I wanted to have Spectrum update the modem/router. (I think previously Time Warner did at least one update) But now Spectrum (who acquired Time Warner) just says, "We don't update customer equipment". And *I* can't update it. So I bought a separate router (Synology RT6600ax) and I turned off the router portion of the C7000v2. Things are working, but I have some concerns. In particular (although I've been using this combination for several months now), I just got a "Threat Prevention" event detected Source IP 192.168.100.10 communicating to the Target IP 8.8.8.8 and saw signature "ET INFO DYNAMIC_DNS Query to a *.dyndns .org Domain ". 192.168.100.x is not my router's IP range. I can't ping 192.168.100.x from inside my lan. Where is this coming from? Has some sort of DMZ been set up? Is there something in the modem side of the C7000v2 that might be hacked? How could the router even seen something from 192.168.100.x if none of the vlans are using that range? I don't even know how to communicate to the modem now without doing a factory reset. Should I replace this modem? Any good suggestions for a new modem that would still let me continue to use the router?

I tried to go to 192.168.100.1 today. I see that my new router blocked that access of that address. "ET POLICY Reserved Internal IP Traffic" So I allowed it, and I was able to login to the old Netgear modem/router. I see the modem is active and the wifi is turned off. And I can see how to turn it back into modem/router mode if I wanted to do that. And since I see that the new router saw the traffic where I logged into the old modem/router, I'm back to the original question again. Why was the modem apparently trying to get DNS information using the 192.168.100.10 address? Why would it get DNS information at all?

mtiede wrote: ... I turned off the router portion of the C7000v2. How did you go about that? Manuals are always a good place to start.Visit the support pages:Support | NETGEARFeed in your model number and check the documentation for your hardware.Check the section in the manual Connect Your Modem Router to a Router After Installation and Activation You may have done that already. I can't tell from your message. That will also explain how you can access the C7000v2 when you have put it into modem only mode. But there isnlt much that you can do in that mode. You can't control anything useful – that's down to your router – and you certainly can't update the firmware. In that mode, your router is in charge of your network and should be the defender of your security in the Internet. As a modem, the C7000v2 won't play the key role. Whether or not this is good enough is down to your level of paranoia. Most owners of cable modems seem to survive. They can't control their firmware either. Only ISPs can do that. What is the latest firmware version of my NETGEAR cable modem or modem router? | Answer | NETGEAR Support

How did you go about that? I downloaded the documentation PDF when I first got the C7000v2 as I do with all my devices. per the documentation: Select ADVANCED > Administration > Router Mode.The Router Mode page displays.Select the No radio button.With this setting, the modem router works as a bridge and the router behind it obtains a WAN IP address from the Internet service provider Manuals are always a good place to start. Yes, that is where I started. FWIW, I've been doing computer stuff since 1966.Visit the support pages:Support | NETGEARFeed in your model number and check the documentation for your hardware.Check the section in the manual Connect Your Modem Router to a Router After Installation and Activation You may have done that already. I can't tell from your message.As I believe I said, my router was already working with the C7000v2. That will also explain how you can access the C7000v2 when you have put it into modem only mode. But there isnlt much that you can do in that mode. You can't control anything useful – that's down to your router – and you certainly can't update the firmware. As I understand it, I can NEVER update the firmware on this device. By the nature of the C7000v2 that can only be updated by the ISP (who has specifically said they will NEVER do that either. Thanks Spectrum) In that mode, your router is in charge of your network and should be the defender of your security in the Internet. As a modem, the C7000v2 won't play the key role. I know, and yet the 192.168.100.10 is referenced in an event and my Synology router has no VLANs in that range. It also introduced a GUEST network that used the 192.168.0.x addresses and so I would be unable to access the C7000v2 via 192.168.0.1. So I am just guessing that the C7000v2 may have introduced some sort of DMZ with that address. Or something nefarious is going on. Whether or not this is good enough is down to your level of paranoia. Most owners of cable modems seem to survive. They can't control their firmware either. Only ISPs can do that. My ISP will not do that. What is the latest firmware version of my NETGEAR cable modem or modem router? | Answer | NETGEAR Su... Yes, that is the place that started this whole adventure. I saw that my C7000v2 was several versions behind. And I couldn't update it and the ISP won't update it. Got any other ideas about the origin of a 192.168.110.10 address?

mtiede wrote: Got any other ideas about the origin of a 192.168.110.10 address? What does that mean? The origin of that address is the modem. You want to access it? (Why?) Disconnect everything from the modem, connect it to a PC and aim the browser at that address.

By origin I mean what device could possible be using that IP? Why would there be a device with that IP trying to access the DNS server? Why is the modem doing anything with IPs now? Shouldn't it just be bridging to my router and the ROUTER assigns IPs to devices? My router has no vlan that is 192.168.100.x. So it should not be assigning that IP to any device. And yet there was traffic that generated a "Threat Prevention" event and caught by the router. I don't want to access it. I want to know why it exists. The only thing connected to the modem is the router. And a pc connected to my router can not access 192.168.100.x. That network does not exist for the router. If the modem is only being used as a bridge, is it getting dns information? Why?

Should I be worried about my C7000v2 modem/router?

