cancel
Showing results for 
Search instead for 
Did you mean: 

Unlocking the potential of Sagemcom 2704N

Community Veteran
Posts: 2,286
Thanks: 109
Fixes: 4
Registered: ‎18-02-2013

Re: Unlocking the potential of Sagemcom 2704N

I'm looking for SSH access to see my firewall logs.
Could you point out where i've asked for help with bridging mode  arsh?
Darsh
Grafter
Posts: 48
Registered: ‎12-03-2015

Re: Unlocking the potential of Sagemcom 2704N

Ah, sorry, confused you with the previous requestor (was too lazy to read your overquoting).

Darsh
rogerx1
Grafter
Posts: 27
Thanks: 4
Registered: ‎10-11-2014

Re: Unlocking the potential of Sagemcom 2704N

Quote from: Darsh
Confirmed, to enable pings to the WAN interface, you need to add the following lines to your config:
<DslCpeConfig version="3.0">
  <InternetGatewayDevice>
    <X_BROADCOM_COM_AppCfg>
      <IcmpCfg>
        <NetworkAccess>LAN or WAN</NetworkAccess>
      </IcmpCfg>
    </X_BROADCOM_COM_AppCfg>
    <WANDevice instance="1">
      <WANConnectionDevice instance="1">
        <WANPPPConnection instance="1">
          <X_BROADCOM_COM_FirewallException instance="1">
            <Enable>TRUE</Enable>
            <FilterName>ICMP</FilterName>
            <Protocol>ICMP</Protocol>
          </X_BROADCOM_COM_FirewallException>
          <X_BROADCOM_COM_FirewallException nextInstance="2" ></X_BROADCOM_COM_FirewallException>
        </WANPPPConnection>
      </WANConnectionDevice>
    </WANDevice>
  </InternetGatewayDevice>
</DslCpeConfig>

Works now.

Darsh

Has anyone managed to get pings to work in "Fibre" mode?
I can see the firewall is enabled under the WANPPPConnection section (in this case eth3), but when I add the firewall exception, the router rejects the XML file when I attempt to reload it.
The <IcmpCfg> section is accepted without any errors.
Matty123123
Grafter
Posts: 96
Thanks: 2
Registered: ‎01-04-2015

Re: Unlocking the potential of Sagemcom 2704N

Quote from: grm
(only using it as an AP so wouldn't expect any firewall entries)

Hello grm,
I've had a play with OpenWrt, and I was wondering if your any good at playing with openwrt firmware.  The wireless chipset is supposed to be fully supported, but I cant get it working right/fully?

EDIT:
oh <beep> forget it,   it has the wrong PCI - ID
EDIT2:
Never mind... got it working
brueton
Grafter
Posts: 310
Thanks: 5
Registered: ‎03-07-2009

Re: Unlocking the potential of Sagemcom 2704N

@rogerx1
Quote
Has anyone managed to get pings to work in "Fibre" mode?

Yes, I am on Fibre and have"pings" working.
IPv4 by modifying and reloading the config file.
IPv6 by using the ip6tables command from the command line http://community.plus.net/forum/index.php/topic,138295.msg1224689.html#msg1224689.

Pete
rogerx1
Grafter
Posts: 27
Thanks: 4
Registered: ‎10-11-2014

Re: Unlocking the potential of Sagemcom 2704N

Thanks Pete. That gives me hope although I am obviously getting something wrong - I wil persist!
I am using IP4 so just trying to modify the config file as per Darsh's note and adding the firewall exception XML inside the WANPPPConnection section of the file but the file is rejected as invalid when I try to upload it to the router (I can make other changes to the file and re-upload without problem)
I am using the stock firmware.
brueton
Grafter
Posts: 310
Thanks: 5
Registered: ‎03-07-2009

Re: Unlocking the potential of Sagemcom 2704N

I was using the stock firmware as well.
In case it is of any use here is the output from a linux diff for the two files, noping.txt & ping.txt.
diff noping.txt ping.txt
19a20,22
>      <IcmpCfg>
>        <NetworkAccess>LAN or WAN</NetworkAccess>
>      </IcmpCfg>
676a680,685
>   <X_BROADCOM_COM_FirewallException instance="1">
>            <Enable>TRUE</Enable>
>            <FilterName>ICMP</FilterName>
>            <Protocol>ICMP</Protocol>
>          </X_BROADCOM_COM_FirewallException>
>          <X_BROADCOM_COM_FirewallException nextInstance="2" ></X_BROADCOM_COM_FirewallException>
rogerx1
Grafter
Posts: 27
Thanks: 4
Registered: ‎10-11-2014

