The master account issue is fixed ?

[dafeiroc]

Checked my router's log: 2020-12-08 03:53:14 [Error][アラームログ] アラームID:104510,アラームレベル:エラー,ソフトウェアのアップグレードに成功しました。元のバージョン:V300R016C00SPC110B094 更新後のバージョン:V300...

[meh301]

Hi, it seems the latest update does not change the master password as that is hard-coded, rather it updates the hw_ctree.xml config file and disables the master account entirely.

[dafeiroc]

Do you know how to enable it again?

[meh301]

For the moment, the only way I found to re-enable it was to flash the NAND chip with a few bit flips. I am also looking into other attack vectors

[dafeiroc]

I see. thanks. Do you know if there is some way we can rollback to the previous firmware V300R016C00SPC110B094 ?

[meh301]

Huawei does not publicly provide the required firmware files to roll-back the update sadly

[dafeiroc]

Which means Huawei did resolve this master account issue. lol

[meh301]

Well I would say "good job" if it weren't for the fact that I recently found evidence of various Nuro ONUs being illegally accessed by a 3rd party meaning someone somewhere has discovered a remote attack exploit :/

[shooter556]

2020.1.14 I'm new to NURO and get this model HG8045Q and find it has been updated to a new version of firmware as soon as I connect to the internet. All the issues you mention are seemed to be all gone. But actually I want to make it working under bridge mode instead of route mode. Besides, its web management port 80 can be only visited locally. This is also something I won't expect to. Anyway, fixing exploits will always be safer than function expeditions.

[mark-omarov]

Hi everyone,

It's really troublesome and a shame. I've moved and decided to use NURO instead of NTT this time.

My plan were to make a home lab, obviously I don't want it to be behind ISP issued router, originally I thought they just give me modem, and then I'll connect my router, I figured they give their modem and route in-one solution, I thought I'll be able to bridge it and configure everything on my router. How little I knew.

I have no idea how to proceed from there TBH. I'm a software engineer, not very good with networks and hardware, so dumping memory or whatever is not really an option to me. It seems NURO doesn't enable bridge mode by a request neither.

If anyone have any information on how to make it work, legally, please let me know! I'd really love to get my home lab instead of using AWS/DO services. 😒

UPD: So far the only possibility I see is to proceed in the following manner: 1) Disconnect everything from the NURO router and disable it 2) Connect my router, LAN on NURO router to WAN on my router 3) Enable NURO router, once it's booted - enable my router 4) Configure DMZ on the NURO router to release all ports for the new router 5) Configure my router and APs, connect my devices to the new router 6) Disable WiFi on the NURO router completely

I'm not sure if that's going to resolve all my problems, but it's best what I know so far.

[pkishino]

@InkFaust yeah, for most people (including your case) that is actually good enough.. you could go the way of purchasing the same modem on aliexpress, this will be unlocked and work with Nuro.. but not sure it would be worth it..or you could try just an ONT unit I'm running my network setup behind the Huawei Nuro and no issues really.. Letsencrypt/Plex/HomeAssistant/Various other services etc all run fine behind it, via DMZ in Nuro and my Asus AC68u behind it.. in the real world you will most likely not notice much difference..

[mark-omarov]

Hi guys,

It's me again. Do you know if this model supports LACP? The information on their website requires having an account, I've tried to find the answer in other sources but no luck figuring it out, some description stated that layer 3 features Multiple services on one WAN port suggests support for LACP, but I'm not sure.

[mark-omarov]

As for my last question regarding LACP - no, it does not support LACP. My biggest problem was that the ONT has 1Gbps ports while I have a 2Gbps (down) line, and running my setup behind Huawei Nuro with 1 line wasn't a great option. To overcome this issue, I used pfSense with their Dual-WAN and two lines running from the ONT to the pfSense, which works beyond my expectations, and I'm thrilled I got pfSense instead of UDM.

[RW21]

@mark-omarov Could you provide more information on how you were able to achieve 2 Gbps in your setup? From my understanding, even when using multiple WAN connections with load balancing on pfSense, it is not possible to surpass the 1 Gbps limitation of each individual connection.

[mark-omarov]

@RW21 Sure. You're right, it's not possible to surpass 1Gbps per connection. In my case it doesn't matter as long as I can share the bandwidth between multiple devices. I should also note that I haven't tested the utilization yet. I have to get a new switch and AP to finish the setup, and then I'll do the full test between multiple devices. Currently I have only one device connected to pfSense and other devices on WiFi connected to the NURO ONT, I did a test and results were positive, but it's not quite what I'm going for. As soon as I complete the setup I'll provide more information on this solution.

