cancel
Showing results for 
Search instead for 
Did you mean: 

Hitron CGN3 - Router questions

DrMike
I'm a Trusted Contributor

Hi all,

 

I just upgraded from Extreme Plus to HF 250/20 and of course as part of the upgrade I had to return my Cisco modem and take the Hitron CGN3 instead. Other than the fact that for the second time in 2 modems the . at the Rogers store failed to actually *activate* my new modem and I had to go through Tech Support to get it online, all has been good (granted only about 2 days). Speeds are good, all is functioning (in gateway mode) as it should.

 

My questions relate to why so many people want to use this in bridge mode. I understand that the Hitron does not function so well in bridge mode, and I have read a lot on that, but I have not really seen why so many people are so unhappy with the the out-of-the-box gateway mode.

 

I assume that the firewall and security of the Hitron are standard etc, so what is wrong with the router part of this per se? Do I really need a fuller-featured router that the Hitron provides? I guess that is hard to answer when you don't know my usage and setup etc, but perhaps some experienced users can list a few of the major deficiencies of the Hitron as router that are driving so many users to bridge mode and a stand-alone router? I want to learn what I am missing 🙂 

 

Thanks.

 

 

***edited labels***

19 REPLIES 19

Re: Hitron CGN3 - Router questions

JoinMyBotnet
I've Been Here Awhile

The Hitron makes simple things... less simple.. and sometimes it makes them impossible.

Re: Hitron CGN3 - Router questions

Gdkitty
Resident Expert
The Hitron allows simple stuff. Limited options in port forwarding, Access restrictions, etc.
It does have dual band wireless.

But the wireless range is not great, compared to a 3rd party router.

Pretty much, if it doesn't do what you need it to/you need more options... Then you bridge with a better router.

(And pretty much all the bridging issues have been fixed now)


Re: Hitron CGN3 - Router questions

DrMike
I'm a Trusted Contributor

@JoinMyBotNet:

 

With resepct, that's a very "cute" answer, but isn't very informative....

 

I am sincerly trying to learn what sorts of capabiltities a more "full-featured" router would have that this one doesn't have.  

Re: Hitron CGN3 - Router questions

DrMike
I'm a Trusted Contributor

@GDkitty

 

Thanks. So far I don't know if the wireless range is OK or not - haven't fully tested. The Cisco it replaced was notoriously panned by reviewers here and elsewhere for poor range yet I found it fine in my home, so this one that is *supposed* to be better range, might be just fine for my needs.

 

As for th rest, I don't do (or need) anything fancy. I no longer use VPN access (am retired). My network at home is simple - two computers and a printer wired direclty into the router by Ethernet and a few wirelss connections for iPads, phones etc.

 

My only real concerns are sustained DL speeds (seems to be fine so far in that regard) and security.

 

Since I never use many of the other features, I would be hard-pressed to know what I am missing. I don't even know what port forwarding exaclty *is*, for example.

 

But I do want to be sure that the firewall and security features are good. I do have full WPA/WPA2 secutiry and AES encryption set and use a strong password. But I have not used address filtering or similar although I see that I could on this device.

 

So, I am still trying to determnine if there are basic "good practice" functions, especially in the security area, that I am missing by not buying a stand-alone router and bridging.

 

Thanks

Re: Hitron CGN3 - Router questions

DrMike
I'm a Trusted Contributor

@GDkitty

 

Thanks. So far I don't know if the wireless range is OK or not - haven't fully tested. The Cisco it replaced was notoriously panned by reviewers here and elsewhere for poor range yet I found it fine in my home, so this one that is *supposed* to be better range, might be just fine for my needs.

 

As for the rest, I don't do (or need) anything fancy. I no longer use VPN access (am retired). My network at home is simple - two computers and a printer wired direclty into the router by Ethernet and a few wirelss connections for iPads, phones etc.

 

My only real concerns are sustained DL speeds (seems to be fine so far in that regard) and security.

 

Since I never use many of the other features, I would be hard-pressed to know what I am missing. I don't even know what port forwarding exaclty *is*, for example.

 

But I do want to be sure that the firewall and security features are good. I do have full WPA/WPA2 secutiry and AES encryption set and use a strong password. But I have not used address filtering or similar although I see that I could on this device.

 

So, I am still trying to determnine if there are basic "good practice" functions, especially in the security area, that I am missing by not buying a stand-alone router and bridging.

