What to Know About Sierra Wireless ALEOS 4.16.1

Sierra Wireless sent out an alert recently with regards to their ALEOS version 4.16.1. It’s important that you read this before proceeding with an upgrade. See below for all the details from their bulletin:

We have discovered an issue with ALEOS 4.16.1 relating to the AirLink Router Connection Issue affecting RV55 LTE-A Pro and MP70 LTE-A Pro routers. Affected routers are identified by their IMEI range as detailed here AirLink Router Connection Issue.

Please read this Bulletin carefully.

  1. Do not upgrade affected routers to ALEOS 4.16.1 that have been deployed and are on-air.
  2. Do not upgrade affected routers to ALEOS 4.16.1 using ALMS/AM/AMM. Wait for ALEOS 4.16.2 before upgrading deployed routers using ALMS/AM/AMM.
  3. If you have already upgraded to ALEOS 4.16.1, there is no need to downgrade.
  4. Upgrading unaffected routers to ALEOS 4.16.1 does not cause a problem.
  5. For affected routers that you have already upgraded to ALEOS 4.16.1 locally using ACEmanager, perform the factory reset per point 7.
  6. You may continue to upgrade affected routers to ALEOS 4.16.1 locally using ACEmanager with an additional final factory reset step per point 7.
  7. After you perform the upgrade, manually reset the router to factory defaults by holding the reset button down until the router power button flashes red (approximately 5 seconds), then release the reset button and allow the router to reboot. Do not reset a router to factory defaults remotely using ACEmanager, ALMS, AM/AMM because if you do, your router will go off-air and need to be manually recovered (refer to image below).
  8. We have reissued the application note “Upgrading to ALEOS 4.16.1” found on The Source to include the final factory reset step when using ACEmanager: Upgrading ALEOS 4.15.3 to 4.16.1
  9. We will release ALEOS 4.16.2 for affected routers to remediate the need for this additional “reset to factory” step. We will publish a release bulletin when the release is available in the coming weeks.
  10. You may return your affected routers using the RMA process outlined here:
    • Request an RMA via email to repairs@sierrawireless.com including the following information:
    • State the problem description as “AirLink Network Connection Issue”.
    • State the quantity of replacement routers that you require urgently. We will prioritize urgent requests subject to availability.
    • State if the boxes are unopened or have been opened/deployed as this helps process the return faster on receipt.
    • Provide the router Serial Numbers.
    • Return address to ship the updated or replacement routers.
By 5G , , , ,

How Does Cradlepoint Load Balancing Work?

Internet connectivity is crucial for businesses and individuals who work from home. Many businesses use multiple internet connections to ensure that they have a reliable and uninterrupted internet connection. This is where Cradlepoint load balancing can be beneficial. Cradlepoint load balancing allows businesses and individuals to use multiple internet connections simultaneously, increasing bandwidth and reliability. 

What is Cradlepoint Load Balancing?

Cradlepoint load balancing is a technology that enables businesses and individuals to use multiple internet connections simultaneously. This means that if one connection fails, traffic is automatically redirected to another connection. Cradlepoint load balancing distributes traffic across multiple internet connections based on several factors, such as the type of traffic, the available bandwidth, and the quality of the connection. Here’s a breakdown of the algorithms they use currently:

  • Round-Robin: Evenly distributes each session to the available WAN connections.
  • Rate: Distributes load based on the current upload and download rates. A WAN device’s upload and download bandwidth values can be set in the Connection Manager page.
  • Spillover: The default algorithm. Load is always given to devices with the most available bandwidth. The estimated bandwidth rate is based on a combination of the upload and download configuration values and the observed capabilities of the device.
  • Data Usage: This mode works in concert with the Data Usage feature. The endpoint will make best effort to keep data usage between interfaces at a similar percentage of the assigned data cap in the Data Usage rule for each interface, rather than distributing sessions based solely on bandwidth. For proper function you need to create data usage rules for each WAN device you will be load balancing. 

Benefits of Cradlepoint Load Balancing

Cradlepoint load balancing offers several benefits for businesses and individuals, including:

  • Increased bandwidth: With multiple internet connections, businesses and individuals can increase their available bandwidth. This is possible by splitting traffic across the multiple connections. This can help users handle larger data loads and increase productivity.
  • Improved reliability: With Cradlepoint load balancing, businesses and individuals can ensure that they have a reliable internet connection at all times. If one connection fails, traffic is automatically redirected to another connection, ensuring that downtime is minimized.
  • Cost savings: Using multiple internet connections can be more cost-effective than relying on a single high-speed connection. Businesses and individuals can choose to use less expensive cellular Internet connections, which can help them to save money on their monthly internet bills.
  • Flexible connectivity: Cradlepoint load balancing allows businesses and individuals to connect to multiple types of networks, including wired, wireless, and cellular networks. This flexibility can be especially useful for businesses with remote workers who need to connect to the internet from different locations.

