Archer C86 AC1900 or Archer VR2100 AC2100 for home herver?

[Abdelfattah Radwan]

I have been trying FOR DAYS to get a home server up and running using the godawful ISP-provided ZTE F670L (Datasheet PDF Link). Not only that but the dashboard (or control panel) has so many spelling mistakes, sentences that make no sense at all, Wi-Fi devices cannot communicate with devices on LAN, etc.

 

Since I live in Egypt, I cannot get another router/modem that supports a fibre cable (GPON). I thought about getting a new router/modem, connecting that to my ISP-provided piece of garbage, and using the better product to manage the network.

 

The problem is, I am pretty new to all of this, and I did my research and narrowed my options to either the Archer C86 AC1900 or the Archer VR2100 AC2100, both from TP-Link (which I assume is a trusted manufacturer).

 

Which of these options is better for my situation, and how can I connect the two devices (my ISP garbage and the new device) to achieve what I want?

 

I would be very grateful if any of you wizards out there could help.

 

Thanks!

Edited February 24 by Abdelfattah Radwan
Your → You

[Falcon1986]

19 minutes ago, Abdelfattah Radwan said:

Which of these options is better for my situation…

I don’t see the need for DSL wireless router if you’re not going to utilize DSL.

 

If these are your only 2 options, that will depend on what you have planned for it. So far, you only intend to run a server, which is nothing special for any router, until it comes to opening firewall ports. However, this will depend on the next part to your question. Is this server intended for LAN use or to be accessible via the WAN as well?

 

23 minutes ago, Abdelfattah Radwan said:

how can I connect the two devices (my ISP garbage and the new device) to achieve what I want?

I suspect that ZTE device is a fiber gateway. In addition to it being an ONT that authorizes your access to the ISP’s network, it has its own router built in. That means you will have to ask the ISP if there’s any way of running it in ‘bridge mode’ or ‘IP passthrough mode’, so you can have your own router act as full firewall and avoid double-NAT.

 

If the ZTE device is incapable of bridge/passthrough, you’ll be stuck with double-NAT. So you’ll have to figure out how to forward ports on both it and your router so you can access the server from the WAN. There are workarounds depending on who you ask.

 

I’d also ensure your ISP does not have you behind CG-NAT because, if they do, you’ll have to pay for a static IP or set up an external VPS/tunnel.

[Abdelfattah Radwan]

3 minutes ago, Falcon1986 said:

I don’t see the need for DSL wireless router if you’re not going to utilize DSL.

Ah, OK. That means I can just get the Archer C86 AC1900?

3 minutes ago, Falcon1986 said:

If these are your only 2 options, that will depend on what you have planned for it. So far, you only intend to run a server, which is nothing special for any router, until it comes to opening firewall ports. However, this will depend on the next part to your question. Is this server intended for LAN use or to be accessible via the WAN as well?

I intend to access this server from both LAN and WAN (i.e. serve a website or something).

4 minutes ago, Falcon1986 said:

I suspect that ZTE device is a fiber gateway. In addition to it being an ONT that authorizes your access to the ISP’s network, it has its own router built in. That means you will have to ask the ISP if there’s any way of running it in ‘bridge mode’ or ‘IP passthrough mode’, so you can have your own router act as full firewall and avoid double-NAT.

Ah, that's it! The ZTE *is* the fibre gateway! (I didn't know the proper name to use in the post ). I don't think the hunk of garbage I currently have can run in bridge mode sadly.

7 minutes ago, Falcon1986 said:

If the ZTE device is incapable of bridge/passthrough, you’ll be stuck with double-NAT. So you’ll have to figure out how to forward ports on both it and your router so you can access the server from the WAN. There are workarounds depending on who you ask.

 

I’d also ensure your ISP does not have you behind CG-NAT because, if they do, you’ll have to pay for a static IP or set up an external VPS/tunnel.

