Welcome to the new AT&T Community
We've got a fresh look! Take the tour to see what's new.
I am having trouble properly configuring this AT&T 2Wire 3600HGV modem for my network. Maybe someone is aware of a different firmware for this product?
I am completely aware of how to setup the DMZ mode & router behind router setup in these boxes but that is NOT the point. (We have supported firewalled networked equipment working that has all the bells & whistles including QoS)
In the event of a factory reset of the AT&T 2Wire VDSL modem at this business, I want to properly insure the following business requirements are met:
- DHCP - OFF (at min, it appears you must leave one available?)
- WiFi - OFF (Yes this can be turned off, but bridging it always insured it was turned off in the past. ON is a security concern among just bad business i.e. conflict with other business WiFi, employees might see/use this non-content filtered WiFi, etc etc)
- & passing off internet service needs to be easy to another networked supported OUTSIDE of AT&T firewall. (I'm NOT asking for AT&T support on this, but in the bridge DSL world, this was EASY)
- if bridging this 2Wire is NOT an option, backing up the configuration settings would be a nice alternative but that is not available as well?
Bridging the old DSL modems always worked nicely but the 2Wire 3XXXHGV line appears to be the ONLY ones to support the AT&T VDSL Max Turbo speeds. 24Mbps down / 3 Mbps up which we use not only for normal business operations (credit cards, business email, web based training, etc) but this high speed is required to view onsite security video (3Mbps up) and offer customers FAST free WiFi!
AT&T U-Verse offers the right price, contract, speed, internet package & installers to properly handle our resturant locations company's data needs but I'm struggling with the their "business" support of this 2Wire VDSL modem product. We ONLY use the internet, no TV (not legally available for restaurants, yet). No Voip because POTS is our reliable backup. So it's just the internet service ...
For coverage on AT&T Uverse, we have over 50 locations lit up like a Christmas tree but sadly business support on this product is driving me nutz! Maybe because I now see this is listed under "Residential Gateway"? Is this AT&T 2Wire VDSL modem product not meant for business? Is anyone aware of another supported AT&T VDSL modem or a different 2Wire firmware available? Official AT&T support has me running in circles (AT&T U-verse support > AT&T Connecttech > AT&T Connecttech360 > AT&T U-verse support, rinse, repeat)
There is no true bridge mode on the 2Wire routers. However, you can still configure it such that almost all functions of your own router will work properly.
1. Set your router's WAN interface to get an IP address via DHCP. This is required at first so that the 2Wire recognizes your router.
2. Plug your router's WAN interface to one of the 2Wire's LAN interfaces.
3. Restart your router, let it get an IP address via DHCP.
4. Log into the 2Wire router's interface. Go to Settings -> Firewall -> Applications, Pinholes, and DMZ
5. Select your router under section (1).
6. Click the DMZPlus button under section (2).
7. Click the Save button.
8. Restart your router, when it gets an address via DHCP again, it will be the public outside IP address. At this point, you can leave your router in DHCP mode (make sure the firewall on your router allows the DHCP renewal packets, which will occur every 10 minutes), or you can change your router's IP address assignment on the WAN interface to static, and use the same settings it received via DHCP.
9. On the 2Wire router, go to Settings -> Firewall -> Advanced Configuration
10. Uncheck the following: Stealth Mode, Block Ping, Strict UDP Session Control.
11. Check everything under Outbound Protocol Control except NetBIOS.
12. Uncheck NetBIOS under Inbound Protocol Control.
13. Uncheck all the Attack Detection checkboxes (7 of them).
14. Click Save.
Your router should now be able to route as if the 2Wire was a straight bridge, for the most part.
Inbound port 22 might be blocked, and inbound ports 8000-8015 might also be blocked, and there's nothing that can be done about it.
This is how I have my 2Wire configured, and I have a Cisco 2811 behind it doing IPSec, IPv6 tunnels, etc.
Yeah I believed it to be some sort of IP address issue and the gateway not supplying a proper address to the router. I have had to factory reset the gateway before when I had one of my stbs swapped out. Things are working for now and hopefully they continue to work. I will report if I see any further issues. Thanks all.
