2y ago

My ISP has taken total control of my network

This is very troubling, and I'm not even sure where to start. I recently received an email message from my ISP which alerted me to an incoming update. I didn't worry too much since this is obviously not the first update they've ever pushed through.

However, after this update, I noticed that my guest connections and some other things had changed / disappeared. I logged on to my router, and I immediately noticed my custom password had been reset to the default. No problem, I entered it.

At this point, I saw that all of my options were greyed out. I could change the password, which I did, but nothing else. I immediately called my ISP.

I was told that I would have to use their app now, so as much as I dislike using proprietary phone apps, I conceded and installed the app through the Play store.

However, the agent was not entirely honest with me. I still can't bifurcate my 2.4g and 5g connections, nor can I add or remove any guest connections. I immediately enabled "privacy mode" via the app, which purportedly prevents information from being collected by something called "HomePass," and I "Delete[d] Guard events" whatever the hell that means, but this seems really troubling. I can no longer access my modem/router settings via the normal interface, but have to use an Android app?

There is only one other ISP in my area. They have much worse/slower service, but should I switch, or is this just the "new normal"? Does what I'm describing even make sense? I'm not a tech expert, but I feel like I've self-taught myself how to navigate these settings, and learned from others in online forums, but now ... an Android app?

I'd appreciate any advice. I'd even be willing to purchase my own modem/router instead of using the one from my ISP, if that fixes this mess.

Edit: So I need my own router, at least. I did some research, and these are the ones I can get locally that are within my budget:

TP-Link Archer AC1900 Dual-Band Mu-Mimo Wi-Fi Router with Gigabit Port
Linksys AC1200 Dual Band WiFi 5 Router
TP-Link Archer AX1500 WiFi 6 Dual-Band Wireless Router | up to 1.5 Gbps Speeds
TP-Link Archer C54 | AC1200 MU-MIMO Dual-Band WiFi Router
NETGEAR - Nighthawk AC1900 WiFi Router, 1.9Gbps (R6900) I’VE BEEN WARNED AGAINST NETGEAR THOUGH IN OTHER FORUMS
TP-Link | AX1800 4 Stream Dual-Band WiFi 6 Wireless Router | up to 1.8 Gbps Speeds
TP-Link Archer AX3000 | 4 Stream Dual-Band WiFi 6 Wireless Router | up to 3 Gbps Speeds
Linksys E7350 AX1800 Wi-Fi 6 Wireless Router

Am I right in thinking the TP-Link AX3000 is best?

Edit 2: At first, I bought the Netgear AC1900, which seemed like a great deal. Turns out it was unusable without creating a netgear account, so I returned it in exchange for the TP-Link Archer AX1500, and it appears to be working! I got everything set up pretty close to the way it was before, except even better.

Once I save money, I'll also invest in a different modem and return this one to my ISP.

This was a big wake-up call for me in terms of privacy. I never listened to people saying not to use your ISP's equipment because I always trusted my ISP (it's not one of the big name ones). Never trust a company. Lesson learned. I appreciate all the responses I got! This community is great!

164 comments

Get. Rid. Of. Their. Router.
ISP provided networking routers are inherently garbage. They don't want users messing with that, because your average user doesn't even know what the fuck an ethernet cable is and will break everything by fucking around in it.
Run your own router and put theirs into modem only mode with routing and wifi disabled. If that's not an option ask their tech support if you can buy your own DOCSIS/fiber modem (or whatever hardware you use) and return their hardware. If they also don't allow that.... well, switch or just suck it and deal with it while the ISP rubs their nipples some more.
- https://cdn.imgchest.com/files/j7kzcvmllm7.png
  So I can't disable wireless mode. This too is greyed out, and it also doesn't let me disable wireless via the app. (When I try, it throws a popup that says "You must have at least one network."
  So is my best bet to get my own modem with router built in, or could I still connect a router to this, but never use the wifi connection through their equipment? I don't have a lot of money, so I also want to be a bit mindful of cost.
  
