Be Broadband Firmware upgrade for users with a static IP and non-default config

This weekend I attempted the Be Broadband mandatory router firmware upgrade which appears to be linked to Be’s sale to Sky 🙁

I thought I’d relate my experience of that here so that folks have “all the information in one place”. The process was pretty much smooth but those of us geeky enough to have a static IP, custom DHCP range, port-forwards and other config changes might (will?) run into minor niggles.
First thing to note is that Be Broadband have actually organized things nicely and you should have an email or two with your static IP, links to firmware and an installation guide. However read on to see my approach…

Now I love bullet points and my process with be in that format with a few asides here and there.
Here we go:

  • Essentially I followed this:
And that boiled down to:

  • boot into Debian Linux laptop and attach wired connection to router
  • backup user config to file (important! needed for diff later)
  • download new firmware

It was at this point that I realized that the firmware upgrade required running an .exe on Windows. I somehow expected to be able to upload the firmware to the router via the web GUI 🙁 So…

  • download flasher from this guide:
It’s written for Windows BUT there is actually upgrade instructions on how you can use Linux instead:
Be warned that it involves setting up local TFTP and BootP servers. I’m secure enough in my geekyness to have done that (I have done so in the past to setup Cisco VOIP phones) but in the real-world of lack-of-time and family commitments I just dual-booted into Windows (also my notes for all this were synced in Dropbox – nice).

  • boot into Windows

Ensure flasher and firmware is downloaded (again!)
Now just in case, have both these open in browser tabs (and/or save web page locally) in case of net outage:
Note the “bethere” link above has some nice friendly screenshots.

  • extract flasher software
  • ensure thompson router connected via wired NOT wireless
  • extract bin file from firmware archive

Note that the flasher software will look in “TGUPGv7201/Builds” by default but you can point it to where ever you downloaded it to.

  • proceed with flash

screenshots from that process:
Thomson Home Install Wizard_2013-03-02_13-05-58
Thomson Home Install Wizard_2013-03-02_13-06-23
After flash router will be on and the user/pass will be “Administrator/<router serial>”
In my case some of the config could not be restored for some reason…
(eg. it worked but gave a non-fatal error about not being able to restore some of the config.)
Thomson Home Install Wizard_2013-03-02_13-10-36
Note that I didn’t have to provide the new static IP anywhere, the router assumed it after the upgrade and the ATM connection completed.
I now had a situation with working internet but the router was running with default settings. The router may need a reboot just to make sure everything is OK (I didn’t need to but did it as a basic check).

  • diff the configs and reconfigure router

Now this was the time consuming part and I had forgotten at how “rudimentary” the GUI is compared to something like SmoothWall Express or pfSense.
Anyway, I wanted to reconfigure the router as I has diverged from the default in a few ways.
My approach to this was to download the new config and rename it, examine the diffs:

$ diff -u <original config>.ini <new config>.ini

There’s quite a few changes in the new config, looks like they have simplified some settings and are using aliases for services and such.

From memory this was the stuff I re-configured:

– turn off UPNP
– add debian uk ntp pool
– wi-fi setup: restore ssid, g-only, reset wi-fi passphrase (but best to disable wi-fi here, reenable later in last step)
– change LAN IP and DHCP pool
(do this by `Home Network > Interfaces > LocalNetwork > Configure`)
– set <my personal DHCP range>.1 as LAN interface IP
– (At this point I turned off wi-fi as family was complaining about internet going up/down!)
– set laptop wired nic as <DHCP address>.100 manually
– The default DHCP 1.0/24 range still in dhcp pool, reboot router to ensure no devices have a 0.1/24 dhcp range address
– when router back, you will be able to delete the 0.1/24 pool (named “LAN_private”)

create new firewall ruleset based on “standard” ruleset.

– add port forward(s) from outside

This is best done by first setting a name to the server via the “home network”
do this via `Home > Toolbox > Game & Application Sharing`
click `Create a new game or application` and add application `ssh-custom` or whatever.
then go to `Home > Toolbox > Game & Application Sharing` and assign to server name.

  • change external DNS provider as static IP has changed
  • change any intrusion prevention rules and whitelists given new static IP
  • Now turn on all your computers so they get new DHCP addresses.

I was using some static internal addresses as I run a local DNS server but this time I set detected devices to use DHCP and always use the same IP based on Mac address.
I also set device type eg. desktop, laptop, phone…
Shame no “server” icon 🙂

  • save router config now and keep somewhere safe

All Done! (I hope)
Now there has been some discussion on Google+ among my peers on what the sale to Sky will mean for Be and it’s pretty damn good standard of service. Some folks are thinking of jumping to the more geeky (but costly) ISP such as Zen or Andrews & Arnold and some have said that Sky is “not that bad actually”.
We’ll be watching…