Explore & discover

Helpful Links

Port Forwarding with the BGW210-700 FW 1.6.7 in passthrough mode

Contributor

Port Forwarding with the BGW210-700 FW 1.6.7 in passthrough mode

Hi all,

 

I'm having some trouble accessing external ports (SSH via 2200 for example, but also others) with the above modem. I have a Unifi box set to passthrough mode via DHCPS ( that displays an att 99.*.*.* ip as a WAN address and gateway). It's my understanding that I should not need to configure port forwarding in passthrough mode on the BGW, only on through the unifi, which I have done. On the local network, the ssh daemon is reachable.  As an additional test, I set the BGW to allow remote access, and can reach it remotely. 

 

However, I've seen forum posts here that mention firmware 1.6.7 has problems with port forwarding. Most of the posts don't mention passthrough mode (or explicitly mention it as a workaround), but is it also affected? Are there other settings I should check? I have disabled packet filters and have no custom NAT rules (On the assumption that my router is publicly exposed and responsible for routing, firewalls, etc). The setup worked previously with the same unifi router as recently as last month, which made me suspect the BGW firmware as a possible culprit.

1,093 Views
Message 1 of 8
ACE - Expert

Re: Port Forwarding with the BGW210-700 FW 1.6.7 in passthrough mode

The BGW 210 has issues with Port Forwarding, in that it quits properly doing port forwarding rules after some amount of time.  However, when configured for Passthrough, it should forward all unsolicited traffic to the Passthrough target, unless (a) it's blocked by a filter, or (b) it's redirected due to some explicit port forwarding defined on the BGW 210.

 

 

Award for Community Excellence 2019 Achiever*
*The views and opinions expressed on this forum are purely my own. Any product claim, statistic, quote, or other representation about a product or service should be verified with the manufacturer, provider, or party.
Message 2 of 8
Contributor

Re: Port Forwarding with the BGW210-700 FW 1.6.7 in passthrough mode

Jeff, 

 

Thanks for clarifying that passthrough should be unaffected. Just to make sure, in this scenario, passthrough is what I need to be using, not cascaded routers, bgw port forwarding, public subnets, or some other option. Is that correct?

 

The unifi WAN is directly connected via ethernet to the BGW LAN, so there should be no intermediate filter, and I have no port forwards set up on the BGW. Is there a tcpdump tool, log, etc I can use to verify that traffic is/is not flowing through the BGW? An external port scan shows 2200 is being filtered, but nmap against the unifi box shows 2200 open. 

 

tcpdump against the unifi shows traffic flowing into its wan, and traffic coming out of its lan, and the only thing in the middle is the BGW. Anything else I can investigate?

Message 3 of 8
Tutor

Re: Port Forwarding with the BGW210-700 FW 1.6.7 in passthrough mode

As you say pass through “should” work, have  you tested 1.67 to see if pass through actually works?   I could get the public IP to be shared with the secondary router but I did not seem to get past the BGW210 firewall with inbound requests.  No entries in the log.   Factory reset prior to configuration.  Moving to a different ATT router worked.  

Message 4 of 8
Contributor

Re: Port Forwarding with the BGW210-700 FW 1.6.7 in passthrough mode

@yossarian I can confirm passthrough works, but I did have to edit a routing table that went stale on my backend before most of my ports started working. HTTP|S remained broken until a comment on a dropped packet in the BGW firewall caught my eye “WAN side access of management interface”

 

apparently with remote access enabled on the BGW, it does a hostile takeover of 80/443 regardless. 

 

Disabling remote access on the BGW once passthrough mode was correctly configured resolved the issue

Message 5 of 8

Re: Port Forwarding with the BGW210-700 FW 1.6.7 in passthrough mode

This does NOT resolve port forwarding issues.  Remote access is turned off on mine and all ports forward rules are ignored.

Message 6 of 8
ACE - Expert

Re: Port Forwarding with the BGW210-700 FW 1.6.7 in passthrough mode

@nitenshinarmor, IP Passthrough and a third party router resolves the port forwarding issue, by transferring responsibility for port forwarding to the third party router.

Award for Community Excellence 2019 Achiever*
*The views and opinions expressed on this forum are purely my own. Any product claim, statistic, quote, or other representation about a product or service should be verified with the manufacturer, provider, or party.
Message 7 of 8
Tutor

Re: Port Forwarding with the BGW210-700 FW 1.6.7 in passthrough mode

I was able to get pass through to work by rebooting the BGW210 and then secondary router.  Would prefer the port forwarding solution however...bummer for those that don't have a secondary router to cover up ATT port forward mess.

Message 8 of 8
Share this topic
Share this topic
Announcements

Are you having trouble logging in? Is your email password not working? Let us show you how to Reset your Email Password using myAT&T!

Additional Support