  I'd check to see if your provider has an approved modem list, buy one off that and then run your own router.
  
  When I try, it throws a popup that says "You must have at least one network."
  Sounds like it might allow you to disable it after you plug your own router in. If not, customer service might be able to do it. Ask them to put it in modem only mode.
  
  I bought a refurbished cable modem for less than $30 off of amazon that's working well for me. I'd just go that route instead of using their equipment. Even if it breaks in a year, that's savings over renting ISP equipment.
  
  All the router modem combos I have used have basically disabled most of the features including wifi if it gets set in modem only mode
  
  That is literally fucked. There are some scenario's where I can imagine an ISP wanting to force wireless on. a mesh network for their customers sounds like the most straightforward reason. if you cannot replace the router, faraday the shit out of it. put your own router behind the isp router and don't forget to change the MAC address of the router (isp will probably block any 3rd party router macs on the network. seen it before)
  
  Some ISPs will not let you put the modem into a true bridged mode. I would try to disable as much on it as you can. As long as the traffic can pass through from the modem to your router that’s the important part.
  
  When I had Comcast, I had to call them and have them turn this stuff off for me, fwiw.
  I've owned a TP-Link that frequently lost all my settings. I've owned two Netgears and they've been great. I've owned two Linksyses and they've been great. That's just my experience.
  
  Fvck it, run your own router on top of that. Make a another local network and just connect it to the ISP Router, then connect all your devices to the new local. Voila.
  Also run a VPN on the new router if you daisy-chain them.
  
  Yes, get your own router, don't use the app. If you're technically inclined, the app will only restrict what you can do with the equipment. And with ISP owned equipment, they have api access to your equipment.
  
  Fun thought. I'd try wrapping their wifi router in a faraday cage of chicken wire, test that the signal isn't going out with a nearby smartphone, then plug ethernet from their to my own wifi router.
- You could always do double NAT (put your own router behind theirs) as last resort. It's not that bad, I've done it a lot.
  
  Out of curiosity, if your router is able to connect with their network, why do you then need to add their router back in front of yours?
  
  yeah, double-NAT tends to break a lot of multiplayer games though so I heavily try to avoid it.
  
  Do you need NAT if their network supports IPv6 and your whole home network is set up in IPv6?
- Is the Unify Dream Machine a good option?
  
  If you're on the techy side and want an all-in-one solution? Sure, if you plan on expanding within their ecosystem later. Unifi's biggest benefit is the ecosystem, being able to manage everything from one place is nice.
  
  Yes.
  
  I have the usg pro 4 with ap pros and love it.
  
  It's good enough.
  I'm running wired routers with their wifi systems. I have a lot of control over my network.
  
  I can't speak to the all in one dream machine, though I'm sure it's similar in capability to my UDM pro, which has been fairly solid for me and only really has had trouble when I induced it myself. It's definitely much more complex and open than most home routers, and allows you to set every single thing you can think of, the drawback though is that it's not as automated as some home routers and you need to know what you are setting more in depth when you step off the auto modes. Overall I've been very happy with my unifi setup. I also use Protect and I'm looking to set up Access too soon(ish).
- I have fiber here in my apartment.
  There is an optical network terminal with an Ethernet port on it. The optical network terminal does not appear to do any routing, just conversion of the signal between the electrical and optical interfaces. An ordinary PC can be plugged directly into it, use DHCP to get its IP address, and that's it.
  I was supplied a router by the ISP as well. It's spent the better part of the last decade gathering dust in a drawer.
  
  lucky bastard, enjoying fiber optic internet with common sense hardware...
- Of course they have to configure the modem- they have to set it up right to talk to their own hardware. Itd be impossible to use otherwise.
  The point is to insulate your actual LAN settings and router from the ISP so they can't go fuck with it. This isn't even a security thing - the ISP can and already is sniffing every packet you send - it's just trying to maintain some semblance of usable control.
- my ISP didn't gave me the captive portal password and I'm afraid to reset it now because they've manually entered the WAN IP 😩

Use that shit as a modem and get another device for your internals.
- So I just got off a chat with an agent who tells me if I provide my own equipment that I will be able to use the settings as normal and delete the phone app, but that I have to use one from their supported modem list.
  I'm thinking about the Arris SBG8300.
  
