Welcome to the new AT&T Community
We've got a fresh look! Take the tour to see what's new.
I am having trouble properly configuring this AT&T 2Wire 3600HGV modem for my network. Maybe someone is aware of a different firmware for this product?
I am completely aware of how to setup the DMZ mode & router behind router setup in these boxes but that is NOT the point. (We have supported firewalled networked equipment working that has all the bells & whistles including QoS)
In the event of a factory reset of the AT&T 2Wire VDSL modem at this business, I want to properly insure the following business requirements are met:
- DHCP - OFF (at min, it appears you must leave one available?)
- WiFi - OFF (Yes this can be turned off, but bridging it always insured it was turned off in the past. ON is a security concern among just bad business i.e. conflict with other business WiFi, employees might see/use this non-content filtered WiFi, etc etc)
- & passing off internet service needs to be easy to another networked supported OUTSIDE of AT&T firewall. (I'm NOT asking for AT&T support on this, but in the bridge DSL world, this was EASY)
- if bridging this 2Wire is NOT an option, backing up the configuration settings would be a nice alternative but that is not available as well?
Bridging the old DSL modems always worked nicely but the 2Wire 3XXXHGV line appears to be the ONLY ones to support the AT&T VDSL Max Turbo speeds. 24Mbps down / 3 Mbps up which we use not only for normal business operations (credit cards, business email, web based training, etc) but this high speed is required to view onsite security video (3Mbps up) and offer customers FAST free WiFi!
AT&T U-Verse offers the right price, contract, speed, internet package & installers to properly handle our resturant locations company's data needs but I'm struggling with the their "business" support of this 2Wire VDSL modem product. We ONLY use the internet, no TV (not legally available for restaurants, yet). No Voip because POTS is our reliable backup. So it's just the internet service ...
For coverage on AT&T Uverse, we have over 50 locations lit up like a Christmas tree but sadly business support on this product is driving me nutz! Maybe because I now see this is listed under "Residential Gateway"? Is this AT&T 2Wire VDSL modem product not meant for business? Is anyone aware of another supported AT&T VDSL modem or a different 2Wire firmware available? Official AT&T support has me running in circles (AT&T U-verse support > AT&T Connecttech > AT&T Connecttech360 > AT&T U-verse support, rinse, repeat)
There is no true bridge mode on the 2Wire routers. However, you can still configure it such that almost all functions of your own router will work properly.
1. Set your router's WAN interface to get an IP address via DHCP. This is required at first so that the 2Wire recognizes your router.
2. Plug your router's WAN interface to one of the 2Wire's LAN interfaces.
3. Restart your router, let it get an IP address via DHCP.
4. Log into the 2Wire router's interface. Go to Settings -> Firewall -> Applications, Pinholes, and DMZ
5. Select your router under section (1).
6. Click the DMZPlus button under section (2).
7. Click the Save button.
8. Restart your router, when it gets an address via DHCP again, it will be the public outside IP address. At this point, you can leave your router in DHCP mode (make sure the firewall on your router allows the DHCP renewal packets, which will occur every 10 minutes), or you can change your router's IP address assignment on the WAN interface to static, and use the same settings it received via DHCP.
9. On the 2Wire router, go to Settings -> Firewall -> Advanced Configuration
10. Uncheck the following: Stealth Mode, Block Ping, Strict UDP Session Control.
11. Check everything under Outbound Protocol Control except NetBIOS.
12. Uncheck NetBIOS under Inbound Protocol Control.
13. Uncheck all the Attack Detection checkboxes (7 of them).
14. Click Save.
Your router should now be able to route as if the 2Wire was a straight bridge, for the most part.
Inbound port 22 might be blocked, and inbound ports 8000-8015 might also be blocked, and there's nothing that can be done about it.
This is how I have my 2Wire configured, and I have a Cisco 2811 behind it doing IPSec, IPv6 tunnels, etc.
I tried some of the tutorials in this thread, but I am still unable to get internet.
Here is what I am trying to do
I have two computers connected to the 2Wire router that came from ATT, and I have two more that I want to be connected to another router (TP-Link) because it's a gigabit router and I transfer files very often between PC3 and PC4.
