Introduction
Viewsonic Wireless Media Gateway | |
---|---|
Summary | 802.11g wireless router with UPnP-aware NAS. Also comes in 80GB model |
Update | None |
Pros | • Small size • Streaming media server • Includes print server • 802.11g support with WEP |
Cons | • Admin interface open to Internet by default • Spotty documentation • Occassional wireless signal loss • Can’t set file or user permissions • Limited printer support |
In my previous review, I looked at the Viewsonic WMA100, which is a multimedia adapter designed to display digital media content on your TV and home audio system. But sometimes it’s not convenient to tie up your computer just to watch a movie or listen to music and it turns out that Viewsonic has a solution to that problem too.
In this review, I’ll take a look at Viewsonic’s server companion device to the WMA120. The Viewsonic WMG120 combines an 802.11g wireless router with a built-in 120 GB file server. Its primary purpose is to serve content to the WMA100 without tying up your PC, but it can also act as a full wireless router, complete with print server.
The WMG120 is styled much like the WMA100, i.e. a squarish gray box that at first glance looks like a typical home router / access point. But on closer examination, the height of the box tells you it’s a bit different than what you’d normally find. The extra height of the device is designed to hold an internal hard drive, and a look at the back of the device (Figure 1) shows you another difference – two USB ports used for a connecting a printer or for serving up content from a flash drive.
Figure 1: The back of the WMG120
Figure 2 is a shot of the WMG120’s innards. That’s the same Conexant PRISM-based 11g radio board used in the WMA100, but the design uses an Intel IXP420 Network Processor instead of the Sigma Design EM8551 Media Processor.
Figure 2: Inside the WMG120
(click image to enlarge)
Setting Up
Although my focus in this review will be on the WMG as a media server, I first wanted to try the WMG out just as a standard wireless router. Without connecting it to my existing network, I powered it on, noticed a new wireless SSID being broadcast (viewsonic) and connected to it with my notebook. Based on the IP address that my notebook leased from the WMG’s DHCP server, I took an experienced guess and pointed my browser to 192.168.1.1 where I was greeted with a login page. I then typed in a password of “admin”, hit the “login now” button and was granted access to the WMG’s admin server.
Since I wanted to add the box to my existing home network, my plan was to create a little subnet for the router to manage. The Primary Setup screen had typical controls for setting up the SSID, wireless channel, timezone, etc. that I stepped through to make my changes. I also changed the LAN network to be 192.168.2.1 so as not to collide with my existing 192.168.1.1 network.
The screen had a notice to make sure to hit the Apply button to finalize changes, which I did at each step. One curious setting I found was the Connection Type in the Internet section. It was defaulted to Dynamic IP Setting – which would be appropriate for the majority of people. But since I was adding the box to my existing network, I wanted to give the WMG a fixed IP address. The option menu let me change the setting to Fixed IP address, but there was nowhere to specify what the IP address was! Hitting the Apply button just gave me an error, so initially I just left the Connection Type set to Dynamic IP.
For security, I went into a sub menu and specified 128 bit WEP encryption. There was an option for the more secure WPA variation, but it was not selectable. So I hope WPA support is planned for future upgrade. In order to secure the administration of the router a bit, I went into the Advanced Setup screen and found a menu to change the administration password from “admin” to something less obvious.
Next, I found a menu to change the LAN side DHCP server IP range to be in my 192.168.2.X network. After navigating back through all of the screens to review that my changes were still there and correct, I powered down the unit and moved it to a location where I could plug the WAN Ethernet connection into my router. But when I powered the unit back up, I was surprised to see that my new SSID was not being broadcast. The original default SSID was in use and encryption was turned off.
A bit of further poking around revealed that all of my changes were gone and everything was back to the default state! After a couple of attempts at re-entering all my settings and still finding them not saved after power down, I finally located a selection under the Advanced Utilities section called Save Settings. Evidently, despite the notice that selecting Apply would “finalize” the changes, nothing is permanently saved until Save Settings is executed. Once I did this, my settings were present on the next power-up.
At this point, the box was functioning as a standard router and I could connect, get assigned an IP address, and access the Internet. As a quick, unscientific test to see how well the WMG120 performed as a wireless access point, I took signal strength readings from six different locations throughout my house and compared the results obtained using my Linksys WRT54G as AP. In all cases, the signal strength of the WMG was equal to or higher than the WRT54G. Averaging all of the readings, I found the WMG to have about a 5% higher signal strength over my tested range.
As I was setting the device up earlier, I noticed a lot of advanced menus for routing, logging, access control, Parent (sic) control, outbound policies, inbound policies, etc. I didn’t check all of these features , but decided to try a few.