  Arris makes good stuff. But that is just the cable modem. It will NOT provide any router protection for your home network. Your network topology should look like this:
  ISP - your cable modem - your router - everything else
  Honestly, if you don't have need for many ethernet connections, just get a wifi router with good reviews and the arris cable modem. Make sure the cable modem you pick up has the right DOCSIS version for the speed you are getting or plan to upgrade to. Your ISP will be able to tell you what version they are on.
  
  I know you're on a budget, but avoid Intel puma based modems. The raw specs look good, they're the only 8x32 channel docsis 3.0, but they have a big that causes a serious jitter.
  https://lookgadgets.com/articles/intel-puma-modems-list/
  Personally, I have an Arris S33. The 8200 is good too, those are both docsis 3.1 and more future-ready but $150+. The 8300 you mentioned is an Intel puma, so maybe keep looking. You might be stuck with a 24 channel modem.

Run your own router. NEVER rent a router lol
- If I gave you a list of the names of routers that are available to buy in my town and that are within my budget, do you think you would be so kind as to recommend one for me? There are so many and I really don't know where to start
  I promise I wouldn't hold you accountable for my decision :P
  
  Those "lists" are likely non-exhaustive. Virtually any combo will work given it works with the internet-protocol your ISP offers. My team prefers TP-Link routers for their update times, but ASUS/Netgear are both solid options as well.
  I use a $250 VPN router because of my team's interest in the dark web. I find it more helpful to put the entire network behind a wall than w/ each individual device. Imho?.. $250 was overkill for how much I pay my ISP for speeds. But this bad-boy is very future proof. https://www.tp-link.com/us/home-networking/wifi-router/archer-gx90/
  Future-proof with at least a router (> WiFi 6) AND a modem. The combo-style ones are almost all bad (ymmv).
  Many, many ISPs will lock internet to ONLY the mac-address of the modem/router, so make sure you change the address in settings. For instance, if a company ships you a router, the MAC of that router will be the only one that can connect from your address.
  For TP-Link: 192.168.0.1 -> "Internet" Settings -> "MAC Clone" (Set the MAC address of your router. Use the default address unless your ISP allows internet access from only a specific MAC address)
  Edit: Feel free to post any "options" from your ISP and what speeds/price they offer :)! If you're only paying for <100Mb/s, a $250 router will be stupidly-overkill.
  Edit2: TP-Link AX3000 WiFi 6 Router is my vote because it also has VPN capabilities if you need that in the future.
  
  If you can, look into Ubiquiti. Their Unifi package is pretty comprehensive, and self-hostable.
  If not, get an RPi with two Ethernet interfaces. Run raspbian, and learn IPTables/netfilter with masquerade. Put the WiFi in AP mode. Yes, it'll suck but at least it's not their router.
  Save up a little bit and upgrade to a NUC with 2x Ethernet or some older HTPC with two Ethernet interfaces, it doesn't need to be much. If it can run VMs, maybe you could run even run pfSense or DD-wrt on it. Get a managed switch that understands VLANs. Look into upgrading your WiFi to Ubiquiti Unfi APs with a local controller in a VM.
  This is the way....

