all turned off right now, and it tells me that. And, do I have a DHCP server? Yep. And it's enabled. And all kinds of other little stuff like that, the amount of memory, those types of things. Okay, so invariably on these, you're going to have some kind of basic setup. And when we look at a basic setup, you're going to have to deal with, number one, your WAN connection, you can see on mine, I've said it as most people's are, my WAN connection is DHCP. That trips people out, because a lot of times they think a router has to have all static IP addresses, not at all. Little gateway routers invariably on the WAN side are DHCP, and that is where, there it is, this is my WAN IP address, and that comes from DHCP. But if I wanted to, for example, if I had a static address, I can set it up statically, and the screen will change, so I can type in all my static information if I'd like, but I don't want to do that for right now. So, we'll leave that as automatic. And there's other things like, do you want to name the router, host name, stuff like this that'll show up so people can identify it, that's a matter of personal choice. Now, here's the LAN side, on this guy, I typed in 192.168.15.1. There's a reason I did that, and that's because I don't like to use default 192.168.1-dots or 192.168.0-dots, because people know that they're there, and one of the ways that these routers can be hacked is if I know what your internal network ID is. So I do this all the time, in fact, on mine, it's even weirder than these, I'll end up using like 172.16s and stuff like that, just because nobody thinks to look there. There's some way to turn on or turn off a DHCP server, so that's all there. This has got a lot of very advanced features that I do not want to cover at this point in the game. This one's kind of interesting, a Mac address clone. This is particularly good for cable modems, because the cable company, the moment you plug your computer into the cable modem, it will memorize your Mac address, so if you unplug it and plug in a router, it can cause a lot of confusion. Now, there's nothing wrong with doing it, and the cable company can easily reset it for you, but you can avoid that altogether just by getting the Mac address from your PC and typing it in here. Now, a lot of these are also wireless devices, so you're going to see all kinds of settings for wireless access points in here. We've got whole episodes that are going to be covering wireless, but for right now, just be aware that somewhere in here, it's going to be in there. Then you have, now this is one of the reasons I use a more advanced third-party tool, is because I can turn on services that you wouldn't normally have. For example, if I wanted to SSH, or if I wanted to Telnet where I could get to a command prompt for the router itself, you can't do that with the default stuff that comes with the Linksys firmware, but I can with this. So that's one of the reasons I like having little extra toys like this. Other thing I want to show you is, and it's usually going to be under administration or something like that, here you can make your own username and password. And you really need to do this, it's critical that the moment you get a router that's under your control, you change the default username and password to something that not everybody knows. I literally have most default username and passwords for most routers memorized, and I can easily hack into your router if you don't change that. Now, here's a couple of other things that are kind of cool. Number one, here it says web access. All right? What they're saying is, if someone's going to access via webpage, how do you want them to do it? In particular, do you want 'em to do HTTP, or do you want them to use the more secure HTTPS? Now, most of the time when I'm accessing my router, I'm doing it in-house, right? I'm physically right next to it, so I don't need a lot of security, but if you wanted to, you can certainly do that. Here's the other one that's interesting, remote access. Do you want people to access this interface from the internet? If you put yes here, you're asking for a lot of trouble. (chuckles) It'll work, and some people do do it because they need to access their routers remotely, and you'll notice that it uses a non-standard port, it's not going to use port 80 by default. But, you know, you can do this, so be aware that that's there for you. And in fact, that's probably one of the things that the Network+ will ask you about is, can you configure your routers web interface remotely? And the answer is, on almost all routers, yes, but my response would be, don't do it unless you absolutely have to. Now, the other thing is that there's always going to be some kind of security. On pretty much all of these home routers, there's going to be a default type of firewall that you pretty much just turn on or you turn off. When you turn this firewall on, first of all, it's going to block any kind of incoming internet connection that wasn't started by somebody inside your network. You can make it block pings, you can make it block all kinds of stuff. And a lot of people use it, I use them, there's nothing wrong with them. But it's not a complete product, because while this will block most of the well-known stuff, you can then also do what are called access control lists. And these access control lists can set up things like, I want to prevent computers from accessing the internet on certain days or at certain times, I want certain applications to be blocked, I want certain webpages to be blocked, I want certain keywords that show up to be blocked no matter what type of application it is. This varies a lot depending on the different types of home routers, but they're all very powerful tools. The last thing I want to show you is, somewhere on here, there's going to be a firmware upgrade capability. Now, to upgrade your firmware, invariably what you're going to have to do is you download a file, either from the router company, or in this case with DD-WRT, a third party, and then you go ahead, you choose a file, and you go ahead and load it. Now, I need to warn you, if you fail on this, you'll turn your router into an ashtray. So we upgrade our routers because there's a compelling reason to do so, not because we simply like to do it. Working with routers is a lot of fun, and it's something you should practice. Everybody's got a different router, a different interface, but they all basically have the tools you just saw. However, there are times where you're going to mess up. Believe me, I've done it a thousand times, I've done it about four times today alone. When that happens, you're going to have to do a hard reset. To do a hard reset, first of all, you unplug all the cables out of the router. And in the back somewhere is going to be a reset button. Or on this guy, it's actually on the bottom. So what you do is this, use what's called the 30-30-30 rule. So you hold this down, the reset button down for 30 seconds. Then, without letting go of the reset button, you unplug, leave it down another 30 seconds. And then again, without letting go of the reset button, you plug it back in, keeping it held down for yet another 30 seconds. The reason we use the 30-30-30 rule is because there's a few different ways to hard reset a router, and the 30-30 rule covers all of them. Now, keep in mind that when you do a hard reset on this router, all of your configurations are set back to your original default. So the router's IP address is going to go back to 192.168.1.1, or whatever it is, your username and password are going to return to the factory defaults. So, a hard reset is a little bit painful, because it means you're going to have to reconfigure everything back one more time again, however, it always works, and it's a good bailout in case you make any screw ups, like I've done.

Contents