My attempts to exercise the Logging features was interesting. The WMG can be set to log hack attempts, login failure, configuration changes, probes, etc, in various ways including email. So I turned everything on in the most verbose setting and set it up to email me results. Next I attempted to trigger some alerts by scanning the box, changing settings, failing to log in, etc. Nothing seemed to trigger an alert. The entire time I had the box, I neither received a log email nor saw any entries in the WMG’s internal log page.
I also tried out the parental control features with much the same results. Nothing I did seemed to make any difference and I was able to browse to sites that should have been blocked.
Setting Up, Continued
The documentation of the Advanced settings was very sparse and evidently written by non-native English speakers with phrases such as “Parental Control provides more control your network”. But the larger weaknesses are that the documentation is just a mirror of the settings pages with little description of what should go in the fields and that the information often seemed to be wrong.
For example, the Parental Control section of the documentation talked about entering “a URL website” into a field. But an attempt to enter www.abc.com into the field resulted in a error of “File Name is two types of extension” (Figure 3). I discovered that I was allowed to enter abc.com into the field, but also found that I was not prevented from visiting the site!
Figure 3: Parental Control Configuration Error
Note that only 15 characters are allowed to be entered, so if it really is looking for a URL, it must be a very short one. Note also that none of the configuration menus had Help buttons. At a minimum, the Advanced features need better documentation, and in some cases, bugfixing.
One very disturbing bug I noticed was in the Remote Administration feature. A port scan revealed that port 80 is open by default to the WAN (Internet) side of the WMG! This means that when the device is used as the main Internet gateway to the house, anyone in the world can reach your administration page!
This is not only a huge security risk, but the problem is compounded by the fact that the WMG doesn’t prompt the user to change the default password upon first access. It also buries the password change function in the “Advanced” admin section, where a typical user may be afraid to venture. There’s also the propensity to change the password back to “admin” if the settings are not specifically saved under “Advanced Utilities”. And finally the control to disable remote admin in the “Advanced” section doesn’t work! Viewsonic needs to fix this ASAP, and while they’re at it should add the ability to change the remote admin port number and limit access to clients with certain MAC or IP addresses
I noticed a couple of other issues when connecting to the WMG wirelessly over the time that I worked with it. On a number of occasions, the wireless signal would just disappear. I would then either have to reboot the router to get it back or I could go into the configuration web page where making any change to the wireless settings would cause it to start back up.
The router also sometimes didn’t seem to properly negotiate connectivity with my cable modem. I’m not sure where the problem was, but several times after powering up the WMG, I would have to reboot before I could access the Internet. The behavior was almost like the WMG didn’t acquire the DNS server properly. Note that this was only a problem when first starting the router up. Although I didn’t debug this conclusively, I’ve never had this issue with any of my other routers and my cable modem.
Another thing I noticed that might cause some confusion was the SSID of the router. As I powered the unit on, I monitored the broadcast SSID. First the SSID would be “uAP” with a very high signal strength and then the SSID changed briefly to “viewsonic”. It finally settle down broadcasting the SSID that I had set up for it. Although this all occurred only over the period of a few second, anyone trying to connect during this period might get confused.
Finally, I did not see anything in any of the configuration menus referencing either the hard-drive or the print server. So from just using the web administration feature, you would never tell that the WMG was anything other than a standard router and access point! But I knew those features lay somewhere inside the WMG and it was time to check them out.
File Serving
As I said, the WMG doesn’t have an admin interface for its file or media serving features. Since it supports SMB-based networking, its shares just appear in the network browser of Windows, MacOS, Linux or other computers running OSes that support SMB. To transfer files to or from the WMG, you just mount its filesystem and deposit your media files into the appropriate directories. The WMA100 will then be able to access and display content in the formats it supports. While this sounds easy enough, I found I quickly ran into problems.
Since the WMG has some demonstration videos, music, and pictures on it, in theory, all I had to do was fire up my WMA100 and play the files. But when I turned on the WMA, the WMG was nowhere to be found.
I first double checked that both devices had valid IP addresses in the same subnet. I then did a tcpdump of the network to see if I could see anything going on. An analysis of the traffic between the two told me the WMG was using a Unix version of Samba to serve files. I also saw the same UPnP traffic I had seen when looking at the WMA, but this time noted that the traffic was directed to a multi-cast address. All interesting information, but it didn’t help me diagnose why the WMG was not showing up as a server to the WMA.
To further diagnose the issue, I isolated the two devices into their own little stand-alone network, but still could not get the WMA and WMG to connect. After I finally reset the WMG to factory defaults and re-connected the WMA to it – Bingo! – the WMG finally showed as an available server to the WMA. (Figure 4).