Never use their router. Obviously for the issue you're having now, but also for financial reasons. They charge ridiculous fees for renting their shit routers when buying one for like $120 will be a significant upgrade over there's and will start saving money like 6 to 8 months in. Also it's not tied to the company, so you get to keep it.
- I even had the tech try to install their own router after I'd told them I'd be using my own hardware, and then he ARGUED with me that theirs was better and faster. Didn't ask for your opinion, install the service the way I asked, I know what I'm talking about in this space.
- And the same goes for modems. Those monthly equipment fees add up fast.
- I spent about $200 on a router and modem when I moved into my last apartment, they have already paid for themselves based on the fees that Xfinity would've charged to "rent" the equipment. Plus they're significantly better than the equipment that isp's provide

Never use the ISP provided equipment on your network. Even if you must use their modem and router, have them turn of the wifi, and connect your router to their garbage using the WAN port to connect from their LAN port with nothing else connected. If they refuse to turn off their wifi and you can't do so through the admin, cover their crap in a Faraday cage to kill the signal. Always enter your own DNS settings on your router, never use their DNS. Make sure to use an encrypted DNS to avoid them hijacking it.
- I'm pretty sure they can't refuse. At least in the US. Correct me if I'm wrong.
  
  I never saw a router without an Ethernet port

You should out the ISP by name. Fuck those guys
- I know, but like I've said before, that would also be a bad choice for me regarding my own personal privacy.
  If I felt comfortable doing so, I would have named them immediately because I'm utterly disgusted with this shit.

Never ceases to amaze me just how awful US ISPs are. Why do they get to behave like this? Are they local monopolies or something?
- Yes, they are local monopolies. They stay out of each other's territory, like gangsters.
  
  Good grief. How depressing.
- There's one other big provider here, but it's not nearly as fast or reliable, nor as easy to work with. Up until today, I always praised my ISP, but this is absolutely bonkers!
  
  By comparison, I live in a small town in rural south east England. I could choose from any one of at least 12 different ISPs, all of whom offer gigabit fibre. And we're relatively backward compared to mainland Europe.
- They are an oligopoly. Funny video about it with nsfw language: https://youtu.be/0ilMx7k7mso
- @hedders @LinkOpensChestwav if US citizen migrate to Europe for that reason, does that make them technical refugees? :)

OP, people often mention openwrt, but you can also buy a FreshTomato compatible router and also try that. It's super user friendly, regularly updated, and has a significant amount of features you would likely never find on average routers, just like openwrt.
I really like using the VPN functionality and running an openVPN server and dynamic DNS setup so I can always connect my phones to a trusted VPN and backhaul my connection through home while I'm out and on a risky open connection.
As a Cybersecurity professional, I feel like it's got a lot of good things going for it that I really appreciate, and you can control it without the ISP being able to intrude on your network.
I run my wired connections through that and use the router for DHCP, and then also have a separate mesh system for my wireless. I can set up separate virtual networks as needed and have them separated/isolated altogether, or allow specifically how I want them to see each other, etc.
You can even set up entirely different networks by port on the back of the router. Cool stuff. Openwrt is good too, but most people don't know about FreshTomato I don't think, it spun off of Tomato several years ago when those devs quit updating it.
- Ooo, this is open source too? I've got to be honest, I'm a bit out of my depth, but I'm going to try to learn and understand.
  Thanks for the recommendation. Kind of a bummer that my router isn't supported by either this or openwrt.
  
  Yep! It's open source, which I really like. It's updated almost monthly so is very active. I like how they quickly patch new vulnerabilities, IMO FreshTomato, and OpenWRT projects are exponentially better from a cybersecurity standpoint protecting you, the router manufacturers are so much slower at putting out updates to their stuff.

Not worth the hassle, replace the stupid router with an openwrt one
- I was about to comment that I don't know how to do that, but it looks like openwrt actually has its own forums.
  Still not ready to do this on the spot, but this is another thing worth educating myself about, thanks
- I got a MikroTik router and never looked back. That thing is amazing.
  Edit: typo

Name and shame, dude. Your post is great and we need some proper nouns.

