Get superfast AT&T Fiber internet
I

New Member

 • 

15 Messages

Wed, Nov 10, 2021 3:00 AM

BGW320-500 Routing, ISP Gateway, and "192.168.254.254" secret interface

I have been attempting to get my BGW320-500 to work with pfSense, and came across the following in the process of troubleshooting. 

I first enabled IP Passthrough on the BGW320, and entered the appropriate MAC address for DHCP. I connected my pfSense WAN interface to LAN1 and it received the public IP. I was able to ping my ISP gateway as is listed on the broadband details page of the BGW320. I could not however reach any host on the internet ie 8.8.8.8 or otherwise. 

As I have a 192.168.1.0/24 network behind pfSense I went back to change the ATT device/subnet to 192.168.0.254. 

After extensive checking/rechecking all settings within pfSense. Firewall rules, gateways, routing, everything. Rebooted both devices a few times.

I reconnect to the wifi provided by the BGW320 and start to investigate the NAT/state table. A private address pops out at me (192.168.254.254) as there is nothing that should be in this range. I investigate with traceroute and it shows as 1 hop away, same as my BGW320 @ 192.168.0.254.
I point a web browser at it and lo and behold it is the same as 192.168.0.254. All info the same. Even the section showing device MAC and IP.

I turn back to the state table and see a number of udp/dns entries and a single TCP established entry to 51.x.x.x: 5222.

I traceroute to this address and it shows as host down.

I retry the traceroute with the -Pn flag on zenmap/nmap as suggested. 


I then do a SYN scan of the one port, 5222, and traceroute again. This time it shows the host as up. 

So, what is going on here? Here's a SYN scan with all TCP ports targeted, showing same results except port on the "real" gateway 51010/tcp is filtered.

New Member

 • 

15 Messages

9分前

Why ATT. Why do you impose such horrible compression on user submitted images. You are AT&T, this is your customer forum, why....... 

Here are the high res / readable images. 

https://imgur.com/a/kPeVgfD

ATTHelp

Community Support

 • 

194.9K Messages

9分前

Let's see if we can get pfSense to work, @ipv4_and_7_fourths

 

For further assistance with 3rd party software, you'll need to reach out to our Tech360 group. They have the expertise and necessary tools to help.

 

If you have any other questions, feel free to reach out! 

 

Thank you for contacting AT&T Community Forums!

 

Raiden, AT&T Community Specialist 

New Member

 • 

15 Messages

9分前

I am not really looking for support on getting pfSense to work, I was simply providing the context with which I came across the issues I have outlined in my post, which are all present with just the BGW320-500. 

What is the 192.168.254.254 address? Why does it have the same MAC as my 192.168.254.254 address on its web interface, but represent a unique hop to my phone/laptop using traceroute?

Why is there an established TCP session to this address using port 5222/jabber? Is the amazon EC2 instance an ATT service? I noticed it has "lang:ru-RU", so am concerned.
Why is my ISP gateway not actually routing my traffic?

Need help?
New to AT&T Community?
New to the AT&T Community? Start by visiting the Community How-To.
New to the AT&T Community?
Visit the Community How-To.