 

Thanks

Re: Hitron CGN3 - Router questions

Gdkitty
Resident Expert
From the sounds of it, you likely wouldn't need any of the advanced features that a 3rd party router 'might' have over the Hitron.

Port forwarding, you generally know if you need it or not.
Say for example you have a specific program which needs to communicate out on a specific port, not really a standard one, etc.
By default the firewall will block it. Forwarding then would allow when a request is made to your IP with that port, for it to be forwarded to a specific internal machine.

I have yet to have an issue with mine. It's in gateway with the wireless off though, and a 3rd party router just as a wireless receiver (not doing any routing)

Your wireless setup seems good, only thing. I personally would do is turn off wps, unless you use it to set up wireless devices.


Re: Hitron CGN3 - Router questions

wayner92
I'm a Reliable Contributor

If possible I would NEVER want to use a gateway in gateway mode since this gives Rogers pretty much full control over my LAN, including the ability to set and change Wifi passwords, change port forwarding, change DNS settings, etc.  If you are a neophyte then that makes sense, but if you know what you are doing then you likely don't want that.

Re: Hitron CGN3 - Router questions

DrMike
I'm a Trusted Contributor

@wayner92

 

Thanks for the info. Although I haven't yet had the need for using port forwarding, the Hitron definitely has a full dialogue and an option to add port forwarding rules so not sure what that objection is. SImilarly, the first thing I did was change the default SSID to my own, and change my WiFi passwords etc so that is not an issue either. 

 

So, once again I am left to wonder if there really is a need for a separate router. I would not class myself as a neophyte but neither am I an expert - but I don't seem to have any needs that the Hitron is not adeqautely addressing in terms of capabilties and features. 

 

As long as performance stays OK, I doubt I will have any complaints.

Re: Hitron CGN3 - Router questions

Gdkitty
Resident Expert

Really its a personal prefernce.

COULD rogers pontentially do what wayner92 said?  Sure.
I think the chances, of some rogers rep, being malicious and just randomly going in and changing stuff on you, is fairly small though.

 

Alot comes down to the comfortability level of the customer.
While yes in general, bridged mode is the BETTER choice performance wise, with a good router, etc...

That does leave MOST of it having to be done by the customer.  If they are not comfortable doing that sort of computer work (or dont have someone to do it for them).. it may not be the best choice.

 

In bridge mode, rogers is only responsible to the modem.. any other wireless config options, etc.. is out of their hands.
Vs for a more basic user, they can get basic network setup help on the gateway from rogers.



Re: Hitron CGN3 - Router questions

wayner92
I'm a Reliable Contributor

I agree that there probably is a pretty low risk of someone at Rogers playing around with your network with malicious intent.

 

But that is not my main worry.

 

The knowledge level of many CSRs is fairly low - I am more worried about ignorance than malevolence.  If I call in with a problem with my internet service I worry that they are going to try to "fix" the problem by changing something in my network configuration.  Don't forget the case a couple of months ago when Rogers continued to insist that there was no problem with this device in bridge mode when dozens of users were having persistent crashing.

 

For example, I believe the default subnet for this gateway is 192.168.0.X and the router gets an IP of 192.168.0.1.  Let's say I decide to change this to 192.168.1.1 and my subnet to 192.168.1.X or I decide to change my subnet mask to 255.255.254.0.  If the Rogers CSR changes these back to the default then they will likely F up my LAN.

 

Another reason to not use this device in gateway mode is that it seems to screw up VOIP devices, like my Vonage adapter.  I have used Vonage for many years with multiple Rogers modems and in a default state with the CGN3 I got one way voice with Vonage - I could hear the other party but they couldn't hear me, or vice-versa.  I have never had this problem in bridge modem using at least three different routers (Linksys WRT54G, Asus RT-N16, Asus RT-N66U).

Re: Hitron CGN3 - Router questions

I do like though, at least on the CGN3, there is a way to backup the config.

At least if they DO mess it up, you can re-load it.
(though, likely by having to change a few network settings... thats why i always keep an old laptop on DHCP everything, just incase)

 



Re: Hitron CGN3 - Router questions

DrMike
I'm a Trusted Contributor

@wayner92

 

I can most certainly attest to the "ignorance" factor re: CSR's. My rule of thumb is to try to call at least 3x and hopefully there will at least be a 2 out of 3 answer that makes sense... Kidding, but not really. I am consistently amazed at how much more I know about many of my issues than they do, and it should not be that way since I am not an expert!