That's unacceptable. I agree get a dumb modem from them and use your own Router/firewall/ access points

Talk to your ISP about getting a modem only, without a built-in router, then purchase a separate router of your own. All-in-one modem/router combos are generally kind of crap anyway, and one that your ISP can control directly is obviously a problem on top of that. I get why they'd do that: most users don't know a damn thing about how to properly set up their network, and being able to change settings without walking the users through it would simplify things. Still crap, but I get why.
Even if you have to buy your own modem, definitely go for a modem-only device and a separate router. Personally I go the extra length of having a modem, a separate wired-only router, and a separate wireless access point for wifi. Combo devices have a habit of not managing memory well and needing to be reset more often.

- I just got off the chat with an agent who told me as much. If I provide my own modem/router, I will not have to use the app. I can change it via the normal way.
  I've heard that Netgear isn't good anymore, but I saw Arris SBG8300 on the list. I'm going to check prices and features before I decide for sure, but even though I'm poor, I'm not so poor that I'm just going to accept this. This is utter bullshit, and I'm considering switching ISP, even though the alternatives are slower and not as stable.
  
  Sadly that’s how it works if you rent their eq. Your bill should drop if you drop their rental. Usually around 10 dollars for a rental most places.
  
  Depending on your needs, you could get an older Netgear model (just check that it still gets firmware updates)

I saw your edit are you able to get an asus router in your budget? Check Facebook and Craigslist. That's gonna be the best brand you can buy with the most features. I got a little usb drive hooked up and it has a built in encrypted torrent Downloader. Mine is pretty expensive but I'm sure you can find a used one.
- Another user recommended an ASUS. I'm probably not going to find one here on Facebook or Craigslist unless I travel to a bigger city, but I've had good luck on ebay. In fact, one of the reasons I lack money is that I just bought a laptop off ebay. I ... kinda wish I hadn't done that now, but who knew?
  Like I told someone else, I'm probably going to prioritize getting my own modem now, but whenever I decide to upgrade my router, I can get an ASUS and then give this to a friend or neighbor and help them get set up.

I wouldnt say thats normal ... (at least here in germany).
Maybe consider using the isp device as modem only and use your own router?

Change iSP if you can, ans un any case you should use your own router running OpenWRT to have full control over your own network

Sounds like Comcast lol they suck. It sounds like you are using the router provided by your isp. Try getting your own equipment (router/modem).

Personally I would drop them out of principle. I don't feel like supporting assclowns. Its the same reason I started using Linux, Lemmy, Qwant, etc.
- I feel the same way. I'm really upset about this. It's just ... there's not a lot of choice. I could be going out of the frying pan and into the fire, but it's at least worth looking into.

Ask for bridge mode and install your own router. It’s the first and most important step towards privacy. Also sounds like you got plume devices. Only use them in Wi-Fi bridge mode. You retain some of heir functions and utilities but you’ll still be in control of your network.

It sounds like what you want is to either get a modem (either rented through the ISP or bought 3rd party, if your ISP supports it) and then ensure that this modem is in bridge mode without any sort of router features. That said, most places will just give you a dumb modem if you have no intention of using their router.
Then the other gear would be a router with the feature set you want. I personally am quite fond of my Mikrotik hap ac2 but the ac3 looks good too. I don't use the Mikrotik for the wifi either (I use unifi for that), but it's decent enough for a small space in a pinch.
Basically you would need to find out from your ISP if they allow you to bring your own gear -- modem and/or router, with the router being the more important of the two and get their help to either swap your existing device into a bridge or getting you something that can.

You could also look into OpenWrt and maybe get your device an open firmware. For a more advanced setup you can look into OPNsense, but you will probably need additional devices for WLAN, DECT, etc.

I have been running a TP-Link Archer C4000 for several years now. Super solid, great price, no complaints. For me the tri-band capability is more important than Wifi-AX, which isn't very useful unless you need incredibly fast network speed or if you have a ton of devices (which all need to be supporting AX).
- The c4000 is great. I had some electrical issues which kicked off issues at higher bandwidths, but otherwise it's been the best router I've owned

Wow, never heard of anything like it though it feels plausible that your ISP would be able to do this. I'm not an expert on this in any way though, just a self-taught, self-hoster. My first thought was getting yourself another router as well, though I'm not 100% sure if this would work. I dimly remember that I had to change my ISP's router to "modem-mode" or something when I did this years back. And if your ISP doesn't allows this ...