[RW21]

@mark-omarov I see. Thanks for sharing. For myself, I think I'll stick with the HG8045Q or perhaps get the 2gbps onu/router down the line. HG8045Q is still able to work with a shared bandwith of 2gbps if router properly.

[edwynchan]

@mark-omarov i just signed up. I can’t login at all Would love to disable it

[edwynchan]

Hi everyone,

It's really troublesome and a shame. I've moved and decided to use NURO instead of NTT this time.

My plan were to make a home lab, obviously I don't want it to be behind ISP issued router, originally I thought they just give me modem, and then I'll connect my router, I figured they give their modem and route in-one solution, I thought I'll be able to bridge it and configure everything on my router. How little I knew.

I have no idea how to proceed from there TBH. I'm a software engineer, not very good with networks and hardware, so dumping memory or whatever is not really an option to me. It seems NURO doesn't enable bridge mode by a request neither.

If anyone have any information on how to make it work, legally, please let me know! I'd really love to get my home lab instead of using AWS/DO services. 😒

UPD: So far the only possibility I see is to proceed in the following manner:

1. Disconnect everything from the NURO router and disable it
2. Connect my router, LAN on NURO router to WAN on my router
3. Enable NURO router, once it's booted - enable my router
4. Configure DMZ on the NURO router to release all ports for the new router
5. Configure my router and APs, connect my devices to the new router
6. Disable WiFi on the NURO router completely

I'm not sure if that's going to resolve all my problems, but it's best what I know so far.

Could you give a little more detail on how you got this to work ?

In particular:

4. Configure DMZ on the NURO router to release all ports for the new router

How can I get access to the settings now that the master account is turned off.

Appreciate the help!

[mark-omarov]

Hi @edwynchan , while the master account is turned off, you can still login with the admin account. Navigate to your router login page, username is likely to be admin, and the password should be somewhere on papers ISP gave you, or try default one that you can find online, I don't remember which was it exactly. Before enabling DMZ, make sure that your other router or firewall is configured correctly.

[5n1perwo1f]

Hi @edwynchan , while the master account is turned off, you can still login with the admin account. Navigate to your router login page, username is likely to be admin, and the password should be somewhere on papers ISP gave you, or try default one that you can find online, I don't remember which was it exactly. Before enabling DMZ, make sure that your other router or firewall is configured correctly.

Are you using your router (not nuro router) to distribute DHCP addresses? Also, did you set your NURO router to a static local IP address when plugging it into your routers WAN port?

[5n1perwo1f]

I have an AX4200, and usually don't have issues like this when I can bridge the modem/router supplied by the ISP. But in this case, bridged mode is completely non-existent. I run servers and such within my network that I'd like accessible from outside the network, but DMZ is not allowing me to accomplish this. Even when i forward the ports going from the LAN port of my HG8045Q to the WAN port on my AX4200, the ports remain closed.

Is there a workaround or solution to this? Would upgrading to Smart Life provide me with a router than can be bridged? Thanks for the help. I appreciate it.

If I connect my AX4200 router from LAN to LAN on the Nuro router and set the AX4200 to bridged mode, I can connect to my Servers from outside the network, but I lose all functionality of the Router at the same time. There must be something I can do to get this to work, my apologies as this issue is very frustrating.

-----Update---- Found a workaround solution, and it seems to be working.

[pkishino]

I have the same hg router and dmz works just fine. I run several open services no problem

On Fri, 8 Sep 2023 at 17:22, Wo1f @.***> wrote:

I have an AX4200, and usually dont have issues like this when I can bridge the modem/router supplied by the ISP. But in this case, the bridged mode is completely non-existent. I run servers and such within my network that I'd like accessible from outside the networl, but DMZ is not allowing me to accomplish this. Even when i forward the ports coming in from the LAN port of my HG8045Q to the WAN port on my AX4200, the ports remain closed.

Is there a workaround or solution to this? Would upgrading to Smart Life provide me with a router than can be bridged? Thanks for the help. I appreciate it.

— Reply to this email directly, view it on GitHub https://github.com/meh301/HG8045Q/issues/1#issuecomment-1711274108, or unsubscribe https://github.com/notifications/unsubscribe-auth/AA7OFYV7S3PRTWSXMIM24RTXZLIU7ANCNFSM4UURZGKQ . You are receiving this because you commented.Message ID: @.***>

[mark-omarov]

Are you using your router (not nuro router) to distribute DHCP addresses? Also, did you set your NURO router to a static local IP address when plugging it into your routers WAN port?

Yes, and yes.

Is there a workaround or solution to this?

It looks like you have already figured it out. I don't expose my homelab, so I never ran into this issue.