Treo600user's profile

Teacher

 • 

3 Messages

Wednesday, March 16th, 2011 3:18 PM

U-verse for BUSINESS? : 2Wire 3600HGV bridge mode? or another AT&T supported VDSL modem?

I am having trouble properly configuring this AT&T 2Wire 3600HGV modem for my network. Maybe someone is aware of a different firmware for this product?

 

I am completely aware of how to setup the DMZ mode & router behind router setup in these boxes but that is NOT the point. (We have supported firewalled networked equipment working that has all the bells & whistles including QoS)

 

In the event of a factory reset of the AT&T 2Wire VDSL modem at this business, I want to properly insure the following business requirements are met:

- DHCP - OFF (at min, it appears you must leave one available?)

- WiFi - OFF (Yes this can be turned off, but bridging it always insured it was turned off in the past. ON is a security concern among just bad business i.e. conflict with other business WiFi, employees might see/use this non-content filtered WiFi, etc etc)

- & passing off internet service needs to be easy to another networked supported OUTSIDE of AT&T firewall. (I'm NOT asking for AT&T support on this, but in the bridge DSL world, this was EASY)

- if bridging this 2Wire is NOT an option, backing up the configuration settings would be a nice alternative but that is not available as well?

 

Bridging the old DSL modems always worked nicely but the 2Wire 3XXXHGV line appears to be the ONLY ones to support the AT&T VDSL Max Turbo speeds. 24Mbps down / 3 Mbps up which we use not only for normal business operations (credit cards, business email, web based training, etc) but this high speed is required to view onsite security video (3Mbps up) and offer customers FAST free WiFi!

 

AT&T U-Verse offers the right price, contract, speed, internet package & installers to properly handle our resturant locations company's data needs but I'm struggling with the their "business" support of this 2Wire VDSL modem product. We ONLY use the internet, no TV (not legally available for restaurants, yet). No Voip because POTS is our reliable backup. So it's just the internet service ...

 

For coverage on AT&T Uverse, we have over 50 locations lit up like a Christmas tree but sadly business support on this product is driving me nutz! Maybe because I now see this is listed under "Residential Gateway"? Is this AT&T 2Wire VDSL modem product not meant for business? Is anyone aware of another supported AT&T VDSL modem or a different 2Wire firmware available? Official AT&T support has me running in circles (AT&T U-verse support > AT&T Connecttech > AT&T Connecttech360 > AT&T U-verse support, rinse, repeat)  

 

help?

Voyager

 • 

2 Messages

11 years ago

Read through the 13 pages of this thread, really great stuff.  However, my setup is a little different than what I've read so far so I'd like some input on what I've done.

Before getting Uverse, my hardware was:

dual WAN router: a Peplink Balance 210 router (no built-in wireless):
http://www.peplink.com/balance/tech-spec/#comparison
- small side story: I initially ordered the Peplink Balance 20 and Peplink screwed up my initial order.  To make up for their screw-up, they sent me a Balance 210 instead which I was totally fine with.

D-Link DIR-655 Wireless N Gigabit Router (setup as a wireless access point)
http://www.dlink.com/us/en/home-solutions/connect/routers/dir-655-wireless-n-gigabit-router

Motorola SB6120 SURFboard DOCSIS 3.0 Cable Modem (for Comcast Internet Performance package, 20Mbps down, 4Mbps up)
http://www.motorola.com/Video-Solutions/US-EN/Products-and-Services/Voice-and-Data-Consumer-Premise-Equipment/DOCSIS-Modems-Gateways-and-eMTAs/Cable-Modems/Motorola_SURFboard_SB6120_US-EN

Motorola Netopia 2210-02 ADSL2+ Gateway modem (for AT&T DSL Internet FastAccess DSL Direct 6.0M package, 6Mbps down, 1.5Mbps up)
http://www.motorola.com/staticfiles/Consumers/Products/DSL%20Modems%20and%20Gateways/Netopia%20ADSL2+%20Modem%20-%202210-02-10NA/_Documents/Static%20Files/2210-02%20-%20User%20Guide.pdf

RingCentral Polycom IP 335 2-line SIP phone
http://www.ringcentral.com/office/phone-details.html

and a multitude of other devices such as desktops, laptops, switches, security and home automation systems, game consoles, HDHomeRun TV tuners, smartphones, tablets, and other various devices that need occasional Internet access.  Upwards of 30 devices have access to my local network.  My entire house is wired CAT6 with at least one wired drop in every room.  Wireless is really only used for casual Internet surfing from smartphones and tablets and the occasional laptop out on the patio.

