Is TR-069 supported

  • my isp started giving out dlink managed routers for free and if u get them then the fiber optic modem for FTTH they switch the mode to PNP, what happens in the dlink router is when its connected to the fiber modem, it gets a private ip without any VLAN, then the router connects to a provision server whose URL and login credentials are stored in the router, then the provision server sends over a config file which has details such as the pppoe userid and password and VLAN for the pppoe conenction which the router then uses to connect to their pppoe server.

    its called TR-069 protocol and is it possible to configure this in pfsense or are there any plans to add this?

    almost all vendors supplying routers in this region have started adding this their firmware, dlink being one, under pppoe there is a field called connection mode: auto via ACS

  • I'd rather not have TR-069 support, especially not when it comes to Firewalls.
    There have been major security problems with this technique.

    If your provider stops handing out login data, you can always try to get that off their router. Save the config and decrypt it if necessary (and possible).

  • the login data i already have and that remains permanent unless u change it, the main thing is to get the VLAN config for pppoe connection using TR-069 because u never know when the isp might change that and if that isnt correct then pppoe doesnt connect at all.

    currently i looked at it from the router and configured that in pfsense and am able to connect to the internet but suppose if that VLAN changes then again i need to hookup their managed router to figure out what its changed to so basically if pfsense had the ability to just get portions of config and use that to connect then it would solve this issue

  • I might be completely wrong here, but to me it seems unlikely that they change the VLAN config frequently or at all.

  • actually they just did, earlier it was VLAN id 21 and now its 20, its not frequent but they do change and when that happens need to hook up their router so can read it out of it the new value.

    i also cant seem to find any TR-069 client software which i can run on my PC by spoofing router mac id so can get new config from their ACS server

  • No PPPoE Passthrough option on the Router, I guess? Each time I used PPPoE passthrough with VLANs, the passthrough device would take care of the VLAN and I only needed the PPPoE login.

  • i have my firewall connected to the zhone technologies FTTH modem which connects to the isp fiber, if i use their managed router then it doesnt allow pass through or bridged mode, its a customized dlink ac router with the isp firmware which is designed to be auto provisioned so when u open  its default ip it doesnt give the router login but a login into their provision server on the isp where u customize the router features and on saving then thats pushed to the router which the router uses.

    Basically they say its a manged PNP ACS ready router so everything is stored on the isp ACS server so to troubleshot any issues they check on their server the config and apply changes there which get pushed to router so technician doesnt need to visit to fix anything unless there is a fiber cut or faulty device

  • i tried searching but couldnt find any ACS client tool for windows which i could use to find the VLAN id of the pppoe connection incase if it changes rather than having to plug the isp router everytime to figure it out, let me know if u know any such tool, then i could just reflash the isp router with the universal firmware and use it for other things and directly plug the cable to my PC to get provisioned from the server to get the new VLAN id

Log in to reply