Load Balancing Use Cases

Load balancing is a technique that can be used in a variety of situations to improve network performance and reliability. By distributing network traffic across multiple connections, load balancing can help ensure that applications and services remain available and responsive even in the face of network outages or other disruptions. Here are some common use cases for load balancing: 

  • Business Networks: Businesses that require high-speed, reliable internet connectivity can use load balancing to distribute network traffic across multiple connections. This can help avoid bottlenecks caused by single connections and improve overall network performance.
  • Cloud Computing & Web Applications: Load balancing is commonly used in cloud computing environments and for web applications. It distributes network traffic across multiple servers or virtual machines. This can help improve reliability and ensure that applications remain available even if individual servers fail.
  • E-commerce: Load balancing can be used in e-commerce applications to distribute network traffic across multiple servers or data centers. This can help improve reliability and ensure that transactions are processed quickly and securely.
  • Remote Access: Load balancing can be used to distribute network traffic across multiple VPN connections, providing remote workers with fast and reliable access to corporate networks and resources.

Cradlepoint load balancing is a powerful technology that can increase bandwidth, improve reliability, and reduce costs. It does so by utilizing multiple internet connections simultaneously. With its flexible connectivity options, load balancing can be used in a variety of situations to improve network performance and reliability. By taking advantage of load balancing, businesses and individuals can ensure that they have a fast, reliable, and cost-effective internet connection at all times.

By 5G , ,

Cellphone Boosters for Rural Areas: Improving Connectivity in Remote Locations

Internet connectivity is a basic need for everyone these days. In many remote locations, such as rural areas, in mountains and in deserts, getting reliable internet connectivity can be a real challenge. In these areas, cellular networks’ signal strength may be weak or non-existent. This can lead to poor call quality, slow internet speeds and even dropped connections. Fortunately, there is a solution: cellular signal boosters.  

What are Cellular Signal Boosters and How Do They Work? 

A signal booster, also known as a cellular amplifier, a cellphone signal booster or a repeater, is a device that amplifies weak cellular signals to improve call quality, data speeds and overall connectivity. The device is composed of three main components: an external antenna, an amplifier and an internal antenna. 

  1. The external antenna is designed to be placed outside of a building or a vehicle, where it can receive the weak cellular signal. It is often mounted on the roof or on a pole, and it is connected to the signal booster through a cable. The external antenna captures the weak cellular signal and sends it to the amplifier. 
  2. The amplifier is the heart of the signal booster. It receives the weak signal from the external antenna and amplifies it to a higher strength. The amplification process is done through a complex set of electronics that include filters, gain stages and power amplifiers. The amplified signal is then sent to the internal antenna. 
  3. The internal antenna is placed inside a building or a vehicle where the signal is needed. It is often a smaller and more compact version of the external antenna. The internal antenna receives the boosted signal from the amplifier and broadcasts it to nearby devices. This allows the devices to receive a stronger and more reliable cellular signal. 

Signal boosters are designed to work with various cellular technologies such as 3G, 4G and 5G. They can be used in different types of environments, including homes, offices, vehicles, warehouses and other remote locations. Amplifiers are available in different sizes and capacities, depending on the coverage area required. 

What Are the Benefits of Using a Cellphone Signal Booster?

There are several cellular amplifier benefits, which include improved call quality, faster internet speeds and better connectivity. They’re also easy to install and are highly cost-effective.

  • Improved call quality: In remote locations where the signal strength is weak, call quality can be poor. Using a cellular signal booster can improve call quality by amplifying the signal strength. 
  • Faster internet speeds: A weak signal strength can lead to slow internet speeds. By amplifying the signal strength, cellular signal boosters can improve internet speeds, making browsing, streaming and downloading faster. Just keep in mind that cellular speeds can vary based on the time of day and user load on the cell tower, as well as the frequency band (or bands) that the cellular device is connected to.  
  • Better connectivity: Poor connectivity can be frustrating, especially when trying to communicate with others or if you’re needing to access important information. Cellular signal boosters can help improve connectivity by providing a stronger and more reliable signal. 
  • Cost-effective: In some cases, installing a cellular signal booster can be more cost-effective than installing a dedicated internet connection. It can also be more convenient, as it does not require any additional infrastructure. 
  • Easy to install: Cellular signal boosters are easy to install and require minimal maintenance. They can be installed by anyone, without the need for any technical expertise. 

