Feeds

back to article BT finally admits its Home Hub router scuppers some VPN connections

BT has coughed to a crappy glitch with its Home Hub 3A router that is blocking some VPN connections. However, the one-time state monopoly appears to have taken a long time to acknowledge customer gripes, which have been piling up for weeks. BT said it had taken a while to respond to individual complaints because it was …

COMMENTS

This topic is closed for new posts.

Page:

Bronze badge

old news kind of ...

Blocked them on homehub 2.0 as well :(

1
0
Bronze badge

Re: old news kind of ...

I was thinking that myself.....worked for a couple of companies that had to supply a fix for accessing their VPN using a BT 'box' and that goes back 3-4 years

1
0
WTF?

4.7.5.1.83.8.94.1.37

That's one hell of a version number!

12
0
Bronze badge

Re: 4.7.5.1.83.8.94.1.37

And no wonder that they can't keep track of which features are fixed/broken in such a labyrinthine numbering scheme.

Maybe they could make it even worse using hexadecimal and colons...oh, no, that's IPv6.

3
0
Anonymous Coward

Re: 4.7.5.1.83.8.94.1.37

There's us old fashioned people content with using

{major}.{minor}.{revision}

and they decide there's a need for 6 further levels of categorisation. Nice

0
0
Anonymous Coward

Re: 4.7.5.1.83.8.94.1.37

They must be getting ready for the 'Internet of things'. If they ever have to issue a different firmware version to every insect and bacterium on the planet, BT are ready for it!

1
0
Silver badge

Re: 4.7.5.1.83.8.94.1.37

>{major}.{minor}.{revision}

>

>and they decide there's a need for 6 further levels of categorisation. Nice

{major}.{minor}.{revision}.{last minute bug fix}.{bug fix to fix bugs introduced by last minute fix}.{oh shit this isn't supposed to happen fix}.{er yes it was actually - check ptr #265476 revert fix}.{feck-this-I'm-off-home quick fix for overnight prod build}

1
0
MrT
Bronze badge

Re: 4.7.5.1.83.8.94.1.37

It's the new, easy-to-remember replacement emergency services number...

Oh, hang on - as you were; the new number ends in a '3'...

1
0
Happy

Comedy gold

"the one-time state monopoly"

Never fails to make me chuckle.

2
0

Re: Comedy gold

Makes me chuckle as well. Don't you just love the factual inaccuracies of this rag?

Ever been to Hull?

0
3
Bronze badge

Re: Comedy gold

You don't understand the concept of a monopoly. BT were a monopoly, for everywhere except Hull, where Hull Corporation/Hull City Council were the monopoly, as they bought out the infrastructure there rather than being absorbed into the Post Office.

Just because BT didn't have the entire country, doesn't mean they weren't a monopoly - customers in the BT network could only go to BT for service.

7
1
Silver badge
FAIL

Re: Comedy gold

You misunderstood which bit was "comedy gold" in "one time state monopoly" - it wasn't the "state monopoly" bit.

1
1
Bronze badge

Re: Comedy gold

They certainly aren't a monopoly now... People can get telephone services from a long list of suppliers (including mobile telephony), internet services from plenty also. You don't have to have ADSL for internet, you can have satellite, mobile or cable in some areas.

1
5
Silver badge

Re: Comedy gold

Downvote all you like, but you are plain wrong. In most areas, they have an absolute monopoly on fixed telephone lines which is why Ofcom can butt in on pricing access to poles and ducting.

Take this market. Monopoly? Yep.

6
0
Anonymous Coward

Re: Comedy gold

" In most areas, they have an absolute monopoly on fixed telephone lines"

But that's like saying Ford have a monopoly on selling Fiestas.

Virgin cover at least half of the country and the mobile networks nearly all of it. There's no need to give BT a penny if you don't want to.

0
3
Bronze badge

Re: Comedy gold

Why isolate fixed telephone lines as the metric? Is there some magical difference between fixed and mobile telephony other than one being a cable and one being a tower?

Also, of course you're going to find the occasional area, usually isolated and rural, which still has BT only for fixed line services - no other company thinks they'll make any money there, so why would they invest? If BT hadn't been in that monopoly position, its quite possible they'd have no fixed line service at all!

In that area you linked to, they have potentially at least 3 different methods of getting internet connectivity also...

1
0
Silver badge

Re: Comedy gold

Why fixate on fixed line? Because of the USO, which propagates the monopoly position.

