Question

Why is the Home Internet Gateway functionality crippled?


Badge

I have Arcadyan KVD21, and while I am thoroughly impressed with the speeds from the device on the T-Mobile 5G network, I am disgusted by the lack of any ability to properly manage & (more importantly) secure this device.

This trade between speed and security is insulting and offensive to me as a technologically adept Security professional, and exacerbated by the fact that T-Mobile continues to fail when tasked with protecting user account PII data.

The inability to perform certain key functions completely disappoints me. Below are the primary issues and concerns, which *MUST* be resolved to keep me as a customer:

  • Cannot perform setup / administrative tasks via wired interface. Current (internal) web interface only offers a “basic” informational portal. 
  • Cannot completely disable (turn off) WiFi, (likely due to the above).
  • What (few) administrative tasks that are available, requires: download & installation of a worthless “mobile app”, which also requires the device be connected to the local WiFi network.
  • Current administrative functions are limited to 3 tasks, changing the: administrative password, WiFi password, or name of the WiFi SSID.
  • T-Mobile Internet app loses any/all functionality beyond the local network. If the gateway is connected to the internet, and the device with the app is as well, then there should be no valid reason to require “local” access, especially if the next point is true… As this prevents a parental/guardian authority from managing the device while traveling or outside the home (at work).
  • T-Mobile app does not permit multiple instances of the app to be logged in with the same account/credentials. (per T-Mobile technical rep)

What absolutely perplexes me is that many (if not all) of these points DID NOT EXIST when I reviewed an early device around one (1) year ago… So why “cripple” the functionality?!?


10 replies

Userlevel 4
Badge +3

This has been discussed a lot (and I mean a lot!) on this forum and on Reddit, and the short answer is that T-Mobile has decided (unfortunately, imo) on crippling end-user customization of the gateway settings.  

They are aware that many people don’t like this and would like a lot more control, but that’s just not the business model they want to follow. My old DSL service allowed me lots of control, and as a networking guy in my day job, I took full advantage of it.  But for me, I traded off that control for cheaper, faster internet.

At the rate that T-Mo is adding new home internet customers, I don’t think they see the need to change their business model. This has the unfortunate effect of leaving many users without the functionality they would like/need. T-Mo seems OK with the “we’re not the solution for everybody” approach.

In addition, even with the reduced functionality of the gateways, their tech support staff seem to be having a hard time helping people solve the problems they encounter. If they allowed a much more heterogenous gateway setup environment, I think tech support would have an even harder time helping people. Just my opinion.

Actually, I was hoping to be able to control much more, too.  

But, my previous provider’s modem (which is still connected) gives me 6 panels and 36 subpanels of info and controls.  Most of that I don’t use or care about.  but some I do care about:

  • Abiity to change IP addresses in the LAN: address of the modem, and allowable IPs in the LAN.  I generally don’t use 192.168. for a bit more security.
  • ability to turn on/off DHCP, and the IPs that it assigns, so nobody who breaks in can guess my LAN IPs
  • firewall, so I can cut off kinds of access I want to keep out
  • ability to disable wifi, so only the ethernet cable connections are usable and nobody can hack in from outside my apt
  • ability to ping and traceroute, for testing
  • system & security log for the modem
  • save settings in a file

I get it that you don’t want people to tinker around and break stuff, but you do have a Reset button on the back in case we screw up too badly.

Userlevel 1

Another missing feature that I have not seen mentioned yet is parental controls. How is one to protect their children from bad sites if features like this are not provided. "Won't someone think of the children?”  Admin access should be provided for adding firewall rules, MAC filtering, renaming of connected devices, etc. and is required in my opinion. I am currently on the 14 day free trial but with these limitations preventing better security, I am most likely going to return it. The service may be cheaper but the cost could be much higher later with poor security controls. 

Userlevel 1

Thanks for the suggestion. I have tried that before with a different provider but when I connected my system to the second router and did a network speed test, I got roughly half the throughput compared to when I connected my system directly to the WAN connected router. Are there any configuration suggestions on either router to get full throughput? I have read about using AP mode but in that case, it sounds like I would lose a lot of the functionality of the second router.

Userlevel 1

Interesting. It's too bad that we are forced to use third party software to get access to more features. Kudos to the developers who take the time to develop such workarounds. 

I just use the device like I did with a cable modem. I own my mesh network setup and equipment and just plug my main mesh router into the T-Mobile gateway. This way I still have the exact same setup I had with the old cable modem 

Ok, this is not a sane business model.   How do you disable the router or put it into bridge mode so that you can use a real router?   That should NOT break any system or cause any issues.

 

Without being able to do that, you lose all IPV6 functionality on an attached router.   You also have to deal with double NAT issues.   The poor quality wireless is underpowered and not capable of dealing with multiple devices.   Small numbers, yes, large no.   The app, as has been mentioned, is like many other apps, a waste of time and energy.

 

So, we can all agree it is a problem, how do we get it fixed?  How do we put this thing at least into bridge more?   Better would be, how to disable the router completely and just have an interface to the modem???????

Thoughts or suggestions???????

 

Later,

ralphfur

Winchester, OR

Ok, this is not a sane business model.   How do you disable the router or put it into bridge mode so that you can use a real router?   That should NOT break any system or cause any issues.

 

Without being able to do that, you lose all IPV6 functionality on an attached router.   You also have to deal with double NAT issues.   The poor quality wireless is underpowered and not capable of dealing with multiple devices.   Small numbers, yes, large no.   The app, as has been mentioned, is like many other apps, a waste of time and energy.

 

So, we can all agree it is a problem, how do we get it fixed?  How do we put this thing at least into bridge more?   Better would be, how to disable the router completely and just have an interface to the modem???????

Thoughts or suggestions???????

 

Later,

ralphfur

Winchester, OR

It sounds like T-Mobile Internet isn’t the best choice for you. There are aftermarket gateways that have more control options and flexibility but they aren’t cheap. 

OK, in the VERY least, Tmobile should provide the end user the ability to see devices attached to the network, be able to filter access to the network by mac id of the devices to prevent someone from hacking the wifi password to steal wifi, and third set parental controls for access to the home network like preventing kids accessing the wifi late at night without parents knowledge!!!!!

 

A Tmobile device network portal page is definitely needed for…

       1. Showing Devices attached to home wireless showing name and mac id of device/                      network usage.

       2. Mac filtering to allow only family authorized access to the WiFi home network

  1. Parental controls via device name and mac id to prevent children from access wifi at times the parent does not want them online!

Two of your bullet points can be addressed using HINT Control on your PC.

The rest will need to be addressed by using your own router at this time and for the foreseeable future unfortunately.

Verizon s home Internet gateway provides you with everything you want, so there's that option if available t you.

Reply