Get superfast AT&T Fiber internet
need4swede's profile

7 Messages

Monday, February 26th, 2024 5:46 PM

IP Passthrough, Deco Mesh Router and Port Forwarding

I used to run Comcast with my own modem and router. Hosting my Docker apps with Caddy and DuckDNS (port forwarding 80/443 in router). I would access my apps through my DuckDNS sub domain and things worked great.

I recently switched to AT&T fiber. I setup my AT&T gateway in IP pass through mode and disabled all firewall options (and obviously turned off Wi-Fi.) My router works (TP-Link Deco X55 Pro) and all the AP’s (and their mesh pass-off) seem to be working great - but I can’t seem to get port forwarding to work. IP Passthrough is set to DHCPS-Fixed and I selected my router's MAC from the dropdown.

I noticed that the AT&T gateway (192.168.1.254) assigned an IP to my router (192.168.1.67) via DHCP. In my Deco router's settings, that assigned IP is listed as the router’s IPv4 address, whereas previously I would see my public IP address listed there. I set my LAN IP on my router to be 192.168.0.1, so all client devices are now connecting via 192.168.0.50 - 192.168.0.255 (instead of the gateway's subnet of 192.168.1.XX) to avoid any issues.

In DuckDNS, I gave it my public IP address (that I can see from the AT&T gateway) and refreshed. Deleted my caddy config and AppData (Windows 11 PC) and it was able to get certs and release locks without any errors.

What am I doing wrong here? Did something go wrong in my passthrough setup? I would think the router would have my public IP listed, but the fact that I see the private LAN IP that the gateway assigned tells me passthrough isn't working right.

Accepted Solution

ACE - Expert

 • 

35K Messages

2 months ago

can I disable DHCP in my AT&T gateway all together?

You can, but not while using DHCPS-Fixed.  You'd have to switch to Manual, and statically set the Public Address, default Gateway and subnet mask in your router.  Then, in the event your Dynamic Public IP address changed, you'd have to fix your router to have the new one.

What's the best way to release the LAN IP that my router was issued and 'force' it to use the WAN via passthrough?

If you haven't changed the default DHCP timeout it should be 10 minutes, so turn off the router for 5 minutes, then turn it back on.  If that doesn't work, try it again.  If that doesn't work, change the router to use a static WAN IP (chosen at random), save that, then put it back to Dynamic; that should make it get a new one.

ACE - Professor

 • 

5.4K Messages

2 months ago

You must have not setup ip passthrough correctly.  Need to specify the MAC address of your device in gateway settings, and then should see the public WAN IP address in your personal router. 

ACE - Expert

 • 

35K Messages

2 months ago

As gr8sho indicates, your IP Passthrough is not working as expected.  If working properly, your router will have the same WAN address as the Gateway (the IP will "pass through", as will the traffic, though the Gateway will still appear as a routing hop).  Sometimes there is an issue because the DHCP lease to your router for the private IPv4 hasn't run out, so it won't request a new one and get the Public IPv4.  Or it could be a setup issue on the DHCPS-Fixed target.

7 Messages

2 months ago

@gr8sho @JefferMC 

Thank you both for your input.

When setting up the IP Passthrough, I had my router connected and selected its MAC from the drop down (DHCPS-Fixed).

I think what Jeffer suggested may be true, that the LAN IP issued via DHCP hasn't expired and this is why it's still using that.
Since I'm planning on running my own Router and have that handle IP allocation, can I disable DHCP in my AT&T gateway all together?

What's the best way to release the LAN IP that my router was issued and 'force' it to use the WAN via passthrough? Decrease the lease time, disable DHCP and reboot router?

I apologize if my phrasing is wrong, but I hope my intent is understood. Thank you both for your help!

(edited)

7 Messages

2 months ago

@JefferMC 

You were right on the money. The LAN IP (issued via DHCP) was released and now the WAN IP appears and port-forwarding works as intended.

Thank you very much for your help!

ACE - Professor

 • 

5.4K Messages

2 months ago

I believe when doing the setup it’s recommended to restart the router to pickup the changes from the upstream side.  

Not finding what you're looking for?
New to AT&T Community?
New to the AT&T Community? Start by visiting the Community How-To.
New to the AT&T Community?
Visit the Community How-To.