BT didn't invest in that area, the tax-payer did.

Another example, I just moved to a new house. The new house is pre-wired with BT infinity. In order to move my phone service and internet there I had to fight through the BT infinity sales team. BT use their USO to force me to at least discuss (repeatedly) that, no, I don't want your internet, thank you very much, just the phone line. Yes I'm sure. Please stop talking about BT Sport.

PS: In the area I linked to, you're lucky to get 2G service. There is BT, or there is nothing.

1
0
Bronze badge

Re: Comedy gold

Its quite funny that you see the USO as a monopoly when it is actually a cost to BT...

0
0
Bronze badge

Re: Comedy gold

The USO is BT's "payment" for its dominant position, as well as being forced to open up its infrastructure to other competitors.

And as far as the government was concerned the GPO was a revenue source. Investment wasn't a high priority.

1
0
Bronze badge

ISP provided routers

Seem to be nearly always useless. I've had routers from at least 4 ISPs now, and every single one failed miserably. Orange's old wedge thing - crashed constantly. BT's original homehub - try doing anything with P2P and it basically stopped working, Virgin's 'SuperHub' - couldn't handle 3 people in a house using it so had to switch to modem mode and put my own in, and the new HomeHub - again, seems to crash all the time.

My solution for this? My trusty little Zyxel router. Just keeps on ticking.

7
0
Anonymous Coward

Is there any danger of some technical detail about the problem? What kind of VPNs are broken (IpSec, PPTP, SSL, etc), how they're broken, what it is that's actually happening (someone's run some kind of debugging, right? Of the vpn client, or the vpn endpoint?), what's seen in packet captures, etc

8
0
Bronze badge

Er . . .

. . we could tell you, but the snooper dept. won't let us.

0
0
N2

I suspect they may just need to set the correct MTU

or chuck it & get a DG834

0
0
Anonymous Coward

The cost of simplicity

My move from AOL/TalkTalk to BT went spectacularly well, thanks to the way the Home Hub 4 just popped through the letter box and worked when corrected. However, this serves as a nice reminder that I shouldn't throw away my old NetGear router. If BT can silently 'upgrade' my Home Hub, this could happen to me. It's an unfortunate cost of simplicity.

3
0
Bronze badge

Re: The cost of simplicity

> thanks to the way the Home Hub 4 [...] worked when corrected.

corrected: adapted, adjusted, doctored, fixed, modified, remade, remodeled, revised, updated

Sounds about right to me.

0
0
Anonymous Coward

Re: Erm, it really did just work

Speaking as the poster of the comment you respond to, I can say it just worked*. I was working from home, having a critical Skype chat with beloved employer and a customer (not to mention, connected to a customer site via VPN), when AOL simply stopped working. I swapped the NetGear for the Home Hub and was back up in a couple of minutes. It might be the cheapest router BT could source, but it's proved to be a good bit of kit. I suspect as long as it's an ADSL2 connection (in other words, Huawei** equipment from end to end), everything should just work.

* But the Three MiFi was at the ready, just in case the switchover went tits-up.

** And no, I don't like them any more than anyone else working in the telecoms equipment industry, but the kit is usually sound, at a knock down price.

1
0

MTU?

I've had problems in the past with stingy default MTU settings in home routers. 1492 seemingly isn't enough for some VPN implementations and I've had to bump it up to maximum. Naturally, corporate IS support were hopeless and it was trial and error that eventually found the problem.

Until then I had a furious wife who was blaming (correctly, for once!) "our crappy network". Funny, I don't recall ever taking on the role of network admin and desktop support, nor have I ever been paid for any work...

In any case, I doubt it's as simple a solution here, but stranger things have happened (e.g. MTU shown in UI isn't saved/doesn't reflect applied internal value).

1
3
Anonymous Coward

Re: MTU?

"Funny, I don't recall ever taking on the role of network admin and desktop support,"

Strictly speaking, you have taken on those roles if you're messing about with MTU settings.

"nor have I ever been paid for any work..."

You have my sympathies ;)

0
0

Re: MTU?

Naturally, corporate IS support were hopeless and it was trial and error that eventually found the problem.

How is it Corporate IS Supports problem when your home provided by you broadband has a connection issue?

Do you expect every corporate IS support desk to have visablity of ever possible home broadband connection configuration or should they concentrate on keeping the corporations network and systems up and running instead which is there after what the are frigging paid for.

