Configuring a modern Linksys ADSL2 router

posted by cjh, 25 March 2012

It took me a number of hours to get a basic ADSL2+ configuration working with a new Linksys X3000, which is a higher-end domestic ADSL2+ router with Wireless, Ethernet (of course) and USB storage. This blog says why, and what the solution was. I hope it helps someone.

But before I get on to the particular challenge of the X3000, I had to get the X3000 to connect to ADSL. This was also a challenge, even after I contacted TPG to find out what DSL mode to use and which of several versions of my usernames and passwords to enter.

Ok, so once the ADSL model connects, the key is this. Until the wireless security and password has been configured, almost no network traffic will be routed between the ADSL and internal networks (wireless, ethernet). This is true even if you aren’t using wireless - which is pretty likely, since the X3000 comes with wireless configuration disabled.

Before the wireless is secured, the X3000 diverts all outbound Internet requests to a web page with a bold warning. In order that the request can be made however, it does allow DNS requests to get through. All other traffic is blocked; so if you configure ADSL and Ethernet then test using the “ping” command, you get your IP addresses but no actual ping responses.

But why didn’t I see the security diversion and the big warning page? Here’s where Chrome came in.

By default, Chrome uses a web service instead of DNS, to help with auto-complete. The trouble with this is that it prevents access to the Internet through the modem in its security-diversion mode. The DNS-replacement web service is blocked, so your browser never finds out where to send requests. Note that this affects you even though you’re still using Ethernet and haven’t even looked at the wireless yet. So “ping” doesn’t work, and neither does web browsing. DNS works however, which causes some hair loss, because you know that most things are working ok. You never see the security diversion page because there’s never a request to divert.

So then you get the IP address for google.com, or whatever website you usually use to test connectivity, and enter that into the Chrome address bar. This should answer you immediately, no?

Weeelll, no. Chrome bites again.

Chrome also has a default mode to foil some phishing attacks. At least I think it was the anti-phishing measures. Either way, Chrome doesn’t want to render pages that have numeric IP addresses until after it has looked up the IP address in its list of known-bad sites, OR roughly 30 seconds has expired. So from the first time you tried to visit the new internal IP address you set for your local network (assuming you changed it from 192.168.1.* (as I did really early on), it takes 30 seconds at least to fetch every configuration URL from the router. And guess what? The security redirect page has a couple of dozen items in it (images etc), so yuo basically never get to see the whole thing.

You can disable both these settings in the Chrome advanced preferences. Or you can switch to Firefox for configuration, which is what I did. Suddenly the router configuration pages started rendering quickly and completely, and when I got to the security diversion page, I was able to figure out why I’d been having troubles all along.

Anyhow, there it is, the results of a number of hours of my life wasted because some helpful software folk thought they’d make my life safer. And I suppose in a way it did; I might have been outside in the sunshine instead, and got hit by a bus.