Kitz ADSL Broadband Information
Plusnet Broadband
 
     
support site  Support this site
 
PayPal Donate

Compare ISP   Rate your ISP



site index
site search

adsl bar

Speedtouch 585 commands

 adsl bar
 

 

The following commands are configurations I set on my BeBox Speedtouch 585 v6, although these commands can also be used on many other Speedtouch routers.

These settings are intended as a guide only and the site does not take any responsibility for changes that you may make to your router and you do so at your own risk.

Telnet into the CLI

To perform most of these operations you will need to telnet into the router to access the CLI (Command Line Interface), to do this from windows:

Start >> Run >> type "cmd" into the box

You will then be presented with a telnet window in which type

open 192.168.1.254

or simply click this link here --> telnet 192.168.1.254

Now enter the username and password.
By default the username is Administrator and the password is left blank.

You should now be presented with the prompt

_{Administrator}=>

Basic CLI commands

help or ? = help information
menu = displays the menu
exit = close
.. exit a group selection
saveall saves the current configuration

{Administrator}=>saveall
Remember to use this command to save any changes that you make.

To set the Speedtouch date and time.

 ~ Check the system time = system settime

{Administrator}=>system settime

which will return something like:
date = 18/01/1970
time = 01:50:10
timezone = +00:00
daylightsaving = off
uptime = 17 days, 1:50:10

Note: For some reason on some systems, a bug may display the year 2008 as 2000

 ~ Set the system date and time

{Administrator}=>system settime date=01/05/2008 time = 20:10:15

 ~ Set British Summer Time (BST/DST)

Set to on|off or enabled|disabled

{Administrator}=>system settime daylightsaving = on

 

Set a time server (SNTP)

 ~ To set SNTP so that your router will automatically synchronise with a time server.
     Here I'm using Manchester University ntp2d.mcc.ac.uk 130.88.200.4

{Administrator}=>sntp config state=enabled

{Administrator}=>sntp config

state = enabled
poll interval = 60 minute(s)
poll interval (before first sync) = 5 minute(s)

{Administrator}=>sntp add addr=130.88.200.4

{Administrator}=>sntp list

IP Address Version Status Name
130.88.200.4 3 synchronized

 

Cant log in with IE7

On some firmware versions after you have changed the router password IE7 wont allow you to log in to the router. This can be fixed by using the following command:

{Administrator}=>system config digestauth=disabled

 

Session Timeout

If you are finding that the telnet session ends quickly and logs you out too soon you can change this.

 ~ To check the telnet session time length (in seconds):

{Administrator}=>env get var=SESSIONTIMEOUT

 ~ To change the telnet session timeout enter the number of seconds:

{Administrator}=>env set var=SESSIONTIMEOUT value=600

 ~ To set to never timeout:

{Administrator}=>env set var=SESSIONTIMEOUT value=0

 

Set DNS Servers

 ~ To check which DNS servers are set in the router:
    Caution these settings are shown for Be/O2.. users of other ISPs may need to use "Internet"

_{Administrator}=>dns server route list

DNS             Server    Source    Domain    Metric    Intf                 State
87.194.0.50                                             10      RoutedEthoA     UP
87.194.0.51                                             15      RoutedEthoA     UP

 ~ Assign an OpenDNS server 208.67.220.220 to the list:

_{Administrator}=>dns server route add dns=208.67.220.220 metric=5 intf=RoutedEthoA

Note:
    The metric figure is a precedence weighting with the lower number getting priority.
    If no interface is specified then DNS will be forwarded to all interfaces.
    Be and O2 should use "RoutedEthoA". Other users should use "Internet"

 

Enable NAT Loopback

If you run a server from behind your router, when you type the "external url" NAT will prevent you from accessing the domain due to you being on the "other side" of your router. NAT Loopback enables IP packets from the LAN to pass through and come back on the WAN side and access via the public address.

 ~ To enable NAT Loopback:

{Administrator}=>ip config natloopback=enabled

 

Log History

 ~ Retain router log history across system reboots

{Administrator}=>:systemlog show hist=enabled

 

Enable SNMP

If you use MRTG or similar to log statistics from your router you will need to enable Simple Network Management Protocol (SNMP) in the router.