To add to others' advice to get your own router and use the modem only to connect to the internet (WAN), consider getting a router on which you can install OpenWRT. This will give you much more confidence that only you control your network.

I never use their device for anything other then a transceiver/bridge. I would just get my own gateway and place it inside theirs. Do get one that has updates. Replacing theirs is not a bad idea too.

I don't know if anyone has murmurings this yet, but if you leave a landline that is through your ISP, and connected to the router, you may not be able to use your own router. Spectrum doors not let you, and despite all the research I did before, I did not find that out until after I purchased my own. You can ask them to split the line and use the old router with the phone, and your new router for internet, but there are potential issues with degradation of service involved, as well as the more mundane problems of running into ISP support who are not interested in understanding what you want, and getting the line actually, physically split.
- In work for them. This is as intended. Its meant to reduce service calls where the customer borks it themselves. I'm not an expert so this may not apply everywhere, but you shouldn't have a problem using a non-spectrum router without even telling them. I don't use theirs. You should just be able to go buy it, plug the line in , and turn it on. They don't need to know. In recommend using your own anyway for many reasons. Yours will be more configurable and you can tell them you don't need theirs, saving you 7 bucks or whatever a month.
  
  Of course it's on purpose, and it's understandable, too. And if you have voice along with Internet service, spectrum does not allow you to use your own modem for voice. It won't work. You can use your own for the internet portion, but you have to contact them to get each item provisioned separately, and then get a splitter to accommodate both. You and also have to make sure the person your are talking to understand what you are talking about, because a lot either don't, or just don't care to accommodate you and just say no we don't do that. I am currently taking a hiatus from going through this very scenario because I don't have the mental energy right now to fight a tier 1 tech on something that should be so simple.
- The agent I chatted with said I can, and I asked him 3 times in 3 different ways and saved the chatlog
  
  Good luck, I hope it goes well for you!
  
  You definitely can. You will lose some functionality in the app/web portal but its worth it if you know what you're doing.

Btw, for the proprietary apps try Shelter/Insular and TrackerControl.

@LinkOpensChestwav
Welcome to xFinity Xfi or whatever they call their crap.
Get your own router (that saves you 10$ a month and sparesy from this crap)
Or if you can't replace their modem, then get your own and use theirs in bridge mode
- At first I thought that I couldn't use bridge mode, but it looks like I can.
  I think I'll go this route to start with, but eventually replace the modem, too.
  I've noticed there's an extremely wide range in prices for wifi routers. Is there really that much difference between them?
- Since they've disabled pretty much everything except the password, I imagine they've disabled bridge mode as well…

I've had bad luck with all the name brand router wifi combos. I've tried several high end models, from tplink to linksys to net gear. I've finally built a pfsense box as a router/firewall (qotom mini pc) and I've switched to ubiquity ap6 in my house. Finally something that works well for me.
Granted it depends on what you're comfortable with and what you use your devices for. I'm using vlans and vpns and different interfaces for various different things so I need the extra functionality pfsense offers.

Depending on where you live you might just let your ISP give you a modem and you can choose the router yourself. ISPs use the TR-069 protocol which allows them to manage and administrate the router they gave you. This is probably what they did when they made the changes you mentioned. It even allows them to analyze your whole home network. Thanks to this they can spy on you if they want to. So my advice is to just get a modem from them and choose your own router because then they can't spy on you. My advice is to use OPNsense, it's open source.
Edit: Bridge mode + your own router so they can't spy on your home network would also do the trick.
- I think I'm going to go with your edit, at least for now. I just need to look into which router is good and in my budget.