I have a wire from a LAN port of 2Wire going to the WAN port of the TP-Link router. I followed the steps in one of Joe's first posts, and everything was set up like it said it would be. (The TP-Link router got the external IP and ect) However I have no internet connectivity on PC3 and PC4
I did tried changing routers default address pool from 192.168.1.100-200 to 192.168.2.100-200, but that didn't help.
Thank you for your time.
To do this you have to open all ports on the 2Wire router. If you have already done this then I don't know what the problem can be. I have similar setup but with a Belkin router and works fine with two different IP pools like you have. FYI the two PC on the 2wire router will be more accessible to hacks with all the ports open...i have all my PC on my Belkin and 1 of my SlingBoxes and my Xbox connected to the 2wire since they could not connect through Belkin
^ I don't have all the ports open on 2Wire, but the LAN port that the router is connected to is set for DMZPlus.
Don't follow the instructions in post 2 of this thread. For your application, follow the instructions in post 13. This will turn your TPLink into a switch + wireless access point. You will not use the WAN port on the TPLink, just the LAN ports.
^ That work perfectly, thank you so much!
I did see it before, but I figured I needed the other steps.
Thank you again! I can finally enjoy my gigabit network again.
Joe, (and everyone else), if you're still prowling around here, I could really use some help. I've been at this for quite a while, so any advice would be hugely appreciated.
I have the 2Wire RG, a Time Capsule (1st gen), a Mac Mini running OSX Server 10.6, a pile of switches, and a block of static IP's from Uverse.
The environment is a small business (25-30 people in and out on laptops, phones, a couple of hard-wired desktops, etc.)
My goals are relatively simple, but I can't seem to figure it out.
The main goal is to set up the Mini as an FTP server that can be accessed through the LAN and from the WAN.
Secondary goals would be wireless network printing, as well as two separate wireless networks (the time capsule serving specifically N-enabled devices, while the 2-wire would deal with everything else a/b/g, whatever).
Edit: I also wouldn't mind having some DNS resolution for the Mini on the LAN.
This seems to be the only thing on the internet that I can find that deals with the 2Wire, so I hope you all can help me out.
Thanks in advance.
I tried the other forum and Oz responded, but said he wasn't sure exactly what to do with the networking. Maybe I'll give it another try and put it in more generalized terms, rather than specific hardware, since you seem to be the resident networking genius.
I think there's only a couple things tripping me up, and I should be able to troubleshoot on my own once I have the main skeleton figured out.
I have: A server that I would like to do DHCP, FTP, and some DNS Resolution; a wireless router that can be put in bridge mode, the RG, and a block of static IPs.
My main questions are:
Where do I need to point my static IP (to which piece of hardware)?
Do I need to add a supplimentary network in the RG setup?
Should I place anything in the DMZ?
Are there any ports I should need to open up?
What would be the physical cabling setup?
RG --> Router --> Server ?
RG --> Router ?
If this still doesn't make sense, I apologize for bothering you.
Thanks for the help in this thread -- I've been troubleshooting some issues and your comments have been invaluable.
I do have a question, though. I followed the instructions in post 2 on this thread (turning the 2Wire into a pseudo-bridge) and have a Netgear WNR2000v3 in the DMZ, with all my other devices hanging off the Netgear (had to do this because my wife works from home and has a SIP phone that connects to an IP PBX at her work that I simply could not get to play nice with the 2Wire, even in the DMZ).
I think I ran into the problem you mention in point 8 of that post, wherein after a short period of time the Netgear would just lose its Internet connectivity; I guess it was probably blocking the DHCP renewal packets. I followed your advice and set the IP address static and everything has been fine for 30 minutes now. Hooray!
My question is this: since the IP address I've set the Netgear to is actually the public IP address the 2Wire is assigned by AT&T, and it's not a static address, is that address likely to change regularly? I assume when that happens, my connectivity will break pretty hard. Do I need to get a static IP from AT&T? Do they even offer those to residential customers?
If your IP address happens to change, then yes, it will break your connectivity and you'll have to reconfigure the NetGear.
However, it is known that on the U-Verse system, IP addresses normally do not ever change, unless the 2Wire RG is replaced or (sometimes) if it's factory reset.
I have been running a web server at home on a U-Verse IP address for over a year, and the IP address has not changed.