Cellular Amplifiers: A Quick Overview

Cellular signal boosters are essential tools for improving connectivity in remote locations where cellular signals can be poor. They work by amplifying weak cellular signals, providing better call quality, faster internet speeds and improved connectivity. With an external antenna to capture weak signals, an amplifier to boost signal strength and an internal antenna to broadcast the amplified signal, cellular signal boosters are easy to install and require minimal maintenance. 

Whether you live in a rural area, travel frequently or work in a remote location, a cellular signal booster can help you stay better connected. Amplifiers are cost-effective and are often more convenient than installing dedicated internet connections. In addition, they can improve your communication with others and access to information, both of which are essential in today’s world. 

Choosing the Right Cell Signal Booster

It’s important to note that not all cellular signal boosters are created equal. When selecting a cellular amplifier, it’s essential to choose a device that is compatible with your cellular carrier, provides adequate coverage for your needs and meets regulatory standards. It’s also essential to follow proper installation instructions to ensure the best performance and to avoid interference with other electronic devices. 

If you want more information about how to boost a cellular signal or how to find one that’s suitable for you, don’t hesitate to contact the team at 5Gstore for assistance. We can be reached Monday through Friday from 9:00 a.m. to 6:00 p.m. CST via phone, email or chat. 

By 5G , , , , , , ,

Do I Need the Feature Pack for My Peplink MAX BR1 Mini HW3?

The Peplink MAX BR1 Mini has been a versatile solution since its hardware revision one release. With its small size and reliable cellular connection, many users found it to be the right fit for their application. Peplink even released a similar version called the BR1 Mini Core, which is meant for users who don’t require WiFi or GPS support. 

At its third hardware release, Peplink created a feature pack to add additional WAN support, if needed. If you’re unaware, the BR1 Mini comes only with the Cellular WAN active. This feature pack license is a one time fee, which activates the Ethernet WAN and WiFi WAN connections. It also provides support for SpeedFusion Hot Failover and Bandwidth Bonding. 

Now, BR1 Mini users can rejoice as the feature pack will no longer be needed when you have a valid PrimeCare subscription (warranty plan). This will however require a firmware upgrade to the recently released version of 8.3.1 (download 8.3.1 firmware for BR1 Mini HW3 here). 

For more information about these routers, check out our Peplink MAX BR1 Mini pages, or contact the 5Gstore team.

By 5G , , , , , ,

What Kind of WiFi Do I Need?

WiFi technology has revolutionized the way we connect to the internet. It allows us to access the internet wirelessly and eliminates the need for cumbersome cables. It was first developed in the 1990s and has since become a ubiquitous technology, with most modern smartphones, laptops, and other devices equipped with WiFi capabilities.

WiFi networks typically consist of a wireless router, which acts as the central hub for the network, and a number of devices that connect to the network wirelessly. The router communicates with the devices using radio waves, and data is transmitted back and forth between the router and the devices.

The technology uses a set of standards developed by the Institute of Electrical and Electronics Engineers (IEEE), known as the 802.11 standard. These standards define the technical specifications for how WiFi works. This includes the frequencies used, the data transfer rates, and the security protocols used to protect data.

So what should you look for when deciding to purchase a WiFi product? Read on for details about different types of WiFi technologies and securities. 

Types of WiFi Technologies

  • 802.11a: This standard uses the 5 GHz frequency band and provides faster data transfer rates but with a shorter range compared to 2.4 GHz. It is ideal for high-bandwidth applications such as streaming video and online gaming.
  • 802.11b: This standard uses the 2.4 GHz frequency band and offers slower data transfer rates but longer range compared to 5 GHz. It is suitable for low-bandwidth applications such as email and web browsing.
  • 802.11g: This standard also uses the 2.4 GHz frequency band and offers faster data transfer rates than 802.11b but has a shorter range. It is ideal for medium-bandwidth applications such as file sharing and online conferencing.
  • 802.11n: This standard operates on both 2.4 GHz and 5 GHz frequency bands and offers faster data transfer rates, improved range, and improved reliability compared to its predecessors. It is suitable for high-bandwidth applications such as video conferencing and cloud computing.
  • 802.11ac (WiFi 5): This standard uses the 5 GHz frequency band and offers even faster data transfer rates than 802.11n. It is ideal for high-bandwidth applications such as streaming 4K videos and online gaming.
  • 802.11ax (Wi-Fi 6/6E): This newer standard operates on both 2.4 GHz and 5 GHz frequency bands and offers faster data transfer rates, increased capacity, and improved performance in dense wireless environments. It is suitable for high-bandwidth applications such as virtual reality and smart homes.

