#1:NETGEAR 4G LTE Broadband Modem (LM1200) – Use LTE as a Primary Internet Connection or Failover Solution for Always-On WiFi Certified with AT&T, T-Mobile and Verizon
BUY NOWProduct Description Read More
Customer reviews
Works well as a failover in Latin America
My vacation home in latin america was constantly having issues with the broadband ISP. The outages would last for hours at times. I needed a solution that would automatically failover from broadband to LTE. I bought this device along with two external antennas because the router is located inside an IT cabinet. I get pretty good reception with the antennas about 80/80 upload and download which is plenty for a failover connection. My only complaint is that the failover isnt immediate, it does take about a minute and 30 seconds for it to kick in although not sure if the delay could be coming from my firewall. I did not test it without my network plugged into the LAN port. Either way, the product works as advertised and is compatible with Claro's LTE network.
Works great on t mobile with antennas
I used this to connect an ooma voip via the ethernet connection out of the modem no issues with connectivity out of the box for either the 4g sim card and the ethernet connection to the ooma. Good price and simple setup as a cheap internet connection.
Fully Off Grid
So first I'm fully off grid out here, the nearest utility is a mile or more down the road and that's just power and a phone line. Everything I have comes through an larger/upgraded antenna whether it be TV, FM, LTE, ham radio. So I know an thing or too about how to get the most out of the signals in the air around you.
Pros:
Price
Wall mountable(86mm hole spacing)
Small
Easy web interface
Easy setup
External ant ports if needed
Cons:
-Uses USB C as a power source. (Needs a wall adapter vice a normal 12volt source like most routers and my booster, ideally I would wire it directly to my campers 12 volt system which remains powered if ACpower to the camper is lost.)
-Internal antenna doesn't do well in low signal environments.
-you must connect directly to it via Ethernet to view the settings menu on a computer. Can't connect from PC>router>lm1200. Has to be PC>LM1200
It just happened that I was on a hill that can just about get decent service from band 13 LTE on a tower 5km away from me even know the cell tower antenna barely faces my direction. So I got a booster that can boost that band. All good. Great useable speed from my phones hotspot buuuttt I needed a wired connection, I wanted Ethernet for some equipment I have so enter the lm1200 Netgear cell booster. Very cheap at 110 dollars. Picked it up from an Amazon locker in town and walked right into Verizon store without even taking it out of the box. They scanned the IMEI number and confirmed that they could probably set up a SIM card even though he had no idea what I had in my hand and had never done it before. Probably 5 minutes later we were powering up the unit with a new SIM card and it was online 2 minutes later after initializing a connection. I ran home and powered it back up and bam, connected to cell tower(via my booster) and I ran a temp line directly to my PC and it worked perfect. Pings range from 40-100ms for me so you ain't gonna game on this bad boy but anything else not time sensitive will do fine. So in my video you see I run it into a normal wifi router, this allows me to have multiple ethernet ports for multiple things and it allows me to have both a 2.4 and 5.0 Wi-Fi band like a standard household would, which allows visitors without cell service to still connect to something. The same thing that you would do if you went to a friend's house and you didn't have cell phone service. So my first impression is that the internal antenna of the LM 1200 is fairly terrible because I can only get up to around 10 megabytes per second when testing(in my signal environment), I thought about getting a splitter and connecting the TS9 ports on the back of this directly to the same antenna that my cell phone booster uses, but I'm willing to try the $7 whip antennas you can buy for this that just plug right into the back and I'll update this and let you know how much speed I get just by adding those two little whip antennas. If those don't work, they sell a coax type f to ts-9 splitter that I can use to connect this lm1200 directly to my cell phone booster antenna you see in my video.
So the data for the nerdy people:
-I can get near full bars which means -70db signal on my pixel 6 when located at the same spot as this product and this product gets 70 db(viewed on the web portal)
- With my cell booster OFF, I get about -115db on my phone and -115 on this device.
-So the cheap Amazon booster works great when set up properly even with stock antennas.
That translated to about 20-30 down and 5-10 up on my phone using the boosted LTE.
-BUT when doing speed test on my computer when using this product I only get around 6 down and 2-5 up at the time of testing
These speeds change with network/tower traffic of course but I think its interesting that the speeds can be so different from 2 devices that are using the same carrier and cell band and have about the same signal strength so I'm going to call my carrier and present this data as i suspect they are messing with my speeds.
Other details, 70 bucks added on my bill for this extra "line" and 150gb of data...
It is good at what it does. You will need to research first.
Seeing a lot of reviews saying this didn't meet expectations and people returning the LM1200, such as not broadcasting Wi-Fi or not working with this and that carrier. I'm about half and half on that, I can see why some would be frustrated but I also feel like this is a product that before you sink money in to you need to do your homework first, and know exactly what you are wanting to do with it.
