BT Voyager 205 Router Thread

	Posts
BT Voyager 205 Router (Forums : Tech Support : BT Voyager 205 Router)	Locked
Thread Options
xSqUiDx Frank made me do it	Apr 20 2005 Anchor
I hate this router so much. - i've only just found the drivers for it so i can use my usb for my pc and my ethernet for any consoles. But, i can't host games online like CSS, HL, UT2004, AVP etc.. because the router stops people connecting to me. I need to set up a DMZ for the router for use on my pc games when i host. I can set it up for the consoles easily, just not for my pc... can anybody shed some light on this peace of junk and how to set up a DMZ for my own pc connection??? --
Nemor Moddb Monkey	Apr 21 2005 Anchor
Ironically, the best way to begin hacking this thing, is to start with the web interface.. 192.168.1.1 (the preset default address, you can change this) If you have a static IP on your puter, ensure you are in the same "subnet", in other words; 192.168.1.something (if your whole LAN uses static IP's and they are not on that subnet, you can change the IP of the router to match your LAN, though you will have to temporarily flip your computer's IP to 192.168.1.3 to alter the router's IP to 192.168.0.1 (or whatever), oh the pain! but you can also create "virtual" ethernet connexions, serving multiple subnets) note: the 205, as supplied by BT comes insecure out of the box. I think BT imagined the ethernet port would be used only by XBox and PS2 gamers, or perhaps they wanted to drop in sometime. anyway, the unit connects itself to your favourite ISP right at startup, so first thing to set is.. Advanced >> Security >> IP Filter set this to "High", which is better than it was, but not a lot. Apply, and Save your changes. (the oddly-placed red save button appears on all the advanced pages) now you can breathe a little while you get this thing properly secure and working the way you want it to. after enabling the basic security, setup any other stuff you understand, save again, then go to.. Advanced >> System >> Backup Config and click the 'Save Config' button, which will save the current configuration to your hard drive. this exported file is no more than a list of cli commands for the voyager router. with this list of commands, you can recreate your router's current state at any time in the future. make a copy of that file, and start adding to it. Later you can upload it to the router via FTP, and use it as your default command set. Next: 192.168.1.1 ( High Medium Low means choose one of them ) You will probably want to begin by stealthing your router. A stealthed router sends a definite signal to any potential attacker, and also refuses to needlessly leak information about your computing environment. You can stealth a voyager 205 with just two simple commands.. create ipf rule entry ruleid 5 dir out act accept storestate enable seclevel high medium low create ipf rule entry ruleid 500000 ifname public dir in act deny seclevel high medium low Much better! a simple start. Now you got stealth, nothing's getting in! so if you want to run any servers, ftp server, web server, whatever, or effectively use any p2p application, you'll need to create individual rules to allow this inbound traffic, inserting them numerically between the two magic stealth rules above. an example BitTorrent rule.. create ipf rule entry ruleid 6881 ifname public dir in act accept destport range 6881 6899 transprot eq tcp seclevel high medium low replace a timeserver entry.. modify sntp cfg disable delete sntp servaddr dname Time.apple.com create sntp servaddr dname ntp0.strath.ac.uk modify sntp cfg enable get sntp stats time to live.. modify ip cfg ttl 64 enable ppp keepalive.. modify ppp global keepalive enable ppp sessions time-out after thirty minutes inactivity. let's change that.. modify ppp global pppsesstimer nevertimeout maximum number of IP sessions the modem can manipulate simultaneously.. default is 192, max is 512. modify nbsize maxipsess 512 a ballpark figure.. grin Last but not least (The only part you're wondering about but theres some good tweaks above for keeping your modem active instead of the 2 hour cut off thing it tends to do. Also allows steam servers to appear non-laggy, without it you would be getting 1,000 2,000 ping in server list consequently taking you forever to join a game) alg rules... "Application Layer Gateways" are clever things, allowing you to run IRC and ICQ clients, FTP servers and the like without endless firewall hassles, thanks to the 205's "stateful inspection" mechanisms. Most of the common ones are already in place, but if you need something special, you can add it yourself. This example would allow you to connect successfully to an IRC server running on a non-standard port, in this case port 7000.. create alg port portno 7000 prot num 6 algtype mirc PS. I couldn't be bothered writing my own method as mine was less generic and more specific. So here's one copy/pasted from a site that is now down I beleive, I managed to save the webpage from temp net files. Happy hacking. Edited by: Nemor -- E-Force Mod Leader, Modeller & Mapper. Eforcemod.net Eforcemod.net
xSqUiDx Frank made me do it	Apr 21 2005 Anchor
ahh thanks man. yeah i started hacking it before, but i really couldn't be arsed setting up all the ports for every single game /application in telnet - a real pain in the ass if you ask me :p but yeah i'll keep a look out for other ways. Might have to look more into port forwarding. Cheers anyway m8! --
T-RonX Warm Milk	Apr 22 2005 Anchor
<delete me> Edited by: T-RonX -- _______________ modDB oldtimer

Thread Options

xSqUiDx Frank made me do it

Apr 20 2005 Anchor

I hate this router so much. - i've only just found the drivers for it so i can use my usb for my pc and my ethernet for any consoles. But, i can't host games online like CSS, HL, UT2004, AVP etc.. because the router stops people connecting to me. I need to set up a DMZ for the router for use on my pc games when i host. I can set it up for the consoles easily, just not for my pc... can anybody shed some light on this peace of junk and how to set up a DMZ for my own pc connection???