WiFi 5 vs 6 vs 6E?

WiFi 5, WiFi 6, and WiFi 6E are different generations of WiFi technology. Each has its own set of features and capabilities. Here’s a comparison of the three:

WiFi 5 (802.11ac):

  • Uses the 5 GHz frequency band
  • Supports a maximum data transfer rate of up to 3.5 Gbps
  • Uses MIMO technology to increase the amount of data that can be transferred simultaneously
  • Supports wider channels up to 160 MHz and higher-order modulation up to 256-QAM
  • Can handle multiple devices simultaneously, but not as efficiently as WiFi 6 or WiFi 6E

WiFi 6 (802.11ax):

  • Uses both the 2.4 GHz and 5 GHz frequency bands
  • Supports a maximum data transfer rate of up to 9.6 Gbps
  • Uses OFDMA (Orthogonal Frequency Division Multiple Access) technology to enable multiple devices to transmit data simultaneously on the same channel
  • Uses MU-MIMO technology to allow multiple devices to receive data simultaneously from the same access point
  • Includes improved security features such as WPA3 encryption and Target Wake Time (TWT).

WiFi 6E (802.11ax-6E):

  • Uses the 6 GHz frequency band, which is less congested and has more available channels than the 2.4 GHz and 5 GHz bands used by previous WiFi generations
  • Supports a maximum data transfer rate of up to 9.6 Gbps
  • Uses the same features as WiFi 6, such as OFDMA and MU-MIMO, but with the added benefits of operating in the less congested 6 GHz band
  • Provides better performance and capacity, especially in high-density environments with many connected devices

In summary, WiFi 6 and WiFi 6E offer significant improvements in speed, performance, and reliability over WiFi 5. WiFi 6E is the most advanced technology at this time. 6E uses the newest frequency band as well, but it requires compatible hardware and may not be widely available yet.

What About WiFi 7?

Wi-Fi 7 was only recently announced, but is going to use a new IEEE standard known as 802.11be. This provides a wider channel and utilizes the 6GHz spectrum to deliver peak rates of up to 46 Gbps, which is 4 times more than Wi-Fi 6E. It introduces multi-link options, including High-Band Simultaneous Multi-Link, which reduces latency and increases throughput. Wi-Fi 7 also standardizes 4K QAM modulation and Flexible Channel Utilization technology to increase throughput and capacity while avoiding interference.

Note that WiFi 7 is expected to be released next year. Currently, there is a limited number of devices which have support for the technology. Interested in learning more about WiFi 7? Check out this page on WiFi 7 from TP-Link.

WiFi security types

  • Wired Equivalent Privacy (WEP): This is an outdated security protocol that is easily cracked and no longer considered secure. It uses a shared key encryption method that can be easily intercepted by hackers.
  • Wi-Fi Protected Access (WPA): This security protocol uses a pre-shared key (PSK) for authentication and encryption. It offers better security than WEP but is still vulnerable to attacks such as brute-force attacks.
  • WPA2: This is an improved version of WPA that uses stronger encryption methods such as Advanced Encryption Standard (AES) and Temporal Key Integrity Protocol (TKIP). It is currently the most widely used WiFi security protocol and offers better security than its predecessors.
  • WPA3: This is the latest and most secure WiFi security protocol that uses even stronger encryption methods such as Simultaneous Authentication of Equals (SAE) and Opportunistic Wireless Encryption (OWE). It provides better protection against attacks such as dictionary attacks and offers enhanced security for public WiFi networks.

Understanding different types of WiFi technologies and WiFi security types is essential for ensuring a secure and reliable wireless connection. Users should choose WiFi technology based on their bandwidth requirements. It’s also important to pick an appropriate security protocol to ensure your data is protected from unauthorized access. 

If you need assistance selecting an appropriate WiFi solution for your application, contact the experts at 5Gstore.