Re: Unlocking the potential of Sagemcom 2704N

Apart from the line numbers, that diff is the same as mine, so either something else in my config causes a conflict or I am putting the firewall exclusion  in the wrong place
(Currently have it at just after the <X_BROADCOM_COM_FirewallEnabled>TRUE</X_BROADCOM_COM_FirewallEnabled> statement in the <WANPPPConnection instance="1"> section I have also tried the top and bottom of the WANPPPConnection with no joy).  Assuming that is the correct section, I guess I should probably try going back to factory default settings with no forwarding rules etc and see if that works.
Community Veteran
Posts: 2,286
Thanks: 109
Fixes: 4
Registered: ‎18-02-2013

Re: Unlocking the potential of Sagemcom 2704N

Your not alone, I can't get it to work either.
@PeteB,
Seeing as I am not familiar with where I need to put the following lines in the config for FTTC, could you give us a few pointers please.
I see you have pulled the following commands using diff and have defined what we need to add which is as follows, bearing in mind you are on FTTC with a locked 2704n as are we.

      <IcmpCfg>
        <NetworkAccess>LAN or WAN</NetworkAccess>
      </IcmpCfg>
  <X_BROADCOM_COM_FirewallException instance="1">
            <Enable>TRUE</Enable>
            <FilterName>ICMP</FilterName>
            <Protocol>ICMP</Protocol>
          </X_BROADCOM_COM_FirewallException>
          <X_BROADCOM_COM_FirewallException nextInstance="2" ></X_BROADCOM_COM_FirewallException>

Do I put those lines at the end of the config, or is it mind-bendingly complicated to place those elements in the config.
brueton
Grafter
Posts: 310
Thanks: 5
Registered: ‎03-07-2009

Re: Unlocking the potential of Sagemcom 2704N

You have to put the elements at the correct place in the config, indents should not matter
Try this:
Before
        <X_SAGEM_COM_ppp_retry_period>15</X_SAGEM_COM_ppp_retry_period>
        </WANPPPConnection>
        <WANPPPConnection nextInstance="2" ></WANPPPConnection>

After
         <X_SAGEM_COM_ppp_retry_period>15</X_SAGEM_COM_ppp_retry_period>
            <X_BROADCOM_COM_FirewallException instance="1">
            <Enable>TRUE</Enable>
            <FilterName>ICMP</FilterName>
            <Protocol>ICMP</Protocol>
          </X_BROADCOM_COM_FirewallException>
          <X_BROADCOM_COM_FirewallException nextInstance="2" ></X_BROADCOM_COM_FirewallException>
        </WANPPPConnection>
        <WANPPPConnection nextInstance="2" ></WANPPPConnection>
Community Veteran
Posts: 2,286
Thanks: 109
Fixes: 4
Registered: ‎18-02-2013

Re: Unlocking the potential of Sagemcom 2704N

Cheers PeteB I'll try that again.
Mine has a little extra, so as follows.

          <X_SAGEM_COM_ppp_retry_period>15</X_SAGEM_COM_ppp_retry_period>
            <X_BROADCOM_COM_FirewallException instance="1">
            <Enable>TRUE</Enable>
            <FilterName>ICMP</FilterName>
            <Protocol>ICMP</Protocol>
          </X_BROADCOM_COM_FirewallException>
          <X_BROADCOM_COM_FirewallException nextInstance="2" ></X_BROADCOM_COM_FirewallException>
          <X_SAGEM_COM_ppp_neg_mtu>16384</X_SAGEM_COM_ppp_neg_mtu>
          <PortMapping nextInstance="375" ></PortMapping>
        </WANPPPConnection>
brueton
Grafter
Posts: 310
Thanks: 5
Registered: ‎03-07-2009

Re: Unlocking the potential of Sagemcom 2704N

I would put the extra lines below the port mapping line. Contents of the dumped config file contain some items only if you were connected at the time.
Community Veteran
Posts: 2,286
Thanks: 109
Fixes: 4
Registered: ‎18-02-2013

Re: Unlocking the potential of Sagemcom 2704N

That uploaded this time  Shocked
I'll test that and get back to you  Wink
Community Veteran
Posts: 2,286
Thanks: 109
Fixes: 4
Registered: ‎18-02-2013

Re: Unlocking the potential of Sagemcom 2704N

yup that works, Thanks peteB.
I might come back to you for ssh in a bit.
rogerx1
Grafter
Posts: 27
Thanks: 4
Registered: ‎10-11-2014

Re: Unlocking the potential of Sagemcom 2704N

Thats sorted it and working now. Thanks PeteB
The lines aren't accepted if I put them after the port mappings, but they are accepted before the port mappings and immedately after the X_SAGEM_COM_ppp_retry_period