I recently had a similar situation and ended up buying an Arris CM8200A modem and a TP-Link AX1500 router. I'm pretty happy with both. If you have any devices that can utilize the increased speed, I'd say the AX3000 will be worth it. You might also want a faster modem if our internet connection is faster than gigabit.
- Just picked up the AX1500 for $60

I work for a German ISP (which happens to have a big mobile phone daughter in the US) and the thought of an ISP being able to do this without anything one can do against it is bonkers to me. I was just reminded from the comments here that you folks over there usually do not have aftermarket routers with modems built in. I mean, I'm using my employers router of course since it was way cheaper than any alternative but the thing will not lock me out of any settings because if it did that, ppl would just stop using it.

Which ISP is doing this?
- I really want to tell you, but since I live in South Dakota, it's way too easy to dox me. If I lived in a more populated area, I wouldn't be as overcautious.
  
  Good on you for staying security conscious. ♥
  
  Thats cool. I only wanted to know if it was one of the larger ISPs. Figured exposing that would be less doxing than your home state.

Yeah I always own my own modem and router, just go that way. Check your isp for which modems are compatible with the service and check the latest reviews for a good router.

You MAY be able to use that existing router/modem as just a modem by putting it in Bridge Mode or equivalent which disables any routing and WiFi and into just a modem.

Do any of you have a recommendation for a fiber modem? I always used my own for cable but am trying fiber optic. I am in a similar situation as OP, but was just going to connect my old router to their fiber modem/router and try to turn off their router function.
And for that matter, a router brand to stick with? I have had good luck with Netgear but am seeing advice against it. I mainly just want a good QOS to prioritize video chats and casual gaming.
- It depends, does your fiber ISP just have an Ethernet jack going to the modem they gave you, with an ONT (the part that takes in the physical fiber and outputs Ethernet) on the outside of your home or in your building's telecom room (if you're in an apartment or condo), or does it have the actual fiber strand entering your unit and passing directly into the modem device?
  If it's the latter, odds are you'll need to keep their modem (as it serves as the ONT as well), since a lot of fiber ISPs are extremely picky about what connects directly to their optical network. You should be able to put it into bridge mode, connect it with Ethernet, and let whatever router you buy handle things like DHCP. If the former (this is how my fiber setup is), you should be able to connect your own equipment directly, so long as you have things like PPPoE credentials and whatever VLAN tag settings your ISP requires available to put in to the router you purchase.
- I'm using the asus rt68u for the built-in vpn capabilities. It's a bit outdated now, but you can pick them up used for under a hundred bucks.

Are you talking about your Modem/router that came from the company?
- Yes, that is correct. I've always wanted to buy my own, but they're like $200. However, at this point I could have owned my own already with the fees.
  
  Yeah, Idk what you should do. There should be much cheaper ones available, but I don't know where you live or what aftermarket devices are compatible with your ISP.
  I bought a pretty nice Asus router new for like $120. Maybe you can find a used one on eBay?
  Just make sure that the aftermarket device is supported by your ISP. You could also check online to see if your current Modem is able to have its firmware flashed to something like OpenWRT. But if you're leasing the device, I wouldn't do that unless you are sure you're able to reflash the OG firmware back before returning it.
  Last option is to turn off the Wireless completely and use the Modem as a simple Demarc point for your network, and then get an old computer, install PFsense on it and use that as your actual router for all the special network configurations/firewall functions, etc.
  You can buy a cheap wireless access point and plug it into your PFsense box to get your wireless through there.
  Unfortunately, all options are either going to be a lot of work, or expensive.
  Best case would be if your ISP is compatible with a cheap aftermarket router/modem and you just swap it out.
  
  we run our network directly from our modem into one of our computers that we've set up as a dedicated server and just install network cards on that so we get complete control over the network. if you have a box with spare pcie slots, this is a fairly cheap way to run things. vlans get configured by networkd and the network cards get bridged together based on vlan assignments.

This is pretty normal in the US if you’re using the ISP provided router

164 comments