14 Replies

michaelkenward
Guru - Experienced User
Dec 29, 2022
mtiede wrote:

... I turned off the router portion of the C7000v2.

How did you go about that?

Manuals are always a good place to start.

Visit the support pages:

Support | NETGEAR

Feed in your model number and check the documentation for your hardware.

Check the section in the manual Connect Your Modem Router to a Router After Installation and Activation

You may have done that already. I can't tell from your message.

That will also explain how you can access the C7000v2 when you have put it into modem only mode. But there isnlt much that you can do in that mode. You can't control anything useful – that's down to your router – and you certainly can't update the firmware.

In that mode, your router is in charge of your network and should be the defender of your security in the Internet. As a modem, the C7000v2 won't play the key role.

Whether or not this is good enough is down to your level of paranoia. Most owners of cable modems seem to survive. They can't control their firmware either. Only ISPs can do that.

What is the latest firmware version of my NETGEAR cable modem or modem router? | Answer | NETGEAR Support
- mtiede
  Tutor
  Dec 29, 2022
  How did you go about that?
  
  I downloaded the documentation PDF when I first got the C7000v2 as I do with all my devices.
  
  per the documentation:
  
  Select ADVANCED > Administration > Router Mode.
  The Router Mode page displays.
  Select the No radio button.
  With this setting, the modem router works as a bridge and the router behind it obtains a
  WAN IP address from the Internet service provider
  
  Manuals are always a good place to start.
  
  Yes, that is where I started. FWIW, I've been doing computer stuff since 1966.
  
  Visit the support pages:
  
  Support | NETGEAR
  
  Feed in your model number and check the documentation for your hardware.
  
  Check the section in the manual Connect Your Modem Router to a Router After Installation and Activation
  
  You may have done that already. I can't tell from your message.
  
  As I believe I said, my router was already working with the C7000v2.
  
  That will also explain how you can access the C7000v2 when you have put it into modem only mode. But there isnlt much that you can do in that mode. You can't control anything useful – that's down to your router – and you certainly can't update the firmware.
  
  As I understand it, I can NEVER update the firmware on this device. By the nature of the C7000v2 that can only be updated by the ISP (who has specifically said they will NEVER do that either. Thanks Spectrum)
  
  In that mode, your router is in charge of your network and should be the defender of your security in the Internet. As a modem, the C7000v2 won't play the key role.
  
  I know, and yet the 192.168.100.10 is referenced in an event and my Synology router has no VLANs in that range. It also introduced a GUEST network that used the 192.168.0.x addresses and so I would be unable to access the C7000v2 via 192.168.0.1. So I am just guessing that the C7000v2 may have introduced some sort of DMZ with that address. Or something nefarious is going on.
  
  Whether or not this is good enough is down to your level of paranoia. Most owners of cable modems seem to survive. They can't control their firmware either. Only ISPs can do that.
  
  My ISP will not do that.
  
  What is the latest firmware version of my NETGEAR cable modem or modem router? | Answer | NETGEAR Su...
  
  Yes, that is the place that started this whole adventure. I saw that my C7000v2 was several versions behind. And I couldn't update it and the ISP won't update it.
  
  Got any other ideas about the origin of a 192.168.110.10 address?
  - michaelkenward
    Guru - Experienced User
    Dec 29, 2022
    mtiede wrote:
    
    Got any other ideas about the origin of a 192.168.110.10 address?
    
    What does that mean? The origin of that address is the modem.
    
    You want to access it? (Why?) Disconnect everything from the modem, connect it to a PC and aim the browser at that address.
FURRYe38
Guru - Experienced User
Dec 29, 2022
IF you got a new different router, the C7000 should be put in to modem only mode.

mtiede wrote:

I wanted to have Spectrum update the modem/router. (I think previously Time Warner did at least one update)

But now Spectrum (who acquired Time Warner) just says, "We don't update customer equipment". And *I* can't update it.

So I bought a separate router (Synology RT6600ax) and I turned off the router portion of the C7000v2. Things are working, but I have some concerns. In particular (although I've been using this combination for several months now), I just got a "Threat Prevention" event detected Source IP 192.168.100.10 communicating to the Target IP 8.8.8.8 and saw signature "ET INFO DYNAMIC_DNS Query to a *.dyndns .org Domain ".

192.168.100.x is not my router's IP range. I can't ping 192.168.100.x from inside my lan. Where is this coming from? Has some sort of DMZ been set up? Is there something in the modem side of the C7000v2 that might be hacked? How could the router even seen something from 192.168.100.x if none of the vlans are using that range?

I don't even know how to communicate to the modem now without doing a factory reset.

Should I replace this modem? Any good suggestions for a new modem that would still let me continue to use the router?
- mtiede
  Tutor
  Dec 29, 2022
  As I explained above, yes, I put the C7000v2 in modem only mode. I'm trying to figure out what caused traffic from 192.168.100.10 that is not in the address range used by the router.
  - mtiede
    Tutor
    Dec 29, 2022
    Also, if there some inherent weakness in using the C7000v2 modem (such as not being able to update the firmware), what standalone modem would be recommended and work with Spectrum.

Forum Discussion

Should I be worried about my C7000v2 modem/router?