Strict NAT? Bridge Mode? What is IP Passthrough? Can I enable on my Arris BGW210 or like router?
The Arris BGW210-700 is an advanced residential gateway that supports VoIP, IPv6, video delivery, security firewall, and extensive remote management features.
The BGW210-700 Broadband Gateway delivers robust video, primary line telephony, and high-speed data over broadband networks via high-speed Internet connectivity.
The four Gigabit Ethernet ports can be separated into different services allowing the configuration of dedicated ports for data. It is designed for advanced DSL network service deployments and supports Quality of Service (QoS) and IP Passthrough.
Determining the Business Need
Business customers sometimes state that they need DSL/Broadband CPE that can be configure or placed into a Bridged Mode where they are putting other CPE behind the DSL/Broadband CPE. Many times, these customers can be better served with a configuration known as IP Passthrough. The below information explains the difference between IP Passthrough vs Bridged mode and provides instructions on how to configure the Arris BGW210-700 Internet Gateway for IP Passthrough.
IP Passthrough means the AT&T supported CPE device terminates the DSL, authenticates with the network (Receives a WAN IP) and shares that IP address with a single device connected to the AT&T supported CPE equipment. This configuration is often times suitable for a business customer desiring to connect third party equipment to AT&T supported equipment. The IP Passthrough configuration still allows AT&T support groups to access the AT&T supported equipment while allowing end-users to connect third party equipment in a configuration they desire. The IP Passthrough configuration will only allow one connection to AT&T supported equipment to be "unfiltered" or pingable from the WAN or internet side of the AT&T equipment (does not support multiple pingable connections).
The IP Passthrough feature allows a single PC on the LAN to have the AT&T Gateway's public address assigned to it. It also provides port address translation (PAT) or network address and port translation (NAPT) via the same public IP address for all other hosts on the private LAN subnet.
Using IP Passthrough, the public WAN IP is used to provide IP address translation for private LAN computers. The public WAN IP is assigned and reused on a LAN computer.
Note: Remember to make a copy of all current IP settings before proceeding.
Configuring IP Passthrough:
Run your Web browser application, such as Firefox and Chrome, from the computer connected to the Arris BGW210-700.
- Enter http://192.168.1.254 in the Location text box.
- Click the IP Passthrough tab and configure your settings.
Dynamic host configuration protocol (DHCP) address serving can automatically serve the WAN IP address to a LAN computer.
When DHCP is used for addressing the designated IP Passthrough computer, the acquired or configured WAN address is passed to DHCP, which will dynamically configure a single servable address subnet, and reserve the address for the configured PC's MAC address. This dynamic subnet configuration is based on the local and remote WAN address and subnet mask.
- The two DHCP modes assign the needed WAN IP information to the client automatically.
- You can select the MAC address of the computer you want to be the IP Passthrough client with fixed mode or with first-come-first-served dynamic. The first client to renew its address will be assigned the WAN IP.
- Manual mode is like statically configuring your connected computer. With Manual mode, you configure the TCP/IP Properties of the LAN client computer you want to be the IP Passthrough client. You then manually enter the WAN IP address, gateway address, and so on that matches the WAN IP address information of your AT&T device. This mode works the same as the DHCP modes. Unsolicited WAN traffic will get passed to this client. The client is still able to access the AT&T BGW210 device and other LAN clients on the 192.168.1.x network.
- DHCP Lease: By default, the IP Passthrough host's DHCP leases will be shortened to two minutes. This allows for timely updates of the host's IP address, which will be a private IP address before the WAN connection is established. After the WAN connection is established and has an address, the IP Passthrough host can renew its DHCP address binding to acquire the WAN IP address. You may alter this setting.
- Click Save. Changes take effect upon restart.
Note: IP Passthrough Restriction
Since both the BGW210 Internet Gateway and the IP Passthrough host use the same IP address, new sessions that conflict with existing sessions will be rejected by the BGW210. For example, suppose you are working from home using an IPSec tunnel from the router and from the IP Passthrough host. Both tunnels go to the same remote endpoint, such as the VPN access concentrator at your employer's office. In this case, the first one to start the IPSec traffic will be allowed; the second one from the WAN is indistinguishable and will fail.
If you need further assistance with your IP Passthrough setup and configuration contact ConnecTech Support.
Jared, AT&T Community Specialist
Need help with an account specific question? Post a new question here on the forums by clicking the "Ask a Question" button.
For additional support, please visit us at our AT&T services hub.