Well things worked for part of the day but now it is back to not working. I can no longer get a wireless signal from the E4200. Funny thing is that I am able to ping the gateway from the router and ping the router from the gateway. The device shows up as an unknown in the gateway. Any more ideas as to what could be the issue? I'm pretty much getting to the point in returning this router cause I did not have this much issues when setting up the DIR655 and don't think the 'upgrade' is worth this trouble.
Sounds like a plan. Maybe you could swap it for a different brand that might work better.
I have a CradlePoint MBR1000 that worked with almost no configuration changes. I already had it setup with my previous Charter cable modem with my network configured to connnect two wireless laptops and my Droid and two Roku's connected wirelessly, as well as a wired printer and wired Slingbox. When I switched to U-Verse, I connected my wired devices directly to the RG. I also plugged the two Roku's into a DVR/STB. To configure the CradlePoint router, I simply changed it's IP address and turned off it's DHCP. I plugged it into one of the RG lan ports and everything worked flawlessly. The only other thing I did was turn off the RG wireless signal.
My WAN Screen on my Belkin has the following options Dynamic, Static, PPoE, PPTP, Telstra and L2tP. The 2Wire sees the Belkin up to step 6 then when I pick DMZ it say it needs to be in DCHP mode but I don't see anywhere to change this option...help please.
thanks i got to work, i had the cable from the router plugged into the wrong port on the belkin
Awesome support. Been searching two days to find an answer to these questions, and finally came across this thread. I have the 3801HGV and a NetGear WNDR3700. I've got Cat5 from the RG to multiple settop boxes including an Xbox 360 slim using the AT&T Xbox kit. The router is setup using your instructions from Post #2, and I have multiple desktops/laptops plugged into it as well as an HP WIndows Home Server with all of my movies, music etc.. My question is, if I have these setup on distinct subnets, is there no way for the Xbox connected to the RG to see the files on the WHS server? The reason I decide to use the Xbox was to be able to stream movies from the WHS easily.
Hoping you can help.
I have a long and skinny house with the RG in a closet at one end. Is there a way of adding a router as a wireless access point at the other end of the house using the instructions in post 13, but STILL KEEP THE WIRELESS ON at the RG? If so, and if I set up all the info the same (using G instead of N, same SSID, same encryption scheme, same passphrase) and be able to roam wirelessly from one end of the house to the other?
Thank you so much for all this extremely valuable advice!
I tried some of the tutorials in this thread, but I am still unable to get internet.
Here is what I am trying to do
I have two computers connected to the 2Wire router that came from ATT, and I have two more that I want to be connected to another router (TP-Link) because it's a gigabit router and I transfer files very often between PC3 and PC4.
I have a wire from a LAN port of 2Wire going to the WAN port of the TP-Link router. I followed the steps in one of Joe's first posts, and everything was set up like it said it would be. (The TP-Link router got the external IP and ect) However I have no internet connectivity on PC3 and PC4
I did tried changing routers default address pool from 192.168.1.100-200 to 192.168.2.100-200, but that didn't help.
Thank you for your time.
To do this you have to open all ports on the 2Wire router. If you have already done this then I don't know what the problem can be. I have similar setup but with a Belkin router and works fine with two different IP pools like you have. FYI the two PC on the 2wire router will be more accessible to hacks with all the ports open...i have all my PC on my Belkin and 1 of my SlingBoxes and my Xbox connected to the 2wire since they could not connect through Belkin
^ I don't have all the ports open on 2Wire, but the LAN port that the router is connected to is set for DMZPlus.
Don't follow the instructions in post 2 of this thread. For your application, follow the instructions in post 13. This will turn your TPLink into a switch + wireless access point. You will not use the WAN port on the TPLink, just the LAN ports.
Joe, (and everyone else), if you're still prowling around here, I could really use some help. I've been at this for quite a while, so any advice would be hugely appreciated.
I have the 2Wire RG, a Time Capsule (1st gen), a Mac Mini running OSX Server 10.6, a pile of switches, and a block of static IP's from Uverse.
The environment is a small business (25-30 people in and out on laptops, phones, a couple of hard-wired desktops, etc.)
My goals are relatively simple, but I can't seem to figure it out.