Figure 4: The WMG as a server to the WMA100
After trying various combinations, I finally isolated the issue to be caused by my change in subnet. At least in my case, the WMG and the WMA were only happy streaming media when on the 192.168.1.X network. This tells me that something in the WMA or WMG (or both) is hard-coded to that subnet. So in order to really test the WMG out, I did it Viewsonic’s way and made the WMG the main 192.168.1.1 router in my home network and put it on the open Internet.
File Serving, Continued
With this configuration, I was able to use the device as designed and its functionality was virtually identical to the behavior of the software application supplied with the WMA that I described in my review of the WMA100. The only difference I noticed was when using a PC as a server, there’s a configuration server running on the PC for tying music to slide shows, selecting folders to serve, etc. This configuration server does not exist on the WMG.
While the demonstration videos, pictures and music on the WMG are all very nice, to really use the box, you need to put your own content on it. As I noted earlier, Samba is used as the WMG’s network file server. So I thought it would be easy to mount the WMG’s file shares with various computers on my home network since they can all use SMB network file systems. Access to the WMG’s shares was accomplished without issue on my Windows XP laptop, but I had problems when I tried my other systems.
My first unsuccessful attempt was on my Macintosh OS X computer. When I went to browse the network, the WMG showed up with a name of UAP using a MYGROUP domain. Accessing UAP revealed three shares with names like “samba ide sha”. But attempts to mount the shares always came back with an error indicating that the specified share could not be found. Trying the same operation on a couple of different Windows 98 machines resulted in the same type of error.
I suspected that the problem was the length of the share name. Both the OS X box and the Windows boxes showed the same name, but I suspected that the last part of the name was really “share” instead of “sha”. I’m really no SMB expert (to put it mildly), but after a bit of frustrating fiddling around, I was finally able to manually type in the full, unclipped name of the share and mount it on both the Windows 98 systems and the OSX system. So that you don’t have to go through the same thing, the three default shares are:
- samba ide share
- samba usb share-1
- samba usb share-2
I should note that while I was wrestling with this problem, I had consulted the documentation and found that there were three different ways listed to mount the shares, with advice that boiled down to try method one, if that doesn’t work try method two, etc. None of the listed methods worked for me, but having three different methods to mount shares suggests that this is a problematic area for systems other than Windows XP.
Once I had the share mounted, it was simply a matter of navigating into a “media” sub-folder where there were directories for video, pictures and music where I deposited some of my pictures, videos and music. The pictures and videos displayed without problems and I enjoyed having a central repository of my videos that I could manage from any computer on the LAN.
When I tried playing music files I was pleased to see that my MP3 tags were now properly parsed! This meant that the Artist, Genre, and Album groups were populated, whereas when using the PC server, they were empty. But I found that I still had the “UNKNOWN FORMAT” error when playing music files that had album art embedded inside.
As I noted earlier, there is no ability to configure permissions for the WMG’s network folders, so everyone can mount the shares with read and write privileges in the “media” directory. Depending on your network setup and the users on your network, this may or may not be an issue for you. But not having the ability to at least restrict write privileges is very dangerous, since all it would take is an inexperienced user (or a slip of the mouse) to wipe out or corrupt precious media files.
I also noticed that the mounted file share had directories (such as etc, usr, var – suspiciously similar to a Linux filesystem) other than the “media” directory that were visible when browsing via computer, but not via the WMA100. Even though these directories were read-only, it’s probably not a great idea to expose them to the average user.
Print Server
The WMG has the ability to act as a network print server, which is nice addition to a home network. But unfortunately, I couldn’t get it to work. I went through all of the documented steps using my Windows XP system and everything looked fine and matched the documentation, at least until I got to the final step. That’s when I received a cryptic error : “Access denied, unable to conn….” (Figure 5).
Figure 5: Printer configuration problems
The problem may be a driver issue since the documentation notes: “The USB print server currently supports most HP USB printers and a few other brands such as Epson and Cannon”. It also suggests checking the Viewsonic support web site for a complete list of supported printers. But I could find no such list of printers on the site and my printer was not one of the mentioned brands.
Hacking around
During my browsing around the WMG’s shares, I saw plenty of evidence that told me that the WMG was running some form of Linux. The directory tree looked much like a Linux tree (albeit a bit sparse), and there were a few executables around. Running the OS X utility “file” on the lpr executable resulted in the following output :
lpr: ELF 32-bit MSB executable, ARM, version 1 (ARM), for GNU/Linux 2.0.0, dynamically linked (uses shared libs), not stripped
which pretty much confirmed that the WMG is a Linux-based box. Since the WMG was most certainly running Linux and other GPL software, I did a quick browse of Viewsonic’s website to check for the source code that Viewsonic is required to make available in order to fullfull their GPL license. I could find no references, but I assume that this was an oversight on Viewsonic’s part and that it will be corrected soon.