By 5G , , , , , , ,

How to Get Internet Access While Camping

If you’re planning a camping trip, you may be wondering how you can stay connected to the Internet while enjoying the great outdoors. Fortunately, there are several options for getting an Internet connection while camping. In this blog post, we’ll explore some of the best ways to stay connected, so you can keep in touch with loved ones, access important information, and stay entertained.

Mobile Hotspot

One of the easiest ways to get an Internet connection while camping is to use your mobile device as a hotspot. Most smartphones and cellular devices offer the ability to create a mobile hotspot, which allows you to connect your laptop or other devices to the Internet via cellular data. Check with your cellular provider to see if this feature is available on your plan and what the data usage limits are.

Setting up the mobile hotspot on your smartphone generally consists of the following steps:

  • Go to the settings menu 
  • Select “Hotspot & Tethering”
  • Turn on the hotspot feature
  • Connect your laptop or other devices to the hotspot using the WiFi credentials listed

It’s important to note that using your mobile device as a hotspot can quickly drain your battery, so be sure to bring a charger or portable battery pack.

Portable WiFi Hotspot

Portable WiFi hotspot devices are a great option if you need to connect multiple devices to the Internet while camping. These devices use cellular data to provide Internet access and are battery-powered, so you can take them with you wherever you go. Many companies offer portable Wi-Fi hotspot devices, so be sure to shop around and compare prices.

Cellular Router

Cellular routers are ones with built in cellular modems. Similar to a portable WiFi hotspot, but these are not generally battery powered as they are meant to provide 24/7 access. This is best if you require a more stable and reliable Internet connection. These will also provide more WiFi coverage than mobile and portable hotspots as well as Ethernet connections for any devices you want to hardwire.

Satellite Internet

If you’re camping in a remote area without access to cellular data, satellite Internet may be a good option. You’ll need to purchase a satellite dish and a subscription to a satellite Internet service provider. Keep in mind that satellite Internet can be expensive and may not be available in all areas.

Campground WiFi

Many campgrounds now offer WiFi access for their guests. The quality and availability of the WiFi will vary depending on the campground and its location. Some campgrounds may charge a fee for WiFi access, while others offer it for free. If you’re relying on campground WiFi, be prepared for slow speeds and limited connectivity. Still, if you decide to use the campground WiFi, you may also consider using a WiFi as WAN device. This allows you to connect to a nearby WiFi network and use it as a WAN source on your router. It’s much like a WiFi repeater that also provides a more secure connection for your devices. 

Public WiFi

If you’re traveling to a city or town near your campsite, you may be able to find free public WiFi. Some parks, rest stops, and other public areas may offer free WiFi access. Keep in mind that these connections may not be secure and are often slow or unreliable. If you decide to use public WiFi, this is another reason to utilize a router or other WiFi device that supports WiFi as WAN.

Tips for Staying Connected While Camping

  • Invest in a portable battery pack to keep your mobile device charged.
  • Use a signal booster to improve cellular reception in remote areas.
  • Download maps and other important information before you leave home, in case you lose Internet access. You can even download your favorite music and video content from streaming services to use while offline.
  • Keep your devices protected with a sturdy case and screen protector.

As we’ve outlined, there are several options for getting an Internet connection while camping, depending on your location and the level of connectivity you require. By following these tips and exploring the different options available, you can stay connected while enjoying the great outdoors.

By 5G , , , , , , , ,

Cradlepoint NetCloud Manager: What Happens When Your Device is not Licensed?

What is NetCloud Manager?

Cradlepoint NetCloud Manager is a cloud-based network management solution that provides businesses with a single pane of glass for managing and monitoring their Cradlepoint networking devices. The platform allows IT administrators to configure, monitor, and troubleshoot their network devices from a single dashboard, regardless of their location.

NetCloud Manager Licensing States

At its core, Cradlepoint NetCloud Manager is designed to simplify network management for businesses. The platform provides comprehensive features and tools that make it easy to manage and monitor devices, including routers, access points and IoT gateways. Within NetCloud Manager, endpoints are categorized into one of three licensing states: Licensed, Non-Compliant and Unlicensed.

These states determine what features and tools the user has access to with their device(s).

What’s the Difference Between Licensed, Non-Compliant and Unlicensed Endpoints?

It’s important to know about the licensing states within NetCloud Manager in order to use its features correctly.