If you have a problem connecting from your home broadband maybe you should take this issue up with the people you pay to provision the service.

As one of the people that has worked extensively in corporate IS support I would like to say a hearty FUCK YOU to you and your ilk.

3
2

Re: MTU?

Relax, friend, I'm sure it wasn't you who failed to do your job properly.

Here's how these things work:

- Corporate wants workers to have flexibility to work from home, airport lounges etc. to save money on head office floorspace and facilities, so rolls out VPN solution but expects staff to provide home connection (partially subsidised).

- VPN solution works most of the time, but when it doesn't the users have to phone a centralised support number.

- In an ideal world, this support function would provide credible suggestions of what to do to try and resolve the issue, including working with the user to identify any potential issues in the privately-provided but corporately-sponsored home broadband equipment.

- In this case they failed to do that, a metaphorical shrug of the shoulders was all that was given.

However, this doesn't help the user and certainly doesn't magically teleport them 20 miles to head office and make a desk and ethernet connection appear out of nowhere to allow them to start working again.

This is not some resource-starved SME either, we're talking about an oil major here.

From memory it was working fine for ages then some patch or upgrade was applied and it stopped working.

Considering the nature of the problem (related to a hardware/software change), the size of the user base (>10 thousand) and the equipment used (a fairly common Linksys of the time), it's unlikely that no-one else had ever come across a similar issue, so this points to a) a lack of knowledge sharing and/or b) incompetence/inexperience on the part of the support staff.

It certainly isn't the time to start the 'user blaming' that is so prevalent in large swathes of desktop support. You seem to hold your discipline in such high regard, putting it beyond criticism, but it's not the view shared many of us stupid and inconvenient people on the end of the phone.

I've known many great women and men in support - dedicated, knowledgable and friendly people - but sadly for each of them there's been about three petty, unhelpful, incompetent jobsworths.

Anyway, all water under the bridge now and precious little to do with the subject at hand.

I hereby apologise for calling your personal commitment to excelling in all areas of support into question and wish all those suffering from lack of connectivity due to the Homehub issue a speedy resolution :)

p.s. And thanks for the "FUCK YOU", I'll file it along with all the other online insults I've received over the years. I'm hoping to one day fashion them into a monument to my own ignorance and fallibility, to be titled 'My Ad Hominem Phenomenon', the base of which will feature a downvote appliqué.

0
0
Bronze badge

There's only really two kinds of people doing VPN...

...IT enthusiasts/pros and W**k From Homers.

Both types should have the ability to buy and set up their own routers (or in the case of WFHers get their tech guys to do it). Heck, a Netgear DGN2200v4 isn't all that much from PisseyWorld.

You don't even need the specific username and password for the connection, homehub@btinternet.com with no password works fine.

Personally I'm still happy with my HH3. For what I paid (nowt) its simply done its job for the last two years with no issues. I might upgrade to a Netgear DGN2200v4 at some point as that router (like the HH3) does both ADSL and ethernet routing so will still be useful if we get our fibre rollout

2
1
Anonymous Coward

Re: As an occasional WFHer

I can tell you the corporate tech guys won't be coming within a mile of my place. The security of my home network matters to me!

5
0
Bronze badge

Re: As an occasional WFHer

In that case you could always config the router yourself.

And if you care that much about your network security you'd not use a homehub in the first place!

0
0
Anonymous Coward

The security of my home network matters to me!

And me, which is why my employer pays for a separate internet connection. My home network is Virgin cable, my work BT ADSL. Funnily enough the engineer that fitted the BT line (since we haven't had one since moving in in 2002) was very skittish seeing a VM setup .. he had to "check with the office" before he could finish the install (which he did).

I didn't want a BT line. When our office closed, and the team became homeworkers, I wanted Virgin. I emailed them to ask for a quote, and never heard back. Their loss.

0
0
Bronze badge

Re: The security of my home network matters to me!

We went over to a VM business cable connection in one of our offices when it became clear BT were not going to upgrade our cabinet any time soon.

The business superhub is a bit of a pain though. There's no modem mode so you have to go for a range of 5 static IPs if you want your own router with no NAT.

Another pain was even with its own public IP our netgear router's VPN still wouldn't route traffic. I found out in the end that setting the VM Business Superhub router's firewall to "Off" didn't actually turn it off. However setting it to low and allowing PPTP/IPSec through specifically sorted it right out.