I know how to do port forwarding on my ZTE device. It is quite easy, but I can't purchase a static IP address (Telecom Egypt has exhausted their static IPs), but I currently use Cloudflare. I purchased a domain, wrote a script that gets my current ISP-assigned dynamic IP and updates the A record to point to said IP. I can successfully access my local web server that way (though local devices on LAN and Wi-Fi cannot access it, I assume this has to do with NAT Loopback support? I have a correctly configured hosts file if you're wondering too.).

 

However, when I called my ISP, they said "It's OK" to connect another router to the current one, so I assume that means I can potentially do what I want.

[Falcon1986]

3 hours ago, Abdelfattah Radwan said:

Ah, OK. That means I can just get the Archer C86 AC1900?

That should be fine.

 

3 hours ago, Abdelfattah Radwan said:

I know how to do port forwarding on my ZTE device. It is quite easy, but I can't purchase a static IP address (Telecom Egypt has exhausted their static IPs), but I currently use Cloudflare. I purchased a domain, wrote a script that gets my current ISP-assigned dynamic IP and updates the A record to point to said IP. I can successfully access my local web server that way

...which sounds like you're not behind CG-NAT.

 

3 hours ago, Abdelfattah Radwan said:

However, when I called my ISP, they said "It's OK" to connect another router to the current one, so I assume that means I can potentially do what I want.

Well, go ahead and test. I predict you'll encounter double-NAT.

[Abdelfattah Radwan]

6 minutes ago, Falcon1986 said:

That should be fine.

 

...which sounds like you're not behind CG-NAT.

 

Well, go ahead and test. I predict you'll encounter double-NAT.

Thanks! I will give it a shot and post the aftermath here

[Abdelfattah Radwan]

After further digging into the software of my ISP-provided device, it seems that I *can* create bridge connections in the WAN config panel, but I don't know what do to afterwards, do I simply plug in the new router I will be getting or are there more steps involved?

[Falcon1986]

45 minutes ago, Abdelfattah Radwan said:

do I simply plug in the new router I will be getting or are there more steps involved?

I suggest asking the ISP for the steps.

 

Every gateway is different. And the ISP should give you the exact instructions as to how to do it so you don't get locked out of their network.

[Abdelfattah Radwan]

@Falcon1986 I got the TP-Link Archer AX10. I connected it to the piece of garbage I already have via Ethernet (LAN4 → WAN), and the new router works perfectly! But, you're right  I got double NAT.

 

I tried to overcome that by enabling DMZ on the old device and pointing to my new device, but I still get two private IPs when doing `tracert 8.8.8.8`. Anyway to overcome this? Does it have any bad side effects? It seems I can use VPNs just fine and play online games OK? Should I worry?

[Falcon1986]

49 minutes ago, Abdelfattah Radwan said:

I tried to overcome that by enabling DMZ on the old device and pointing to my new device, but I still get two private IPs when doing `tracert 8.8.8.8`. Anyway to overcome this? Does it have any bad side effects? It seems I can use VPNs just fine and play online games OK? Should I worry?

If your activities aren't negatively impacted by double-NAT, there's no reason to do anything else at this point. My concern was for accessibility to your server from the WAN.

[Abdelfattah Radwan]

22 minutes ago, Falcon1986 said:

If your activities aren't negatively impacted by double-NAT, there's no reason to do anything else at this point. My concern was for accessibility to your server from the WAN.

I can't access my server at all from anything, but the device hosting it. I have correct setup port forwarding on both devices.

[Abdelfattah Radwan]

After a lot of research and trial and error, I finally got it working!

 

It's not exactly what I originally set out to do, but it's close enough for me.

 

I bought a TP-Link Archer AX23 Wi-Fi router and a TP-Link LS1005G network switch. I plugged the switch into my ISP gateway, then connected my PC and Wi-Fi router via Ethernet to the switch. I switched the new router to "Access Point" mode and disabled DHCP on it.

 

Now, the devices on my LAN can ping devices on Wi-Fi, and vice versa - success!

 

I hosted a simple PHP web server to test if everything was working properly, and sure enough it was.

 

But there was one big issue - my ISP uses CGNAT, which prevented devices on Wi-Fi from resolving the domain I use for my local server. I fixed that by transferring my domain to Cloudflare and using their proxy, and voila! Now everything is working flawlessly!