  • Licensed Devices: An endpoint that has a license to an active NetCloud Manager subscription.
  • Non-Compliant: An endpoint automatically becomes “Non-compliant” when the following occurs:
    • An endpoint (router, gateway, or access point) does not have a compatible purchased license to an active NetCloud Manager subscription.
    • OR, the number of endpoints is greater than the number of active subscription licenses for a given account. It is within the 30-day remediation period following the subscription’s expiration.
  • Unlicensed: If an endpoint does not have a license after the 30-day remediation period it becomes “Unlicensed.” Unlicensed endpoints lose additional functionality after the 30-day remediation period ends, and the NetCloud service locks the endpoint into its last known basic configuration.
    • The count for each license state is visible within NetCloud Manager on the Subscriptions dashboard. Click Account > Subscriptions to view the dashboard.
    • NOTE: NetCloud Manager Administrator permissions at the root level of the account are required to view the Subscriptions dashboard.

Reduced Functionality of Non-Compliant Endpoints

Non-compliant endpoints have a 30-day remediation period during which the licensing issue must be corrected. While in the non-compliant state, endpoints will maintain their current routing capabilities, NetCloud functionality and NetCloud Essentials functionality. They will, however, lose access to certain Advanced Add-On features.

The reduced services a customer will experience with non-compliant endpoints include:

  • Features in the Advanced Add-On plan (including advanced security packages like CP Secure Threat Management, Cradlepoint Secure Web Filter and Zscaler)
  • NetCloud Edge Connector
  • SDK, if applicable.

Refer to the following three lists for details about non-compliant endpoints’ reduced functionality during the 30-day non-compliance remediation period. Information has been included for non-compliant branch and mobile endpoints, non-compliant LTE-Adapter endpoints and non-compliant IoT endpoints.

Non-Compliant Branch and Mobile Endpoints Lose Access to:

  • Branch or Mobile Advanced Plans, including CP Secure Threat Management and CP Secure Web Filter, Zscaler, NetCloud Edge Connector and SDK, if applicable
  • Geoview and dashboards for modem usage, health and clients
  • Remote connect and Out-of-Band Management (OOBM)

Non-Compliant LTE-Adapter Endpoints Lose Access to:

  • LTE-Adapter Advanced Plan, including Remote Connect and Out-of-Band Management (OOBM)
  • Advanced, real-time endpoint and network interface status
  • Dashboards for health and modem data usage

Non-Compliant IoT endpoints lose access to:

  • IoT Advanced Plan features, including advanced VPN and tunneling, Remote Connect, Out-of-Band management (OOBM) and NetCloud Edge Connector
  • Advanced real-time endpoint and network interface status
  • Dashboards for health, client and modem data usage

Reduced Functionality of Unlicensed Endpoints

Once an endpoint is unlicensed following the 30-day remediation period, it loses access to NetCloud Manager. Certain features such as remote connect, client/traffic analytics, and location services, will also be taken away. The device will maintain basic configurations and essential routing capabilities.

An unlicensed endpoint is no longer able to do the following:

  • Be managed in NetCloud Manager (for device or group configurations)
  • Upgrade its NetCloud OS (firmware)
  • Support NetCloud Perimeter
  • Use API and SDK applications
  • Act as a hub in Auto VPN
  • Connect as a spoke
  • Configure changes
  • Run the NetCloud software at full function

For Branch and Mobile Unlicensed endpoints, the following configurations continue to work but are locked:

  • Enterprise routing
  • Some VPN protocols
  • Zone firewall
  • Basic URL web filtering
  • Most LAN protocols
  • Wi-Fi

Across all subscription plans, the following features are removed from unlicensed endpoints:

  • Remote Connect
  • Out-of-Band Management
  • Alerts/Reports/Logs
  • NetCloud API
  • All dashboards in NetCloud Manager, except the Subscription dashboard
  • Real-time diagnostics and troubleshooting (minimized)
  • Full endpoint functionality will be restored when proper licensing is applied

For more information about NetCloud Manager and to ensure your endpoints are in compliance with this service, please contact 5Gstore.

By 5G , , , , , ,

Why You Might Use Bridge Mode

Sometimes referred to as IP Passthrough mode, in networking terms, bridge mode refers to a configuration on a networking device, such as a router or modem. That router or modem is configured to function primarily as a bridge, forwarding all network traffic between two or more networks without performing any network address translation (NAT) or routing functions. This means that any device connected to the bridge will receive an IP address from the network it is connected to, rather than from the bridge itself. Everything stays within the same network in this case, so you can maintain things like file and printer sharing across devices. 

Why, or Why Not Bridge Mode?