0
0
Silver badge

Re: There's only really two kinds of people doing VPN...

When sourcing their routers, I think ISPs generally go for the cheapest equipment on the market. As a business model that might be a bit out of date now. My HH3 is reasonable, and importantly, seems to be secure. However, like all ISP stuff, it has a collection of small drawbacks,

- the wifi is slightly poor

- DNS is unreliable and locked to BT servers, and has problems with CNAMEs

- the HH often needs a reboot

- the NICs are 100 Mb/s (in 2014 for flips sake)

- BT keep certain ports open that you can't shut, probably for maintenance but they won't explain why.

- the UI is clunky.

- forget any advanced features

The HH is obviously < £50. I would prefer something >£100, like a Billion router with 8 Gige ports. Many BT users do a swap out. Others, like me, buy extraneous switches and APs to work around the HH.

2
0
Bronze badge

Re: There's only really two kinds of people doing VPN...

The only decent ISP supplied router I've seen was when Nildram offered netgear DG834s about 8 years ago.

Every other ISP router is basically aimed at the "aunt Doris checking her email" level of service. I'd not expect an ISP to bundle a router that's cost them any more than about £30 wholesale at most.

If your after port forwarding or anything else a bit more advanced then your always better off moving over to your own kit.

1
0

Re: There's only really two kinds of people doing VPN...

I'm with Sky which provided me with a Netgear DG934G some years ago - which is OK but obviously a custom firmware limits what you can do: eg. you can't set it in transparent mode, it has to do NAT.

Its main drawback for me was the lack of Gigabit ports, so I supplemented it with an Edimax router/AP.

I've been offered upgrades since, but my setup works fine and I never had issues with VPNs when WfH so I'll leave this be for now.

0
0

Re: There's only really two kinds of people doing VPN...

I think most ISP go for something < £20 (probably about £10 after bulk savings and other ways to get money back from tax and things), there is no way any home router delivered here was worth more than £30, and none of them usually make the top 10 trusted brands any more

0
0
Bronze badge

So, do BT block downgrading your router to an earlier firmware version? I know the process is usually automatic, but you can usually upload a firmware file too. Surely this would be better advice from BT than simply wait it out. If they have disabled downgrading, how stupid are they that they would block a back out route which could be used in precisely this case.

0
0
Bronze badge

The homehubs are all cuddly interfaces and "maintenance free". I don't think a firmware upload option is given, and BT don't make older firmware versions available anyhow.

2
0
Gold badge
FAIL

So the standard Corporate cockup playbook

1) There is no problem. Your just not using it right.

2)There might be a small problem for a small number of users.

3)There appears to be a bigger problem with a larger number of users.

4)By larger we mean all users

5)But we are planning a fix and will role it out real soon now.

1
0

I left BT for a very similar reason. Some new neighbours went with BT an got a HH4 and from the day it was installed we experienced drop outs and poor connections on our HH2. Phoned BT about it and they told me I would either need to buy a new router or they would send me one but only if I signed up to a new 12 month contract.

Poor customer service winds me up to boiling point so I had to leave BT for the sake of my own dignity.

1
0
Bronze badge

It was probably just that both routers were on the same wireless channel.

Homehubs are meant to find the least congested channel, but I find they all seem to default to the same one

1
0
Bronze badge

Understandable that this wound you up. I imagine the problem is how do you go from your symptoms to identifying the root cause and fix and doing that for a cost that the ISP can afford? Without that, you don't know if a new router would fix your problem.

When "broadband" first appeared on the UK PSTN in 2000, it was £39.99 a month for 500kbps. Since then the things that 80%+ people have bought on is more speed for less money. If there's less money per service coming in, and network investment to provide more capacity, there's a limit to the depth of repair service an ISP can provide.

0
1

Back when we were on ADSL at my workplace, BT rolled out a firmware update for the BT Business hub that scuppered our incoming VPN connections, and they couldn't seem to give us any kind of fix; we had to dump their router and replace it with a Draytek.

When we got fibre, the BT engineer strongly advised us not to use the supplied BT Business Hub 3.0; we used it anyway, just so if there was any problem with the new connection, it couldn't be blamed on our 3rd party router. However after less than two months, the BT hub stopped working, just no WAN connection. So we had to dump it and replace it a Netgear.

Seems like one way or another, BT's routers find a way to be junk.