I work from a home office along with my wife and we need virtually 100% Internet uptime.  In my area, Comcast residential Internet is actually very solid, but still has infrequent drops throughout the year, hence the dual WAN router and two Internet connections.  With over two years of this setup, I never once was without Internet.

The network hardware for this was pretty easy to setup even though I don't have a background in IT.  I had Comcast on Peplink WAN1 with DHCP and AT&T DSL on Peplink WAN2 with PPPoE.  I had the D-Link wireless router going from D-Link LAN1 to Peplink LAN1.  I had the D-link setup as a wireless access point with DHCP turned off and setup with a static IP in the D-Link Admin.  Everything load balanced properly between the Comcast and AT&T DSL connections and wireless mostly worked properly (just intermittent connection drops in the wireless connection for some reason that I've never been able to figure out).

About six months ago, I canceled all AT&T services including DSL to save a little money, but mostly because I was upset with some additional charges on my AT&T cellphone bill (long story).  Recently Comcast Internet has become a little unstable because of upgrades going on in my area so I decided to get DSL again.  However, AT&T informed me that there were no longer any free "DSL slots" in my area and if I wanted Internet from AT&T, I would have to get Uverse so I did.

I got the Uverse Max package with self-install, 12 Mbps down, 1.5Mbps up.  The self-install kit arrived with an AT&T branded 2Wire 3600HGV router.  I did some initial research and came across this thread which was great, especially the steps by SomeJoe7777 in post #2:

http://forums.att.com/t5/Residential-Gateway/U-verse-for-BUSINESS-2Wire-3600HGV-bridge-mode-or-another-AT-amp/m-p/2707755#M182

After reviewing these steps, I thought perhaps that some of those listed may not apply to me in the same way because of the Peplink dual WAN router I was using.  My first steps were:

- I plugged the 3600HGV directly into a laptop to register and configure.  Everything worked properly and the laptop had Internet connection in less than 20 minutes.

- I then went to the 3600HGV admin at 192.168.1.254 to Settings > LAN > Wireless and disabled wireless since I would be using the D-Link DIR-655 for wireless.

- then to Settings > Firewall > Advanced Configuration and unchecked the boxes indicated in steps 9 thru 14 in post #2 by SomeJoe7777.

- Hoping it would just "work", I made no other changes and unplugged from the laptop and plugged the 3600HGV into WAN2 on the Peplink router.

I setup WAN2 on the Peplink as DHCP, enabled WAN2 and waited to see what would happen.  Unfortunately, WAN2 picked up the internal IP address and gateway of the 3600HGV (192.168.x.x addresses) so I knew I had to try something different.  I plugged the 3600HGV back into the laptop and went to Settings > LAN > DHCP and changed the "DHCP Network Range" from "192.168.1.0 / 255.255.255.0" to "172.16.0.0 / 255.255.0.0" and clicked the SAVE button.  I guess this would be like post #7 suggested:

http://forums.att.com/t5/Residential-Gateway/U-verse-for-BUSINESS-2Wire-3600HGV-bridge-mode-or-another-AT-amp/m-p/2723229#M307

Once the 3600HGV rebooted, I made note of the IP address, subnet mask, default gateway, and DNS server IPs under Settings > Broadband > Status > Internet Details.  After this, I unplugged from the laptop and re-plugged back into WAN2 on the Peplink.

In the Peplink admin, I went to Network > WAN2 and changed the "Connection Method" from "DHCP" to "Static IP".  I then went to the "Static IP Settings" section and entered the "IP Address", "Subnet Mask", "Default Gateway", and "DNS Servers" numbers I had gotten from the 3600HGV's "Internet Details" section, clicked the SAVE button, then "Apply Changes" and the Peplink Balance 210 router refreshed the WAN2 connection (WAN1 never dropped during these changes which was great).