If you have multiple routers in your home or office, you can use bridge mode to connect them and extend your network coverage. This can be useful if you have a large area to cover and need to ensure that all devices are connected to the same network.

When you want to add wireless connectivity to an existing wired network, you can use a wireless access point in bridge mode to provide access. This can be useful if you have a wired network in your home or office and want to add wireless connectivity without having to replace your existing network infrastructure.

You might not want to use bridge mode unless you have a reason to keep a piece of hardware active. In the event you have to use an Internet Service Provider (ISP) supplied router in order to retain its functionality, you need to keep that piece of hardware active. However, if you’re upgrading your router by replacing it with a newer model, there is no reason to put the old model in bridge mode and connect it to the new one. Instead, you should make note of its configuration settings and then retire the hardware by factory resetting it and taking it to be recycled.

Advantages

There are several advantages to using bridge mode in networking:

  • Improved performance: Bridge mode can help to improve network performance by eliminating any unnecessary routing or NAT functions that can slow down traffic.
  • Simplified network management: By using bridge mode, you can simplify network management by reducing the number of devices that need to be configured and managed.
  • Increased network flexibility: Bridge mode can provide increased network flexibility by allowing you to connect different types of networks together, such as wired and wireless networks.
  • Improved security: Bridge mode can assist with network security by reducing the number of devices that need to be secured and minimizing the risk of configuration errors. Of course, your devices are only as safe as the firewall of the network so make sure you have this configured properly.

Disadvantages

While there are many advantages to using bridge mode, there are also some potential disadvantages to consider:

  • Limited functionality: When a device is set up in bridge mode, it typically loses some of its functionality, such as the ability to perform NAT or routing functions. In other words, you normally can no longer connect directly to the bridged device without some additional configuration on the device you’re trying to connect.
  • Increased complexity: Setting up a device in bridge mode can be more complex than simply configuring it to perform routing or NAT functions, which is typically its default state.
  • Potential compatibility issues: When connecting different types of networks together, there may be compatibility issues that need to be resolved before bridge mode can be configured. For example, the IP address may conflict with the existing network and need to be changed first. 

How do I Enable Bridge Mode?

To set up a device in bridge mode, you typically need to access the device’s configuration interface and enable the bridge mode or IP Passthrough option. This may be found under the WAN connection details or general network settings. Once enabled, bridge mode will disable any routing or NAT functionality and configure the device to simply forward traffic between the networks.

Looking for instructions on your 5Gstore devices? We have a few videos available below: 

By 5G , , ,

Peplink Identifies WiFi Vulnerability

Peplink has identified vulnerabilities in some of its products related to the manipulation of transmit queues in the 802.11 standards, regarding the Framing Frames research paper. In the context of the 802.11 standards, transmit queues refer to the buffers that hold outgoing data frames waiting to be transmitted by a wireless network interface.

Wireless devices such as access points and client devices often have multiple transmit queues to manage different types of traffic, such as data, voice, and video. Each queue may have its own priority level, and frames in higher-priority queues are typically transmitted before those in lower-priority queues.

The IEEE 802.11 standard defines several access categories (AC) to classify different types of traffic, and each AC has its own transmit queue. The ACs are assigned different priorities based on their intended use and the quality of service (QoS) requirements of the traffic. For example, real-time traffic such as voice and video usually have a higher priority than data traffic. By managing the transmit queues and their priorities, wireless devices can optimize the use of available network resources and provide a better quality of service to users.

Peplink’s Findings

Specifically, Peplink found the following with relation to some of their products:

  • Section 3 – Leaking Frames from the Wi-Fi Queue: Some Peplink models that have Wi-Fi AP function may be vulnerable to leaking frames from the Wi-Fi queue, while others may not. Stay tuned to this forum post as Peplink will provide a list of affected models.
  • Section 4 – Abusing the Queue for Network Disruptions: Peplink models are vulnerable to abusing the queue for network disruptions.
  • Session 5 – Overriding the Victim’s Security Context: For the attack to be successful, the attacker must possess valid network credentials, impeccable timing, and even if the attacker receives frames, they are of minimal value in modern secured networks.

Impact and Severity

The attacker takes advantage of the fact that they can intercept certain data packets intended for the victim, steal their contents and obtain sensitive information by using the same MAC address as the victim. This can be done by disconnecting the victim from the WLAN through a deauthentication attack or logging in at another AP in the network using the victim’s MAC address. In a securely configured network, this attack is considered opportunistic and the information that the attacker can obtain is of minimal value.