My use case is utilizing the failover feature on my Tp-link ER605 handled by my Omada controller. The LM1200 does have built in failover but I'd rather have my gateway handle that, and my ISP has me set on a public static IP so I wouldn't be able to get an address through DHCP like many consumer Internet lines anyway. For this it works perfectly if my primary fiber WAN goes down - averaging around 25 - 30 seconds, I'm back up with Internet no problem. Once the ER605 is utilizing the LM1200, my LAN equipment (switch, access points) continue on like nothing happened. Phones, computers and servers just plug away.
At first I had some issues with using a Verizon SIM pre-pay card in bridge mode, spent half a day trying to figure out why that wasn't working until finding documentation that Verizon does this intentionally with that mode, allowing one endpoint only and killing the connection any time another device is introduced. However on the LM1200, there is a router mode. Turning this on, turning off DHCP and telling my gateway to utilize the next WAN at so-and-so address when fiber dies, everything works as expected. Bridge mode can differ from other carriers, such at a T-Mobile card I tried worked just fine in bridge mode.
Sadly, one objective I wanted to accomplish was utilizing Dynamic DNS to my purchased domain name, and having my VPN available from outside to connect in to my network if fiber went down. Indeed VPN works as expected on fiber, but in order to make bridge OR router mode work the LM1200 introduces Double NAT and even though there is a built in port forward, DMZ feature etc. it seems like connecting in is not possible. At least with my Verizon card that is the case. I've heard you can start a business, provide Verizon with a tax ID and pay $500 for a static WAN IP, but I think I'm good on that end. I also tested this with T-Mobile as well specifically in bridge mode, but still could not connect in. You can take a chance if you are a business and are willing to pay for a static IP, but at that point carriers likely have a sales rep that want to sell you their gear and will plug their ears before you can say the word "Netgear". I could go buy the best, most expensive LTE modem and still run in to this issue, so I'll stick with the LM1200.
Plugging in a $20 antenna set and setting them near my window, I get full bars on Verizon. This device is 4G sure, but I'm still pulling speeds around 50 - 60 Mbps which is great considering this is a pre-pay SIM and I'm not on some crazy post-pay plan. I intentionally tested failing over during a work Zoom meeting, about a second of people talking sounding "glitchy" and the LTE kicked in just fine, conversation carried on as normal.
I could see this being a God send for mobile / remote users. Grab a SIM with the best frequency in your area or cost per GB, get a proper antenna and go to town. In the city I have choices with carriers and Verizon happens to be my best one here, and this gives me peace of mind that in an emergency or my fiber line going out I can continue working from home as needed.
Good product - review by a not tech savvy guy.
I am not tech savvy. Here is my experience.
We live rural and have few options for internet. FirstNet/ATT works well at our house. For 3 years we used a tablet as a hotspot for household internet. It was much faster than Hughes net and cheaper. However average download speeds were around 3-4 mbps, the signal quality was 90-110 dbs, and the connection was unreliable requiring moving the tablet or rebooting it daily.
I tried a cheap router first but got scared off by the Chinese apps. Then tried this router. It did not work with my Sim card. I went to FirstNet and they said to call tech support for FirstNet.
I stayed in the store and called them. They eventually created a new Sim card that was internet only and not whatever was in my tablet. The router worked. Being in the store worked well as they were on speaker with the staff there and could iron out technical issues beyond my skill.
Its been about a month. Download speeds are 15-80 mbps. Signal strength is about -45 dbs. Reliability is much better and only requiring resetting about once a week. I have added wifi antennas. Not sure if they helped. This did not change my plan and I remain out of contract for the same price as before.
Very pleased.
Good LTE Modem
I bought one of these a year ago and it was junk so I sent it back to Netgear for a refund. I decided to give it another try this year as we live in the boonies and cannot get decent internet here. We've been using my old AT&T Netgear LM1100 WiFi Hotspots. The problem is these units are NOT made for 24/7 use and are limited to 5 devices.
I was getting around this by using a router after the LM1100s but I would have to reboot them every day. I went back to this LM1200 to try again and have an actual full time LTE modem. This unit works really well compared to my old one from last year which got horrible speeds even with a rooftop antenna. This new one works very well and gives us decent speeds with the antenna and is actually made for 24/7 use and supports many more devices as well.
Web user interface is in HTTP and available from public IP address, a serious security concern!
Infrastructure engineer here (I work with large-scale computer networks and servers) so I apologize in advance that some of the terminology used may be beyond layman's terms. Firstly, I should state that my "Wifi signal" rating in this review was reflective of the LTE wireless connectivity for this device. It has no other wireless connectivity. I am using the LTE modem with an external dual-interface antenna, and the signal is still terrible when compared to the USB LTE modem this replaced, from the same location, using the same antenna. Secondly, I will state that I am not utilizing or depending on the "LTE fail-over" functionality of this device at all, it is only being used to supply a second internet connection to a second WAN on my firewall which is handling the fail-over itself.