 

That said, if the defaults work OK for me, is there an inherent "good practice" reason for me to change away from defaults if I don't need to? Does this compromise my sytem in any tangible way (i.e. re: secutitry among others?)

 

Thanks.

Re: Hitron CGN3 - Router questions

Gdkitty
Resident Expert

While may not remove it fully.. there are/were some WPS vulnerabilities out there..
Turning it off MIGHT lessen the chance of one of these happening.

(this can happen on ALOT of 3rd party routers as well with WPS)

 

You could change it over from WPA/WPA2 to just straight WPA.
Is WPA bad? No.. just WPA2 is better.. and if you dont have any devices which specifically need just WPA only.. may as well remove it from there any chance of something exploiting it, etc.



Re: Hitron CGN3 - Router questions

DrMike
I'm a Trusted Contributor

Thanks again.

 

I have disabled WPS on both WiFi bands, and have changed the security from WPA/WPA2 to straight WPA2. Encryption method  is TKIP/AES with a strong passphrase. 

 

With reference to other parts of the thread, I did see in the user admin screens that there is a way to chage DNS at the hardware level if I choose to/need to. For now I will leave it as "auto" until/unless I have any problems.

 

BTW it is now more than 72 hours and no firmware upgrade from 4.2.4.1 so I think I will call them later and ask about it.

 

 

 

 

Re: Hitron CGN3 - Router questions

Gdkitty
Resident Expert

There is a DNS page on the CGN3.. which appears you can change it there.. not sure on how well it works though.. i do it at the DEVICE level myself.

Oh! one thing to change there on your wireless setup. 
Move it over to AES only.

Many people have found, if the device connect viat TKIP, it can be throttled down to the 54mb range.



Re: Hitron CGN3 - Router questions

DrMike
I'm a Trusted Contributor

Done. And thanks so much for the 'tutorial'

 

🙂

Re: Hitron CGN3 - Router questions

TigerEROS
I Plan to Stick Around

I have the Hitron CGN3 modem ...

 

One desktop is direct via CAT5 cable to one of the ports on the CGN3.

 

Hooked up the Netgear WNR1000 Router directly to one of the ports on the CGN3 (this is strictly for the Smart Home Monitoring).

 

Hooked up the Asus N600 RT-N53 Dual Band Router to one of the ports on the CGN3 ... this gives me better range and signal from the front of the house on the second floor to the desktop (wirelessly using 5GHz) that is hooked up to the TV in the Living Room on the main floor at the back of the house.

 

PERFECT Signals on the Asus 5GHz band!!!

 

I link my laptops wirelessly to the 2.4GHz band of the Asus Router on the mainfloor and 5GHz for my Samsung Tablets on the mainfloor.

 

The Samsung Phones are via 5GHz to the Asus on the Mainfloor

 

When on the second floor I use the 5GHz for the CGN3 ...

Re: Hitron CGN3 - Router questions

thebaj
I've Been Around

Hitron CGN3 - "Security: Logs Screen" is not available

 

From the manual for Hitron CGN3 User's guide, https://www.midco.com/contentassets/87322b7ed6b04cabb102fe22607bc4d1/hitron-modem-user-guide-cgn3-re..., page 104 describes a Security: Logs Screen.

 

After speaking with Roger's technical support, I understood that the Roger's firmware removes this feature.

 

I assume this screen would allow for inspecting internet access logs through the router?  This could be a useful feature for parental control, to view a history of internet access.

 

What is the reason this feature was removed?  Is there a way customers can enable it?

Re: Hitron CGN3 - Router questions

Hello @thebaj,

 

Welcome to the Rogers Community Forums!

 

I can understand how disappointing it is to find out there are additional features on your modem that you are unable to access at this time. =(

 

The modems produced by Hitron are used by many Internet Service Providers (ISP's) worldwide who may request specific features. Instead of manufacturing devices with a specific feature set for each ISP, they include everything and then allow the ISP's to modify the software to enable or disable the features that they prefer. Regrettably, we are not privy to the reasoning why this feature has been disabled and there is no way for customers to enable this on their modems.

 

For those customers who would like more control over the features on their modem, we recommend using a Third Party Router and putting the modem in Bridge mode so it operates as a standalone modem only. I know this may not be an ideal response but there are many users in the Community that can recommend a good Router and help you configure it too!

 

Thank you for posting your concern in the Community.

 

RogersTony