Announcements
HBO Max - where HBO meets so much more!
bolynn80

Tutor

 • 

2 Messages

Wed, Oct 21, 2015 8:01 PM

How do I put Pace 5268AC Router in passthrough bridge mode?

Hello,

 

I have one of the new Pace 5268AC routers provided by AT&T Uverse and I want to put it in bridge mode so I can utilize my D-Link 3200AC Ultra Wi-Fi Router. There used to be a bridge mode setting in the past modem/router combo units that AT&T provided. However, I am unable to find how/where to put this Pace 5268AC router in bridge mode? 

Does anyone have an answer for this?


Thanks!

Responses

fpuppy

Teacher

 • 

16 Messages

3 years ago

@AliasMangler, I believe that MOST people who need to get away from the 5268 as their main router for WHATEVER reason (and you have listed several!) will be happy with configuring it using the LAN IP Address Allocation settings I described in post #28 OR using the DMZPlus & associated Firewall settings in the solution posted by @Darknessrise.  The only 2 situations that I have seen mentioned in this thread and elsewhere on the interweb that will still cause problems are:

  1. Using public static IPs provided by AT&T: in this case DMZPlus/LANIPAA will NOT work and the router must be configured using either the "Cascaded Router" or "Additional Network" settings under the Broadband tab.  Like @Darknessrise and some others who've helped here, I don't have access to such a setup, so can't really help those who are trying to get it working.  From reading the manual and based on posts hinting at partial success, I do believe it's possible but may require finding that last "i" or "t" that needs to be dotted or crossed.Smiley Wink
  2. The specific VPN-related issues that many have mentioned here.  These seem to be specific to the type of VPN being set up: @Mark_VPN & @JefferMC appear to have the 5268 working with a VPN router behind it, and I have SSL-VPN working to a SonicWall TZ300 behind a 5268 using DMZPlus.  However, others such as @jculley6 & @piersonk have not had as much success, so there are obviously bridge-mode related issues still plaguing this device.

Since you mention neither of these issues in your post, I believe you will be satisfied with the ASUS router running behind the 5268 in DMZPlus mode.

 

Let us know...

Teacher

 • 

13 Messages

3 years ago

@fpuppy, thanks for the response and concise summation of the great information provided in this thread. I will certainly be referring to post #28 and the solution posted by @Darknessrise when I finally get the time to install and configure the ASUS 3200.  I will certainly let folks know how it works out in my situation.....

 

Thanks again to everyone for their feedback.

piersonk

Mentor

 • 

33 Messages

3 years ago

@fpuppy - I believe @Mark_VPN solution was also using static addressing with a site-to-site bond.

 

To clarify, @jculley6 and I were able to get our routers working on dynamic/DMZ+, just not able to get site-to-site VPN traffic to pass between remote subnets. We're pretty confident that the 5268 is interfering with GRE 47. Unless you have a traditional, site-to-site GRE type of tunnel it should be ok. (IE: If you're using SSL-VPN into a TZ300 it sounds like you might be client dialing into your router on SSL, which utilizes different traffic.) Otherwise, *thumbsup*!

 

PS: Are you dynamic/DMZ+ or static?

jculley6

Teacher

 • 

23 Messages

3 years ago

The FW in the NVG599 behaves just like the Pace.  According to the GUI the firewall is off.  IP passthrough is working, my other router is getting the public IP. but the firewall log is loaded with stuff it blocks every minutes.  Cannot enable telnet.  The marketing people at ATT and the FW engineeris know what I need more than I do.  They get enough money, I am done.  The cable company will give me a plain old cable moden and more bandwidth.

 

Bottom Line:  ATT is going to block certain traffic from certain equipment that is not theirs and you cannot do anything about it.  If you need advanced networking DO NOT USE THEM.

jculley6

Teacher

 • 

23 Messages

3 years ago

Yet another session with ATT to confirm, I did get to l2 but they said it should work.  I said your firewall is blocking this traffic and I get that, you want be to upgrade to business class and under different circumstances I might just do that, but not this one.  Time Warner / Spectrum will be here tomorrow and if they fire(pay)wall me, well I guess I will just submit. The really fun part about this is that is all worked fine into an Asus RT-N66 router up until about 4 months ago.  I have workarounds, but it was a pain.  Now I am addressing it and the truth has come out:  upgrade to business class.

JefferMC

ACE - Expert

 • 

17.2K Messages

3 years ago


@jculley6 wrote:

Yet another session with ATT to confirm, I did get to l2 but they said it should work.  I said your firewall is blocking this traffic and I get that, you want be to upgrade to business class and under different circumstances I might just do that, but not this one.  Time Warner / Spectrum will be here tomorrow and if they fire(pay)wall me, well I guess I will just submit. The really fun part about this is that is all worked fine into an Asus RT-N66 router up until about 4 months ago.  I have workarounds, but it was a pain.  Now I am addressing it and the truth has come out:  upgrade to business class.


Upgrading to business class will increase the quality of support reps a little bit, and give you guaranteed response, but it should not markedly change how the Gateways perform.