Mitigations

To better prevent this attack, Peplink recommends separating trusted and untrusted WLAN clients by using different SSIDs and VLAN networks; enabling the “Management Frame Protection”; and using higher-layer encryption, such as TLS and HTTPS, which can prevent sensitive information from being exposed to attackers.

By 5G , , , , ,

By-passing a Cellular Carriers Network without a static IP address

Accessing your local devices remotely without port forwarding or router changes

What is CG-NAT?

CG-NAT is a network address translation technique that extends the IPv4 networks on a considerable scale and allows ISPs (internet service providers) to conserve their acquired public IPv4 pool. Every online user has two IP addresses, a public (eg. 83.24.73.243) and a private one (eg. 192.168.1.12.) When a user intends to communicate online, the standard NAT protocol translates their private IPv4 address to a public one. But with CGNAT (LSN or NAT 444), an extra layer of address translation is added. The unique private IP addresses are translated into public IPs shared by multiple users. And this is how ISPs prevent their public IPv4 pool from exhaustion.

What does that mean exactly for me?

While it is excellent from a security standpoint and is great for cellular ISPs it can be frustrating from a network operations standpoint when attempting to reach equipment inside a private network behind a cellular router. Typically how this is dealt with is to buy the use of one of the ISPs static public facing IP addresses that by-passes their internal IPv4 CG-NAT for a direct line of sight to the internet. This of course costs more money which the average home or small business user doesn’t want to deal with. This is where a Reverse Proxy comes into play.

What is a reverse Proxy?

A reverse proxy is a server that sits in front of web servers and forwards client (e.g. web browser) requests to those web servers. Reverse proxies are typically implemented to help increase security, performance, and reliability.

How could this benefit me? 

Normally with CG-NAT traditional port forwarding won’t work like it would on a landline based  ISP (eg. Cable, DSL, Fiber) since you are behind the cellular carriers NAT. This is a work around to this issue.

Here are a few use cases for a reverse proxy that would make it attractive to an average user. (Note: Prerequisite for these scenarios is a PC will be required; It can be just a little Raspberry Pi or other PC. I used a Raspberry Pi 4 and a service called LocalXpose for all of these instances.)

Scenarios

A. I need to see a camera at a remote location on a cellular router.

B. I have T-Mobile home internet but want to access my Plex Server remotely.

Scenario A – Remote Camera exposure: 

I have an IP camera mounted at a remote cabin connected to a cellular router in the woods. I want to be able to see the video feed from my home. We find the local LAN ip address of your IP camera, in this example I’m going to use 192.168.1.2. Once I know my camera’s IP address I test the feed with VLC Player I open the feed url (rtsp://username:password@192.168.1.2:554) and I see a live feed of the camera. I then jump over to my PC with LocalXpose installed on it. In my case I’m using Linux for the operating System. I use the following command to route my camera feed to one of localxpose’s external URLs:

./loclx tunnel tcp  –port 10554 –to 192.168.1.2:554

This will create a url similar to us.loclx.io:10554. We can plug this URL into VLC player on a computer outside the network (in this case at our home) like so:

rtsp://username:password@camera.loclx.io:10554 and we will see the same live feed we did as if we were on the local network.

Scenario B – Plex Server exposure

This is a similar scenario as with the camera except we are dealing with a different type of device. Plex is an application for sharing media locally (eg. Home videos or music libraries.) In my case I have T-Mobile Home Internet but I want to be able to access my Plex library from outside my local LAN. Much the same way I did with the camera setup, I first get the IP address and port number the Plex server uses (I’m going to use the default port in this case.) My Plex server has an IP address of 10.0.0.12 and the port is 32400. Normally at home I put http://10.0.0.12:32400 into my web browser on my PC and I’m greeted with the login screen for my plex server. Again just like the camera we use a command to forward the traffic but I also want to specify the port:

./loclx tunnel tcp –port 32400 –to 10.0.0.12:32400

This will generate a url similar to this: http://us.loclx.io:32400. We can now put this URL into the browser of a PC (or phone/tablet) outside our home network and access the media on our Plex server.

As you can see in these two examples, a reverse proxy can be extremely useful when you’re behind the bars, so to speak of CG-NAT. I would also like to note that I didn’t go into the fine grain details of using this particular service as it was my goal to give a general example of how it could be used in a compact short read. 

If you’re interested in us going into more detail about this type of service, email sales@5gstore.com.

April 13, 2023 By: David W.

By 5G , , , , , , ,