After the refresh, both WANs in the Peplink admin showed as connected and both showed outside IPs which seemed encouraging.  I successfully connected to the Internet with several devices including my main desktop, a laptop, my smartphone, the SIP phone, and even a game console.  As another test, I disconnected WAN1 (the Comcast connection) to see if everything would switch over to WAN2 (the Uverse connection) and that worked as well.

I reconnected WAN1 so both connections were available and then tested about 10 devices in the house to have a bunch of connections going at the same time.  I then went to the Peplink admin, Status > Active Sessions to see if the Peplink was load balancing between WAN1 and WAN2 and the "Outbound" section showed devices on both WAN1 and WAN2.  So everything seems to be functioning properly as far as I can tell (again, completely lacking any IT background, I'm a web designer and developer by trade).  As a side note, to connect to the Uverse admin, I have to go to http://172.16.0.1/.



So my questions are:

1. Since everything seems to be working properly, is it ok that I deviated from the 14 steps in post #2 because of the advanced nature of the Peplink dual WAN router?  Have I overlooked something that will cause me issues in the future?

2. Also, does anyone think that I should still go to the 3600HGV admin and go to Settings > Firewall > Applications, Pinholes and DMZ > 1) Select a computer, and set the Peplink to "Allow all applications (DMZplus mode)".  I guess this would be steps 4 thru 7 in post #2.

Since everything seems to be functioning properly over a 12 hour period with no connection drops, I'm probably not going to make any other changes unless someone here sees any issues with my setup or thinks there are ways to improve it.  Again, thanks to SomeJoe7777 and everyone else for all the information.

 

Expert

 • 

9.4K Messages

11 years ago

djgcue,

Yes, you can turn off the 2Wire's wireless, and plug in the wireless access box for the wireless STB.

Expert

 • 

9.4K Messages

11 years ago

tahlyn,

That Peplink is a nice unit. Smiley Happy

 

I do think you still need to go into the 2Wire and designate the Peplink WAN2 port as the DMZPlus device.  That way it will be sure to be recognized by the 2Wire as always needing the outside IP address.  If you don't do this, the 2Wire will be expecting the Peplink WAN2 port to be in the 172.16.x.x subnet, and will be confused when the WAN2 port presents itself as the registered outside IP.

 

Furthermore, you won't be able to inbound load balance at all unless you do this, because the 2Wire won't have any NAT port translation entries for services/servers behind the Peplink.

 

Once you do that, reboot the Peplink and you should be good.

 

Voyager

 • 

2 Messages

11 years ago

thanks for the help.  I set it to DMZPlus as you suggested.  I went back and re-read the 14 steps in post #2 and decided to set WAN2 to DHCP in the Peplink admin to see what would happen.  When I did, the connection still works.  However, I noticed the DNS Server for WAN2 in the Peplink admin is now 172.16.0.1 not 68.94.156.1 and 68.94.157.1.

 

1. Should I just manually enter the the DNS server IPs for WAN2 or should I leave it as 172.16.0.1 in the Peplink admin?

 

2.  Or, should I just switch back to static IP for WAN2 and just enter everything manually?  Is one way better than the other in my case?

 

thanks again for your help.

Expert

 • 

9.4K Messages

11 years ago

The 68.94.x.x addresses are AT&T's upstream DNS servers. You would probably get slightly faster DNS response if you put them into the Peplink manually rather than allow the Peplink to use the RG as the resolver.

You can leave the Peplink on DHCP if the Peplink is OK with the (slightly non-standard) way that the RG renews DHCP. If you notice that the connection drops at 10 minute intervals, then change the Peplink WAN2 port back to static, but leave it assigned as the DMZPlus device in the 2Wire.

Tutor

 • 

9 Messages

11 years ago

Hi all

 

More than half a year ago I went with powerline adapters and ended up scrapping the whole idea because performance was abysmal and the fact that it became a pain because I can't add a static route on the residential gateway. I went ahead and collapsed it all back down to just the residential gateway.