 

Award for Community Excellence 2019 Achiever*
*I am not an AT&T employee, and the views and opinions expressed on this forum are purely my own. Any product claim, statistic, quote, or other representation about a product or service should be verified with the manufacturer, provider, or party.
jculley6

Teacher

 • 

23 Messages

3 years ago

@piersonk I have switched to time warner / spectrum and VPN, FTP, AIdisk all work but on ipv6 only.  I am getting a public ipv6 address but not ipv4.  Since ipv4 addresses are so scarce anymore they won't give you one unless you pay for it, another 60 bucks a month for business class (but you  get 300mb bandwidth too).  So, all your stuff has to be ipv6 compatible and it will work.Now, the ddns service I am using, asuscomm.com that comes with the router does not have AAAA ipv6 records, but I can use one that uses google's ipv6 dns servers:

  • 2001:4860:4860::8888
  • 2001:4860:4860::884

But I was able to esablish an FTP connection finally using Filezilla and putting my public ipv6 address in the server box encased in square brackets.

piersonk

Mentor

 • 

33 Messages

3 years ago

Copy all J, good report. Our local cable provider (starts with a C and rhymes with ox) gives you straight modem and a dynamic address that changes once about every 3 years. Completely uninterrupted bridge and I think I had to update the dynamic addr in the VPN config one time over a 6 period. 

 

So! We thought this thread was solved but it wasn't. As an update to all of the hard working technicians out there following this thread, and to the guys trying to figure it out, @fpuppy@jculley6@JefferMC@AliasMangler@Darknessrise, much respect to you all, my brothers.

 

However, as per the thread title "Re: I have a Pace 5268AC Router, how to put it in Bridge Mode?", we've come to a true and final conclusion:

 

YOU CAN'T

 

DMZ+ is not a bridge. ATT has control of your network and you don't. Deal with it or switch.

 

-PK-

jculley6

Teacher

 • 

23 Messages

3 years ago

I did not make my final conclusion about the ability of either the Arris or the Pace gateways ability to pass GRE/VPN and FTP traffic to my router, the L2 techs at ATT did.  The solution was to upgrade to business class.  

I have moved on, I am now customizing OpenVPN and SFTP, which both work perfectly with time warner.  I did have a problem at first, I had 2 modems registered so traffic was not landing, once I had them delete the old one, leaving only my Arris SB6190, it all works perfectly.  All of the cool stuff you get with Asus routers, AICloud, AIDisk, PPTP VPN, and FTP work great.  I have flashed it with Asuswrt-Merlin and I am now capturing historic traffic data, using OpenVPN, ability to run everything, or just some devices, through TOR, all kinds of fun stuff!

fpuppy

Teacher

 • 

16 Messages

3 years ago

@jculley6, just curious: what equipment were they going to provide you if you "upgraded to business class"?

 

@piersonk, just noticed the PS in your Dec 06 post: I have ONLY ever had dynamic IPs from AT&T and so have only configured using DMZ+/LAN IP AddrAlloc settings.

 

jculley6

Teacher

 • 

23 Messages

3 years ago

@fpuppy we never got that far, but I was guaranteed that it would be just a vdsl bridge

Teacher

 • 

13 Messages

3 years ago

Well, unfortunately it looks like my saga continues....  I finally had some time just now to set up the ASUS router I got to use behind the Pace.  I followed the instructions provided in this thread and thought everything was going well even considering that I needed an extra reboot of the ASUS before it showed up in the DMZ selection list.  So I thought hey it's in the list now so the rest is downhill....  Well, I unfortunately was wrong.  After selecting the router from the list,checking the DMZ option, and hitting save/update it processes for a few seconds and then returns an error code. 😞   The error code informs me that devices selected for DMZ can't have a static IP address and must use DHCP to obtain it's address from the Pace unit......  It would seem that the ASUS router can't be set up to obtain it's IP address via DHCP, at least I haven't been able to find where to change it.  So I'm going to have to dig around and see if it's possible to configure the ASUS for DHCP since I'm sure changing the DMZ requirement on the 5268 isn't a possibility......  I guess I may be returning the ASUS and taking ATT up on shipping me another 599....

 

 

JefferMC

ACE - Expert

 • 

17.2K Messages

3 years ago

When you put a device in DMZplus mode, it will be given the external public IP address for its WAN side address.  This is accomplished through the DHCP mechanism.  Once the router gets that address once, THEN you can configure it statically to have that address (since it won't change very often, years likely).

 

Award for Community Excellence 2019 Achiever*
*I am not an AT&T employee, and the views and opinions expressed on this forum are purely my own. Any product claim, statistic, quote, or other representation about a product or service should be verified with the manufacturer, provider, or party.

Teacher

 • 

13 Messages

3 years ago

@JefferMC , thanks for the tip.  I haven't found any means to get the ASUS router to accept a DHCP address from the Pace pool though.  I've got to do some more digging around to find out if it's possible.

JefferMC

ACE - Expert

 • 

17.2K Messages

3 years ago

The ASUS should make a DHCP request in its default configuration.

 

Award for Community Excellence 2019 Achiever*
*I am not an AT&T employee, and the views and opinions expressed on this forum are purely my own. Any product claim, statistic, quote, or other representation about a product or service should be verified with the manufacturer, provider, or party.