Treo600user's profile

Teacher

 • 

3 Messages

Wednesday, March 16th, 2011 3:18 PM

U-verse for BUSINESS? : 2Wire 3600HGV bridge mode? or another AT&T supported VDSL modem?

I am having trouble properly configuring this AT&T 2Wire 3600HGV modem for my network. Maybe someone is aware of a different firmware for this product?

 

I am completely aware of how to setup the DMZ mode & router behind router setup in these boxes but that is NOT the point. (We have supported firewalled networked equipment working that has all the bells & whistles including QoS)

 

In the event of a factory reset of the AT&T 2Wire VDSL modem at this business, I want to properly insure the following business requirements are met:

- DHCP - OFF (at min, it appears you must leave one available?)

- WiFi - OFF (Yes this can be turned off, but bridging it always insured it was turned off in the past. ON is a security concern among just bad business i.e. conflict with other business WiFi, employees might see/use this non-content filtered WiFi, etc etc)

- & passing off internet service needs to be easy to another networked supported OUTSIDE of AT&T firewall. (I'm NOT asking for AT&T support on this, but in the bridge DSL world, this was EASY)

- if bridging this 2Wire is NOT an option, backing up the configuration settings would be a nice alternative but that is not available as well?

 

Bridging the old DSL modems always worked nicely but the 2Wire 3XXXHGV line appears to be the ONLY ones to support the AT&T VDSL Max Turbo speeds. 24Mbps down / 3 Mbps up which we use not only for normal business operations (credit cards, business email, web based training, etc) but this high speed is required to view onsite security video (3Mbps up) and offer customers FAST free WiFi!

 

AT&T U-Verse offers the right price, contract, speed, internet package & installers to properly handle our resturant locations company's data needs but I'm struggling with the their "business" support of this 2Wire VDSL modem product. We ONLY use the internet, no TV (not legally available for restaurants, yet). No Voip because POTS is our reliable backup. So it's just the internet service ...

 

For coverage on AT&T Uverse, we have over 50 locations lit up like a Christmas tree but sadly business support on this product is driving me nutz! Maybe because I now see this is listed under "Residential Gateway"? Is this AT&T 2Wire VDSL modem product not meant for business? Is anyone aware of another supported AT&T VDSL modem or a different 2Wire firmware available? Official AT&T support has me running in circles (AT&T U-verse support > AT&T Connecttech > AT&T Connecttech360 > AT&T U-verse support, rinse, repeat)  

 

help?

Tutor

 • 

8 Messages

12 years ago

thanks much!

Contributor

 • 

1 Message

12 years ago

@danlintz

Blocking 25 is very common among ISPs.

It helps protect their network from being a relay for spam bots on infected uses computers.

 

The usual work around is to use a second port.  Some mailservers open up 26 specifically for this pupose.  

 

Most people don't run into the issue because they use their ISPs email address, or they use a web based address like gmail/aol/yahoo.

 

As a mailserver admin, I have walked many businesses through this issue. 

 

Brian

Tutor

 • 

2 Messages

12 years ago

SomeJoe777,

 

I think you deserve an award.  I have been doing this sort of thing for decades now and this is one of the meatiest and effective threads I have ever seen.  Great job, and of course, thanks.  For many of us, U-Verse is our only high speed option, and its a great service.  But working with it can be tricky.  You are really helping to make a great service become exceptional.

 

My question is simple, and I think the answer is still "No", but I will ask again anyway.  I read all 14 pages, including post 120 on the 15th with focus on my question.

 

All I want to do is use OpenDNS (or an equivalent parental control feature) for the DNS servers for all of my connected devices, not the STB.  I have been running the "inside" router setup now for a while, successfully (but I will go back and setup the RG with the other options you mention in post#2.

 

So, is there any way to use an alternate DNS for specific devices without the extra routing?

 

 

Expert

 • 

9.4K Messages

12 years ago

If your device(s) can have their IP addressing information manually specified, then you can manually put the 208.67.222.222 and 208.67.220.220 addresses for the OpenDNS servers into those devices. Both Windows and Mac computers will support this. For this scenario, you don't need an extra router.

However, there are some devices where putting in manually-specified DNS addresses is not an available option, they are required to get the DNS addresses via DHCP. If you have any of those devices, then running them behind your own router is the only way. The U-Verse RG does not allow you to manually specify DNS addresses to hand out to clients via DHCP.

Tutor

 • 

2 Messages

12 years ago

Thanks for the idea and that's exactly what I did in the beginning and it worked fine. Two windows pc's, three iPhones. But with three younger boys and visiting friends and relatives whom I allow on the LAN,I wanted to minimize any circumvention so my router hands out OpenDNS. It's too bad. For its sheer size Att should provide a simple feature like this.

What are you thoughts on DD-WRT? I am contemplating flashing my four Linksys WRT54G's to it. (one router and three WAPs).

Expert

 • 

9.4K Messages

12 years ago

I have played with DD-WRT briefly, but I don't use it. In my day job I do small-to-medium business networks (among other things), so I use primarily Cisco equipment. I have a Cisco 2811 at my house doing my routing as the DMZ device behind the RG.

Tutor

 • 

5 Messages

12 years ago

Hopefully this is a simple question:

 

When a device (router or other) is placed in "DMZ+", it is assigned a public ip by the RG, instead of a LAN-side private ip, I gather...and that all (most) ports are open to the device.

 

Is that a separate public ip handed out in addition to the one assigned to the RG? Will ports assigned to devices via NAT mapping on the RG reamin available and open for the DMZ'ed device or are they Nat'ed to devices by the RG "first
" upstream of the DMZ?

 

Reason I'm asking is I'd like to place a sip phone/pbx on my network and have it work concurrently with another sip device that can potentially share the same ports. I know I could purchase a block of 5 usable public ips, but based on this, it may be that I can have a truly "separate" public ip using DMZ+?

 

I'm currentlu using the RG for router functionality, and while I could add a router in DMZ behind it, it works for other devices and so hoped I could just run the pbx device in DMZ and provide it a straight shot in/out?

Tutor

 • 

5 Messages

12 years ago

To clarify...if I take the following statement from the 2wire config page verbatim:

 

"Allow all applications (DMZplus mode) - Set the selected computer in DMZplus mode. All inbound traffic, except traffic which has been specifically assigned to another computer using the "Allow individual applications" feature, will automatically be directed to this computer. The DMZplus-enabled computer is less secure because all unassigned firewall ports are opened for that computer."

 

...it would seem that if I specified nat mapping via the 2wire to machines on the existing lan, the device in the dmz cannot be targeted at those ports since they are mapped ahead of it. Does this also mean there is still only one pingable public ip...unless of course I purchase an additional block?

Expert

 • 

9.4K Messages

12 years ago

When a device is in the DMZ, the RG does not do any routing for that device, it is as if that device was directly connected to the Internet. However, there are still a few ports that are blocked, some of which will interfere with SIP/VOIP.

If you want to run SIP/VOIP, you will need static IPs since that is the only way to get an IP address with those ports open.

Tutor

 • 

5 Messages

12 years ago

I'm getting stuck at the beginning. My Linksys WRT54GS is set to DHCP. When I plug my linksys's WAN port to the RG's LAN port, the RG does not have my linksys on the device list.

 

I've tried factory restoring both devices and even using different LAN ports of the RG.

 

Not sure what I'm doing wrong.

Not finding what you're looking for?
New to AT&T Community?
New to the AT&T Community? Start by visiting the Community How-To.
New to the AT&T Community?
Visit the Community How-To.