You can indeed purchace a block of 5 static IP addresses if you want, but those have to be assigned by the 2Wire. The 2Wire also has no facility to insert a static route, so you can't use those static IP addresses behind your router -- you can only use one of them on your NetGear's WAN interface. The other 4 would go unused.
Is this the easiest way to set my router up behind the RG? I want to have as many functions as I can from my Router which is the Asus RT-N56U
Hi Joe, I am thinking you can help with my issue. Here is what I've got:
Uverse 2Wire 3800HGV-B
Netgear WNDR3400 (brand new!)
LG N2A2DD2 NAS (fairly new!)
My Netgear was just hooked up the other day and seemed to realize what was going on and automatically assigned itself a new sub net (10.0.0.1). The 2Wire is still 192.168.1.254. Everything seemed to work just fine....networked all my computers, printers and have access to my LG within the network.
Now one of the reasons I put the new router behind the 2Wire was to get access to the LG from outside the network. The LG has software that helps to set it up but it is telling me that I need to setup port forwarding on my router. I tried this when I had the 2Wire only but couldn't get it to work since 2Wire doesn't support UPnp. So, I bought this new router, set up port forwarding for all the ports that LG says I need open, and it still fails to connect on all three test items: Web (HTTP, HTTPS), FTP Port, & Media Server. I followed all your instructions on Post #2 as well and rebooted the Netgear multiple times and still cannot get it to pass.
I want to first make sure I've got everything setup correctly on the 2Wire and Netgear before contacting LG about how to get this to work and thought you might be able to help. Thanks!
I'm running the 3800HGV-B with a Netgear WNDR3700v2 router and followed all the steps in post #2 and my router is not getting the public IP. It keeps getting it from the RG of 192.168.x.x and the private network is getting 10.0.0.x. I rebooted both devices one at a time and still not getting the publis IP on the Netgear.
Great post and feedback. I have read through all of your instructions however I am still a bit 'fuzzy' as to which configuration will suit me best.
I want to use my ASUS RT-N56U for everything, not just an access point. I want to turn 'wireless off' the RG and only use the RG for TV and my internet feed to my router. So to be even more clear, I want nothing connected to my RG except for the router to receive the internet from it in order to provide it to a single network both LAN and WAN on my router. Does that make sense?
This also includes firewall functions as well.
Should I follow post 2 and just disable everything on the RG i.e. wireless, lan, wan? Will I still have to have 2 subnets in order for this to work properly?
Your feedback is invaulable. Thank you.
There are some routers that have issues with the DHCP renewal process from the 2Wire router. To correct this, open a firewall port on your D-Link to accept all inbound traffic from any IP address on UDP port 68.
It appears that I've got one of these routers. Outlook on any computer connected to the LAN is loosing connection to Exchange Server every 10 minutes, resulting in Outlook freezing for several seconds while the connection is being restored. This never happped with just the 2Wire router.
I've followed the instructions in post #2 to set up my router behind the 2Wire. I set up the port forwarding on my router as follows:
Port Forward settings:
Port from = 68
Port to = 68
Protocol = UDP
IP Address forwarded to = static LAN address (for me 192.168.1.1)
Is this the right way to set this up? It doesn't change the Outlook problems I'm having.
Thanks so much for your help with this!
The router is a Linksys WRT54GL with DD-WRT v24-sp2 installed.
It did let me enter the WAN address, and I changed the "from" to 67, and the "to" remains 68.
But that didn't change the Outlook behavior, unfortunately. Still disconnecting every 10 minutes.
Thank you SO MUCH for that info! I REALLY appreciate your help!
Have a Happy and Blessed New Year!
Moved for better exposure
Yep, post #13 should do nicely for you. Plug your NAS into one of the LAN ports on your router.
In general, the only reasons you might need to use post #2 instead of post #13:
• You want to control ports on your firewall using your router rather than the 2Wire.
• You have a device or application that needs UPnP (like some gaming systems)
• You need parental controls, QOS, or VPN functions that only your router can do.
If all you want is more reliable wireless, or 802.11n (faster) wireless, you don't need post #2, you only need post #13.
Sign up now to post, reply, and join the conversation.
© 2014 AT&T Intellectual Property© 2014 AT&T Intellectual Property link. This link will open a new window All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies. AT&T 36USC220506