Looking further into the mounted filesystem, I found an executable in the tree with “ixdp425” as part of its filename. The ixdp425 is a development board for the same (IXP400) Intel processor family used in the Linksys NSLU2 and a quick experiment revealed that the binaries are compatible between the WMG and the NSLU2 – the latter a system I’ve had some experience playing with. If I had some time, I could have some fun here, and I bet that mounting the hard drive in a Linux box would reveal even more information. But like most people, my time seems to be in short-supply these days. Still, I couldn’t resist a quick hack as a proof-of-concept.
While watching the network traffic between the WMA and the WMG, I gained some understanding of how data moved between the two. I don’t pretend to be any kind of expert in the protocols involved, but it appears as if the server-side runs some sort of UPnP daemon that tells the WMA what files are available.
Part of that data is a URL reference which the WMA can use to contact an http server to fetch an HTML page listing the available files. I’m sure there’s a lot more involved, but for my little hack, that should be enough. In my WMA review, I tried to start up a couple of UPnP servers on my network to see if the WMA would recognize them, but had no luck. But since I now understand the WMG’s subnet limitation, I was now able to get the WMA to recogize UPnP servers.
I started up a UPnP-based server on my NSLU2 and it quickly showed up on the WMA (Figure 6). Then I monitored the network traffic and saw that the WMA wanted an http server on port 8000 of the NSLU2. I obliged by starting one up and configured it to point to a directory full of media files in which I created a simple HTML index file listing all of the image files.
Figure 6: The NSLU2 as a server to the WMA100
Now when I then selected my server from the WMA, the HTML index was fetched. All I then had to do was click on a desired image’s link and the WMA displayed it. Cool. My NSLU2 was now serving images to my WMA. Nice hack, but I wasn’t quite done yet.
The WMA100 as a web browser
In my review of the WMA100, I suggested that the user interface of the device was nothing more than a custom web browser that only viewed pages of media to play. Now maybe I could prove it. Since I could feed HTML to the box through my NSLU2, what if I could direct it out to the wild, open Internet? Then I would have a web browser on my TV.
All I would need to do is put a URL that pointed out to the Internet in the HTML that I fed the WMA. Then I could select that URL through the standard WMA user-interface and pull down a web page. Browsing the web on my TV without a mouse or a keyboard? Useless, right? Right. But that didn’t stop me!
It was actually a bit of fun as I browsed everything from slashdot.org to cnn.com to SmallNetBuilder.com on my TV (Figure 7). It turned out that I actually had some web page navigation via the WMA100. The arrow keys on the remote could be used to scroll and navigate from URL hot-link to hot-link on the page, and the numeric keypad could be used to enter characters in forms on a web page using cell-phone style entry!
The only thing missing was a location field to type in an arbitrary URL. As I browsed to a web mail interface and read my email, I was reminded of an old Internet axiom that suggested that every program expands in features until such time as it is able to read email. Maybe this is true of hardware devices as well!
Figure 7: Browsing the web on my TV using the WMA100
I suspect that users who only have a WMA100 can also use my little HTML trick by entering a list of bookmarks into the HTML on the PC that is fed to the WMA100. It would just be a matter of finding the HTML down in the Apache tree and adding in a list of bookmarks or a least a single starting point.
Wrap Up
The WMG120 has the appeal of providing a compact little home file server and wireless router that is also able to serve media content. But much like my conclusion on the state of Viewsonic’s WMA100, I think that the WMG120 has potential, but needs work.
I found the user interface flakey or lacking important features and the documentation needs an overhaul. The lost signal issue would become a real annoyance in day-to-day use as would its occasional failure to provide Internet connection after being powered up. These are basics that any router must satisfy and the WMG is no exception.
If Viewsonic is serious about being a networking product vendor, they’ll have to be more attentive to security. It is simply not acceptable that the WMG’s admin function is exposed to the Internet by default and “protected” by a well-known and obvious password. Port 80 is one of the well-known ports in every port scanner’s list and unprotected WMG’s would be detected (and probably compromised) within minutes of being attached to the Internet.
Just as important an issue is that the server portion completely lacks any ability to set file or user permissions. While this may be ok for use as a media server, it severely limits the WMG’s usefulness for file serving or backup.
Fortunately, these are all areas that Viewsonic can address with firmware upgrades, which I hope it will do soon. In the meantime, your WMA100 would probably be better served by the software included with it, or other UPnP servers – now that you know what subnet to use.