The main goal is to set up the Mini as an FTP server that can be accessed through the LAN and from the WAN.
Secondary goals would be wireless network printing, as well as two separate wireless networks (the time capsule serving specifically N-enabled devices, while the 2-wire would deal with everything else a/b/g, whatever).
Edit: I also wouldn't mind having some DNS resolution for the Mini on the LAN.
This seems to be the only thing on the internet that I can find that deals with the 2Wire, so I hope you all can help me out.
Thanks in advance.
I tried the other forum and Oz responded, but said he wasn't sure exactly what to do with the networking. Maybe I'll give it another try and put it in more generalized terms, rather than specific hardware, since you seem to be the resident networking genius.
I think there's only a couple things tripping me up, and I should be able to troubleshoot on my own once I have the main skeleton figured out.
I have: A server that I would like to do DHCP, FTP, and some DNS Resolution; a wireless router that can be put in bridge mode, the RG, and a block of static IPs.
My main questions are:
Where do I need to point my static IP (to which piece of hardware)?
Do I need to add a supplimentary network in the RG setup?
Should I place anything in the DMZ?
Are there any ports I should need to open up?
What would be the physical cabling setup?
RG --> Router --> Server ?
RG --> Router ?
If this still doesn't make sense, I apologize for bothering you.
Thanks for the help in this thread -- I've been troubleshooting some issues and your comments have been invaluable.
I do have a question, though. I followed the instructions in post 2 on this thread (turning the 2Wire into a pseudo-bridge) and have a Netgear WNR2000v3 in the DMZ, with all my other devices hanging off the Netgear (had to do this because my wife works from home and has a SIP phone that connects to an IP PBX at her work that I simply could not get to play nice with the 2Wire, even in the DMZ).
I think I ran into the problem you mention in point 8 of that post, wherein after a short period of time the Netgear would just lose its Internet connectivity; I guess it was probably blocking the DHCP renewal packets. I followed your advice and set the IP address static and everything has been fine for 30 minutes now. Hooray!
My question is this: since the IP address I've set the Netgear to is actually the public IP address the 2Wire is assigned by AT&T, and it's not a static address, is that address likely to change regularly? I assume when that happens, my connectivity will break pretty hard. Do I need to get a static IP from AT&T? Do they even offer those to residential customers?
If your IP address happens to change, then yes, it will break your connectivity and you'll have to reconfigure the NetGear.
However, it is known that on the U-Verse system, IP addresses normally do not ever change, unless the 2Wire RG is replaced or (sometimes) if it's factory reset.
I have been running a web server at home on a U-Verse IP address for over a year, and the IP address has not changed.
You can indeed purchace a block of 5 static IP addresses if you want, but those have to be assigned by the 2Wire. The 2Wire also has no facility to insert a static route, so you can't use those static IP addresses behind your router -- you can only use one of them on your NetGear's WAN interface. The other 4 would go unused.
Is this the easiest way to set my router up behind the RG? I want to have as many functions as I can from my Router which is the Asus RT-N56U
There are some routers that have issues with the DHCP renewal process from the 2Wire router. To correct this, open a firewall port on your D-Link to accept all inbound traffic from any IP address on UDP port 68.
It appears that I've got one of these routers. Outlook on any computer connected to the LAN is loosing connection to Exchange Server every 10 minutes, resulting in Outlook freezing for several seconds while the connection is being restored. This never happped with just the 2Wire router.
I've followed the instructions in post #2 to set up my router behind the 2Wire. I set up the port forwarding on my router as follows:
Port Forward settings:
Port from = 68
Port to = 68
Protocol = UDP
IP Address forwarded to = static LAN address (for me 192.168.1.1)
Is this the right way to set this up? It doesn't change the Outlook problems I'm having.
Thanks so much for your help with this!
The router is a Linksys WRT54GL with DD-WRT v24-sp2 installed.
It did let me enter the WAN address, and I changed the "from" to 67, and the "to" remains 68.
But that didn't change the Outlook behavior, unfortunately. Still disconnecting every 10 minutes.
Sign up now to post, reply, and join the conversation.
© 2014 AT&T Intellectual Property© 2014 AT&T Intellectual Property link. This link will open a new window All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies. AT&T 36USC220506