Contributor
•
1 Message
BGW210-700 IP Passthrough - LAN devices not working!
I tried to set up my BGW210-700 (ATT fiber) as a modem and maintain my existing router for wifi. I am getting good wifi signal and internet speeds on wifi form the router but I cannot get any of the Ethernet cable connected devices (e.g. NAS box, amazon fire box etc) to be recognized by the network. The LAN devices are all showing no internet connection. Here is my set up below. I used tips from other posts to set this up. Any idea what am I doing wrong with respect to the LAN devices?
Equipment:
Modem -BGW210-700
Router - Asus RT-AC5300
Switch - TP-Link 8 Port Gigabit Ethernet Network
BGW210-700 setup:
Home Network -> Wifi: Disabled both 2.4 Ghz and 5GHz
Home Network -> Subnets and DHCP:
Device IPv4 Address: 192.168.48.1
Subnet Mask: 255.255.255.0
DHCP Server Enable: On
DHCPv4 Start Address: 192.168.48.2
DHCPv4 End Address: 192.168.48.254
Public Subnet Mode: Off
Cascaded Router Enable: Off
Firewall -> Packet FIlter -> Disabled packet filtering
FireWall -> IP Passthrough:
Allocation Mode: Passthrough
Default Server Internal Address: blank
Passthrough Mode: DHCPS-fixed
Passthrough Fixed MAC Address: Manual Entry - ASUS router LAN mac address
Passthrough DHCP Lease: 99 days
ASUS Router Setup: Access Point Mode
Ethernet Cables:
BGW210 EtherNET port 4 -> ASUS WAN PORT
ASUS gigabit LAN 1 -> TP-Link switch
TP link switch -> ethernet to all other devices
tinslwc
Teacher
•
248 Messages
3 years ago
Your BGW needs to have the ASUS WAN MAC address for IP Passthrough and that should fix it. My DHCP lease time is set to 10 minutes and although I didn't think I could change it, it appears that I can. I would set it back to 10 minutes to be safe for now.
You ASUS appears to be incorrect. I'm not familiar with the ASUS configurations, but it needs to be in 'Router' mode, not 'Access Point Mode'. Typically, Access Point Mode would disable DHCP, DNS, maybe even the WAN port altogether so the ASUS would act as a WiFi access point. If these services are unavailable behind the ASUS, nothing will work.
If you want to keep 'Access Point Mode' then disable IP Passthrough on the BGW and connect BGW LAN to ASUS LAN instead of WAN. All LAN ports (BGW, TPLink, ASUS) become the same network. Change the BGW DHCP range to be something link 192.168.48.100 to 192.168.48.200. Set the ASUS IP Address to something like 192.168.48.10.
If you want to keep IP Passthrough, correct BGW IP Passthrough MAC address and lease time. Connect ASUS WAN to BGW LAN. Set ASUS LAN IP to something like 192.168.49.1 (don't use 48, must be different from BGW LAN). Set ASUS to 'Router' mode (or whatever ASUS calls it).
0
0
browndk26
ACE - Professor
•
5.8K Messages
3 years ago
To add to the previous post. Ip passthrough instructions
https://forums.att.com/conversations/att-internet-equipment/bridgemode-vs-ip-passthrough-setup-information/5defbfffbad5f2f606ad5ed2
If you want to use ip passthrough, reset both devices and start over. After setting the gateway into io passthrough ASUS router, reboot the ASUS router. It should assign the gateway wan ip to the ASUS and give it a lan ip. Best to leave the gateway on the default lan ip.
(edited)
0
0
tinslwc
Teacher
•
248 Messages
3 years ago
@browndk26 You may want to blur out your v4 address. Just my $0.02.
0
0
browndk26
ACE - Professor
•
5.8K Messages
3 years ago
Yeah I thought about that before posting. Deleted the photo. Op should be able to figure things out. Gateway ips aren’t that secure.
0
0
tinslwc
Teacher
•
248 Messages
3 years ago
@browndk26 Going off topic here. My opinion on the public GW IP is that someone knowing the public IP can pretty easily use it for geolocation, website tracking, linking profiles among different boards... I know a lot of that information is publicly available already, but I'd err on the side of caution (or at least making it more difficult).
For myself, people here know I run a dual stack configuration using PfSense. If in the future, if some BSD vulnerability came out and someone had my public address(es), then it makes me an easier target.
A good firewall should be sufficient protection, but why make it easier to find.
0
0