 

Now I am wanting to set up my own DNS server/domain on the network and a pain point with this is that I cannot specify the DNS servers to use when giving out DHCP leases. My thoughts are to use a third party router to provide DHCP to the entire network AND have it on the same subnet as the residental gateway.

 

Heres my idea:

1. Reduce the DHCP scope size on the residential gateway to only give out one IP address, 192.168.1.10

2. Plug in the third party router with the WAN router's port getting the single DHCP lease in the residential gateway's DHCP scope.

3. Turn on DHCP server on the router and use that to serve DHCP to the entire network (scope would start at 192.168.1.11).

 

Anything glaringly wrong with this? Anyone have any opinions?

 

Contributor

 • 

1 Message

11 years ago

Joe:

 

Fantastic info here.  Your patience is astounding!!  If this question has already been answered, I apologize...

 

First of all, I have U-verse TV, phone and internet service.  I will be setting up an AirPort Extreme as the router for my PCs and mobile devices.  I see when configuing my RG, that a pinhole has aleady been set for a Cisco device.  I can only assume this is for the Cisco branded DVR that ATT has supplied.  It is on port 43 and has already been "mapped" to an outside ip address. 

 

My question is, will setting up DMZplus with MY router interfere with any of the set top boxes on the RG's inside network (192.168.1.254)?  I was under the assumption that there was only one outside static IP that ATT supplies for a residential setup.

 

Thanks in advance,

Expert

 • 

9.4K Messages

11 years ago

Yes, if you have wireless TV boxes (DVR and/or STBs), then Cisco access point that provides the wireless boxes with their connection automatically opens a pinhole for port 443. This means that inbound traffic to port 443 will always go to the Cisco wireless access point. AT&T uses this port to manage that access point.

You can still use the DMZPlus feature with your Airport Extreme and this will not interfere with the Cisco access point. However, you cannot have inbound connections on port 443 go to your Airport. This would only be an issue if you were running your own website on a server behind the Airport and needed it to respond on HTTPS (secure connection).

Yes, there is only one outside IP address on a normal U-Verse connection (it's not technically static, but it also never changes unless the RG is replaced). That outside IP address will route almost all traffic to your Airport in DMZPlus mode, with the exception of port 443 and ports 8000-8015.

Tutor

 • 

4 Messages

11 years ago


@SomeJoe7777 wrote:
If you set up router-behind-router, your router (your Asus) will have full control of QOS within the limits of the Internet package that you've purchased.

So do I have to do everything you described in post #2 or just plug the Asus into the RG, turn on router behind router detection and turn off wireless in the RG, and everything would be good to go? This was my original post from way back in August. I know, I'm late to the party haha. *EDIT* Would router behind router detection allow the RG to detect it, or is it just for a notification?

 

I tried searching for the answer, but either it was beyond my understanding or I just could not find the information.

 

I have a 3801HGV and I am looking to "bridge" it to an Asus RT-N56U dual band router. Obviously, it will not be a full bridge, but close enough (according to what I have read). My question is, will the new router have control of the traffic shaping or will that still be under the 2wire gateway? I am not knowledgable enough with wireless/internet terms and uses to know if this will work, but it was my understanding that QoS from the Asus would be superior to what is used on the 2wire. Would this be true or should I just use the Asus as an access point for the dual band frequencies?

 

My main applications are gaming, watching HD videos, and sometimes torrenting.

Tutor

 • 

4 Messages

11 years ago

Ok, got my Asus RT-N56U working with my 3801HGV. Plugged it into an ethernet port on the RG and did the automatic setup for the Asus. Everything is working now for both 2.4Ghz and 5Ghz. One question though, when I enable the QoS on the Asus, it has 4 preset services, Websurf (Port 80), HTTPS (Port 443), File Transfer (Port 80), File Transfer (Port 443). Do those ports have to be opened on the 2Wire RG or is it just through this router? Also, I have the wireless TV receivers, and the Cisco AP for them is set to port 443 on the 2Wire RG, will this conflic with the Asus QoS?

 

Any other tips or tricks I can do to optimize my setup? Thanks for the help so far.

Not finding what you're looking for?
New to AT&T Community?
New to the AT&T Community? Start by visiting the Community How-To.
New to the AT&T Community?
Visit the Community How-To.