I am writing this review after having spoken with Netgear support at length regarding the concerns I will describe below. Needless to say, their first "answer" for my concerns was that "this is a home product, not a business product." To explain why I purchased this product, it was meant to replace my existing, soon to be retired Sprint EVDO Netgear LTE modem that was already connected through USB to my firewall to provide LTE fail-over in case of loss of connection through my primary internet. Yes, with Sprint having been purchased by T-Mobile, it was decided they would retire the Sprint EVDO network in favor of the GSM network. As such, my novel solution (since there appear to be no LTE USB modems for my current carrier) was to purchase the LM1200 and attach it to a data-only SIM on my wireless account.
A simple enough solution in theory, or so I thought. But that was before I received, updated, and configured my LM1200. Given that the LM1200 is designed to be placed in front of your router/firewall, I would have expected the LM1200 to have the ability to configure the web GUI to use HTTPS rather than the HTTP that it operates in (you cannot). I also would have expected the ability to disable web GUI access from the LTE and WAN interfaces, you know, to prevent people from logging into the LTE modem management interface from the public internet. I think the chat transcript from my Netgear support sums this up the best:
Bradley F: May I ask what is the purpose of enabling https only?
Me: To prevent my configurations and credentials from being passed to or from the device in clear/plain text?
Bradley F: I see, for home modem they are only with Http and for prevention, you must keep your credentials as secret as possible
Bradley F: We do not have business equivalent for a LTE modem
Me: Really. What is the solution then for a business who needs an LTE modem to place on a secondary WAN interface of a firewall for fail-over?
Bradley F: We only have BR200/BR500 and Orbi Pro NOTE: These are firewalls, and do not list LTE connectivity as options.
Me: If I tried to install this product in that way for a business, I would get fired if they understood how insecure it is!
Bradley F: but those are already routers
Me: Yes, and I need specifically an LTE modem to augment the business-class firewall I already have.
Bradley F: Unfortunately we don't have business LTE modems
Me: Wow...
Bradley F: Sorry about that
Let me explain it to you another way. You can login to the LM1200 device using its public IP address assigned to the WAN or LTE interfaces. Because the LM1200 uses HTTP instead of HTTPS, data sent to or from the LM1200 is not encrypted. When you login to the LM1200 from anywhere, the interface is presented entirely in HTTP, meaning your config and password are sent in plain text (clear text), and could potentially be "sniffed" by anyone who is also on the same . I don't think you will be able to see my image names when this review is posted, but there will be only a few. Look for the one that is a list of public IP addresses. That image shows a network scan of the /24 subnet to which my public IP address belonged. Ideally, you should not be able to scan for and find the addresses of other devices on your ISP's network, but in my case, you could. This also means others on the same network can scan/monitor you and possibly capture your credentials when you enter them. "Screen Shot 11-03-21 at 04.47 PM.PNG"
I feel, given their choice to make the user interface HTTP, that users should be able to disable or enable the ability to login from any interfaces to prevent such snooping. It is bad enough that Netgear has already saved invaders the trouble of guessing a username (there is none, only a password). As an edge device, the LM1200 should have been released with security in mind, regardless of being a "home" product. I myself have not encountered a network device that offered only HTTP for its configuration interface since the early 2000s. Here we are in 2021 with Netgear's latest offering for an LTE modem, and it appears to have been designed with less security in mind than a Chinese government-issued web chat client. Is it that Netgear doesn't think home users are subject to hackers, script kiddies, and identitiy theft? I assure you, they are, and Netgear should have better security on this from the start.
I would also point out that there are some concerning entries in the config file if saved from the LM1200. There is only one account on the device so far as I was able to discern from the web interface. However, even though I changed that one password on my device, there existed still the following line stored in the unencrypted config. Take that as you will:
"webd.ownerPassword=1234"
As such, until Netgear adds the ability to enable an HTTPS user interface (as they have on mose of their other home/business firewalls and routers) and the ability to limit or disable login access to the LM1200, I cannot in good conscience advise any home or business user to purchase or use this LTE modem as it now exists. Even if a user also intend to place the modem behind another firewall, it would only protect you from would-be hackers for your Ethernet WAN interface (and only while that WAN interface is active). There is no way to protect yourself on the LTE modem public interface!.
My device details are listed below, and I will revise this review should Netgear correct these security concerns.
Firmware Version: EC25AFFDR07A09M4G
App Version: NTG9X07C_20.06.09.00
Web App Version: LM1200-HDATA_03.03.103.201
Hardware Version: 1.0
2021-11-15 Addendum, I had asked the question of the manufacturer, "Will Netgear allow users to prevent login from public ip interface? since the gui is only http, this is a security concern. looking for mfg answer." and received the reply back same day, "Remote access to the modem is off by default, so the admin Gui would not be accessible from the public IP address."
I am not entirely sure how to respond to the manufacturer's reply, but I have some screenshots (see attached) from my own modem that would indicate remote management IS possible from the public IP on the LTE interface. I did nothing that I know of to enable this, and if there is an undocumented way to disable it, I would really like to know how.
Labels: affordable mesh wifi , affordable router , best inexpensive router , cheap 5g router , cheap modem router combo , cheap openwrt router , cheap wireless router , cheapest dual band router
0 comments:
Post a Comment