--

Nemor Moddb Monkey

Apr 21 2005 Anchor

Ironically, the best way to begin hacking this thing, is to start with the web interface..

192.168.1.1 (the preset default address, you can change this)

If you have a static IP on your puter, ensure you are in the same "subnet", in other words; 192.168.1.something (if your whole LAN uses static IP's and they are *not* on that subnet, you can change the IP of the router to match your LAN, though you will have to temporarily flip your computer's IP to 192.168.1.3 to alter the router's IP to 192.168.0.1 (or whatever), oh the pain! but you can also create "virtual" ethernet connexions, serving multiple subnets)

note: the 205, as supplied by BT comes insecure out of the box. I think BT imagined the ethernet port would be used only by XBox and PS2 gamers, or perhaps they wanted to drop in sometime. anyway, the unit connects itself to your favourite ISP right at startup, so first thing to set is..

Advanced >> Security >> IP Filter

set this to "High", which is better than it was, but not a lot. Apply, and Save your changes. (the oddly-placed red save button appears on all the advanced pages) now you can breathe a little while you get this thing properly secure and working the way you want it to. after enabling the basic security, setup any other stuff you understand, save again, then go to..

Advanced >> System >> Backup Config

and click the 'Save Config' button, which will save the current configuration to your hard drive.

this exported file is no more than a list of cli commands for the voyager router. with this list of commands, you can recreate your router's current state at any time in the future. make a copy of that file, and start adding to it. Later you can upload it to the router via FTP, and use it as your default command set.

Next: 192.168.1.1

( High Medium Low means choose one of them )

You will probably want to begin by stealthing your router. A stealthed router sends a definite signal to any potential attacker, and also refuses to needlessly leak information about your computing environment. You can stealth a voyager 205 with just two simple commands..

create ipf rule entry ruleid 5 dir out act accept storestate enable seclevel high medium low
create ipf rule entry ruleid 500000 ifname public dir in act deny seclevel high medium low

Much better! a simple start.

Now you got stealth, nothing's getting in! so if you want to run any servers, ftp server, web server, whatever, or effectively use any p2p application, you'll need to create individual rules to allow this inbound traffic, inserting them numerically between the two magic stealth rules above. an example BitTorrent rule..

create ipf rule entry ruleid 6881 ifname public dir in act accept destport range 6881 6899 transprot eq tcp seclevel high medium low

replace a timeserver entry..

modify sntp cfg disable
delete sntp servaddr dname Time.apple.com
create sntp servaddr dname ntp0.strath.ac.uk
modify sntp cfg enable
get sntp stats

time to live..

modify ip cfg ttl 64

enable ppp keepalive..

modify ppp global keepalive enable

ppp sessions time-out after thirty minutes inactivity. let's change that..

modify ppp global pppsesstimer nevertimeout

maximum number of IP sessions the modem can manipulate simultaneously..
default is 192, max is 512.

modify nbsize maxipsess 512

a ballpark figure.. *grin*

Last but not least (The only part you're wondering about but theres some good tweaks above for keeping your modem active instead of the 2 hour cut off thing it tends to do. Also allows steam servers to appear non-laggy, without it you would be getting 1,000 2,000 ping in server list consequently taking you forever to join a game)

alg rules...
"Application Layer Gateways" are clever things, allowing you to run IRC and ICQ clients, FTP servers and the like without endless firewall hassles, thanks to the 205's "stateful inspection" mechanisms. Most of the common ones are already in place, but if you need something special, you can add it yourself.

This example would allow you to connect successfully to an IRC server running on a non-standard port, in this case port 7000..

create alg port portno 7000 prot num 6 algtype mirc

PS. I couldn't be bothered writing my own method as mine was less generic and more specific. So here's one copy/pasted from a site that is now down I beleive, I managed to save the webpage from temp net files.

Happy hacking.

Edited by: Nemor

--

E-Force Mod Leader, Modeller & Mapper.

Eforcemod.net
Eforcemod.net

xSqUiDx Frank made me do it

Apr 21 2005 Anchor

ahh thanks man. yeah i started hacking it before, but i really couldn't be arsed setting up all the ports for every single game /application in telnet - a real pain in the ass if you ask me :p but yeah i'll keep a look out for other ways. Might have to look more into port forwarding. Cheers anyway m8!

--

T-RonX Warm Milk

Apr 22 2005 Anchor

Edited by: T-RonX

--

_______________
modDB oldtimer