 ~ To check SNMP status:

{Administrator}=>service system list

Idx  Name                    Protocol    SrcPort    DstPort    Group    State
-----------------------------------------------------------------------
17   SNMP_AGENT         udp                           161                  disabled

 ~ To enable SNMP

{Administrator}=>:service system modify name=SNMP_AGENT state=enabled

You may also need to assign snmp to a community, however mine seems to work fine without.
add : Config an SNMP community string to allow snmp access over IP.

{Administrator}=>snmp community add securityname=RWCommunity communityname=public

 ~ Detailed SNMP info

{Administrator}=>service system list name=SNMP_AGENT expand=enabled

 

Make router pingable

By default some routers will block pings and not respond

 ~ To check PING status:

{Administrator}=>service system list

Idx  Name                    Protocol    SrcPort    DstPort    Group    State
-----------------------------------------------------------------------
14   PING_RESPONDER    icmp                          8                    disabled

 ~ To enable router to respond to PING

{Administrator}=>:service system modify name=PING_RESPONDER state=enabled

 ~ To assign the ping command to the WAN interface

{Administrator}=>:service system ifadd name=PING_RESPONDER group=wan

 ~ Detailed info about ping_responder

{Administrator}=>service system list name=PING_RESPONDER expand=enabled

Idx  Name                    Protocol    SrcPort    DstPort    Group
--------------------------------------------------------------------------
1    PING_RESPONDER    icmp                           8

Description................ ICMP echo responder
Properties................. server
Attributes................. state aclip aclif aclifgroup log
User Managed Attributes.... state aclip aclif aclifgroup log
Attribute Values :
State...................... enabled
Ip Access List............. any
Interface Access List...... any
Interface Group Access List lan wan
Logging.................... disabled

 

AnnexA / AnnexM

Only applicable on Annex M ISPs and from firmware V6.2.G onwards.

adsl debug multimode config=g992.5_AnnexA

adsl debug multimode config=g992.5_AnnexM

Previous versions - Annex M Speedtouch 585

Reset Users

If for example you have been locked out from the web interface although it may be worthwhile trying system config digestauth=disabled first.

 ~ List the existing user accounts

{Administrator}=> user list

User                Flags      Role
----                  -----       ----
Administrator     U          Administrator
tech                  R          TechnicalSupport
BeTech                          TechnicalSupport

 ~ Flush the existing user accounts

{Administrator}=> user flush
{Administrator}=> exit

   Now Start a new telnet session.
   You will not have to authenticate or use user name = "root" with no password (hit the enter key).

 ~ Add a new user

{Administrator}=> user add
    name = admin
    password = ****
    Please retype password for verification.
    password = ****
    role = SuperUser              (or Administrator)
    [hash2] =                        (leave blank)
    [descr] =
    [defuser] = enabled           (this sets as the default user)
    [defremadmin] = enabled    (this sets as the default remote administrator)
    [deflocadmin] = enabled      (this sets as the default local administrator)
    :user add name=admin password=_CYP_098f6bcd4621d373cade4e832627b4f6
      role=SuperUser defuser=enabled defremadmin=enabled deflocadmin=enabled


Allow remote access to the Web Interface or Telnet

Users that want to remotely manage their routers either through the GUI or via telnet can.
First create a user as above, this gives that user privilege to manage remotely, then telnet to the router. **

 service system ifadd name HTTP group wan
 service system ifadd name HTTPs group wan
 service system ifadd name TELNET group wan

This of course opens the router up to anyone on the internet. To secure access to an IP or range of IP's type the following. **

 service system ipadd name HTTP ip 212.23.9.250
 service system ipadd name HTTPs ip 82.69.227.30/29
 service system ipadd name TELNET ip 212.23.9.250-212.23.9.259

If locking down to IP, remember that it takes effect immediately. If you are connected to the router via telnet from the local network and you lock telnet down to a WAN IP you will be instantly disconnected and be unable to connect from anywhere other than the WAN IP specified. **Make sure to add the IP you are currently connected from first**.

 

More CLI commands

Credits:

Thanks to Azzaka from ZenInternet for the User + remote access information.

  
Copyright © Kitz 2003-
All rights reserved
Unauthorised reproduction prohibited
Valid HTML 4.01 Transitional adsl 60 spacer


|| Broadband || ISPs || Tech || Routers || Site || Wiki || Forum ||

| About | Privacy Policy |

 adsl 60 spacer Valid CSS!