0
0
Flame

Of course if you don't read the small print on BT's consumer T&Cs...

You may as well not bother applying the fix, as you won't have seen the bit where BT basically reserves the right to completely screw up any VPN connection you do succeed in making by serving you adverts every time you get an DNS NXDOMAIN response. Let me clue you in, BT - NXDOMAIN is an Internet standard with a purpose, not an opportunity to shower your user base in a deluge of f***ing browser-based spam. Sure, you can use 3rd party DNS, but as usual, you shouldn't have to.

1
1

Re: Of course if you don't read the small print on BT's consumer T&Cs...

If you want the NXDOMAIN response then just disable Web Address Help from http://preferences.webaddresshelp.bt.com/selfcare/. Takes just a few seconds and no config changing.

Many of the 3rd party DNS providers also direct invalid domains to their own servers, so you need to do the same thing if they let you, I use OpenDNS and have it set to return NXDOMAIN for invalid domains.

Of course I can change the DNS at the router as I don't use the BT Hub, and that is precisely because I understand the limitations of ISP provided kit.

Simple rule to follow, if you use basic internet services only, ie web and email, ISP kit is serviceable. If you use anything that causes the ISP support desk to go, "let me check into that,", their kit is probably worth changing out.

1
0
Anonymous Coward

Re: Of course if you don't read the small print on BT's consumer T&Cs...

"If you want the NXDOMAIN response then just disable Web Address Help from http://preferences.webaddresshelp.bt.com/selfcare/. Takes just a few seconds and no config changing".

That's useful to know but misses the point a bit. Services like OpenDNS pull the same manoeuvre, but you make a conscious choice to use those.

The response is the same for each of your points there: Why should I have to do any of those things because BT are greedy and unethical and want to monetise a service I already paid for and hide the fact in the small print?

"Simple rule to follow, if you use basic internet services only, ie web and email, ISP kit is serviceable. If you use anything that causes the ISP support desk to go, "let me check into that,", their kit is probably worth changing out."

Or, just a thought (and I realise this is hilarious optimism on my part) a simpler rule still to follow would be for the ISP to supply a router fit for purpose given that that's a part of the service agreement, rather than shelling out for kit you shouldn't have to buy.

0
1

Re: Of course if you don't read the small print on BT's consumer T&Cs...

<Quote>

"If you want the NXDOMAIN response then just disable Web Address Help from http://preferences.webaddresshelp.bt.com/selfcare/. Takes just a few seconds and no config changing".

That's useful to know but misses the point a bit. Services like OpenDNS pull the same manoeuvre, but you make a conscious choice to use those.

The response is the same for each of your points there: Why should I have to do any of those things because BT are greedy and unethical and want to monetise a service I already paid for and hide the fact in the small print?

</Quote>

And you make a concious decision as to which ISP you use. If you blindly agree to a legal contract without being fully aware of all the terms of service, then more fool you. I suggest you watch Dave Gorman's Modern Life is Goodish (http://dave.uktv.co.uk/shows/dave-gormans-modern-life-goodish/watch-online/#2652189551001), especially the bit about being in the audience.

Why do you assume that because you are paying directly towards part of the service that this covers the entire cost to the provider ? Do you expect newspapers to have no adverts in them and that the cover price covers the entire cost to the publisher ?

Remember there is plenty of choice of ISP who don't use adverts to subsidise their customer price, although BT may be being forced to subsidise them but that's another discussion, however that may mean paying more up front. You pays your money, you takes your choice.

<Quote

"Simple rule to follow, if you use basic internet services only, ie web and email, ISP kit is serviceable. If you use anything that causes the ISP support desk to go, "let me check into that,", their kit is probably worth changing out."

Or, just a thought (and I realise this is hilarious optimism on my part) a simpler rule still to follow would be for the ISP to supply a router fit for purpose given that that's a part of the service agreement, rather than shelling out for kit you shouldn't have to buy.

</Quote>

Fit for what purpose ? As I said they are usually perfectly serviceable for general internet use and that is what low cost standard broadband is designed for. Do you complain to the car dealer that the Ford Fiesta you bought when you went in looking for a town runabout is absolutely useless at off roading ?

If you want something specialist, you need specialist kit, do your research before entering a legal contract, don't just go on price. FWIW I do reckon that there should be either some sort of discount if you don't want the supplied router, or a nominal charge if you do, so you can do the right research.

1
2

Page:

This topic is closed for new posts.