Bridge-mode vs IP Pass-through - Info from the AT&T Community

^^Same as always.  The gateway will route the 192.x address appropriately.

This post was the key to solving my problem.  THANKS! =D  Note that “IP Passthrough” is under the Firewall tab (not mentioned in the post above).

Although, in my case “IP Passthrough” didn’t actually work with DHCPS-dynamic as “advertised.”  I had to use “manual” and put my enterprise-class router’s MAC address there in the AT&T gateway/router Firewall -> IP Passthrough screen.  I then had to put my enterprise-class router into static mode and enter the WAN IP and router information from the broadband details screen from the AT&T gateway/router.  The WAN netmask wasn’t listed there, so it had to be computed.  255.255.240.0 in my case.

I do not know who marked this as SOLVED. It is far from solved. When you put the Arris BGW210-700 in passthrough mode, it becomes a snail. You lose half the bandwidth you're paying for. At least! I want to know what the answer is for this. Try it yourself. First plug your computer into the back of it on any unused lan port. Run a speed test. Now set up passthrough. Why is your throughput suddenly half of what it was before? It doesn't matter where you plug your Cat6 cable, it's still the same. SLOW! As far as I can see, there is no way to put this modem in passthrough mode and not lose bandwidth. I feel you are probably better off turning off wifi on this unit, as it is mediocre at best, running a line to a poE switch and powering your own access points such as Ubiquiti's or Mikrotik. A router behind this unit is of little value. It seems unless the Arris does the routing, it's SLOW!! I hope that someone can show us how they are truly setting this up to achieve anywhere near gigabit speeds. I ain't seein' it. All I see is AT&T going around marking these threads as solved. The speed issue certainly isn't solved.

^^Go to the uverse section on dslreports and read up on bypass methods.  Getting the gateway out of the pictures solves most problems (assuming you have fiber).  This is an unsupported configuration but works extremely well.

I'll do it as this is ridiculous. 

TURN OFF all firewall features on the ATT modem

@dunnjo 

What exactly do you mean by turning off all firewall features?

Are you talking about going into the "Firewall Advanced" tab and turning off all the settings there?

Thanks.

What firewall do you have?

These settings worked on a GBW210-700, running Software version 1.8.18.

If not already done, connect the 3rd party router to the AT&T router, using one of the available Ethernet ports. Log into the 3rd party router, and verify the DHCP settings that the 3rd party router is providing. For the purposes of this example, I set the DHCP table to use 100.10.1.x, so the Gateway IP is 100.10.1.1, and the Subnet is 255.255.255.0. I believe it will work if you accept the default settings that your router generates, but I opted to create my own.

Manually reset the AT&T GBW210-700 by pressing the reset button on the back of the device, to clear any prior settings you have made on the device. Once it boots up normally, log into the GBW210-700 on IP address 192.168.1.254.

1. Go to Firewall=>Packet Filter.

a. Press “Disable Packet Filters.”

2. Go to Firewall=>IP Passthrough

a. Set Allocation Mode to “Passthrough.”

b. Set Passthrough mode to “DHCPS-fixed.”

c. On Passthrough Fixed MAC address, select the IP address/MAC address of the 3rd party router, so that it populates the Manual Entry field. Also make note of the IP address your secondary router is using.

d. Do not make any changes to Passthrough DHCP lease.

e. Save Changes.

3. Go to Firewall=>Firewall Advanced.

a. Change all settings to “no,” then save changes.

4. Go to Home Network=>Subnets & DHCP.

a. Set Cascaded Router Enable to “On.”

b. For Cascaded Router Address, type in the IP address the AT&T router assigned to your secondary router.

c. For Network Address, type in the Gateway address of your secondary router, but use a “0” instead of a “1” for the final octet. So for this example, I typed in 100.10.1.0.

d. For Subnet Mask, type in the Subnet Mask of the secondary router (in this example, 255.255.255.0).

e. Save the Changes.

5. Go to Device=>Restart Device.

a. Restart the GBW210-700.

6. When you can access the 3rd party router again, restart it.

Some notes:

1. I can’t say with certainly that Disabling Packet Filtering and turning off the Firewall Advanced Rules are mandatory, but doing so disables the NAT Default Server on the GBW210, and that was helpful for my purposes.

2. It took a bit, but when I checked the status of my router, it showed that I was getting the AT&T public IP address, instead of a locally assigned IP from the GBW210-700.

a. Not only does my router show the AT&T public IP address, when I checked my Xbox Live Network status, it reported NAT Status as “open.” Up until I made these changes, it reported the NAT status as “Strict,” and indicated that a “Double NAT” was detected.

2. I did not set an IP Address Allocation for the 3rd party router. This seems counter-intuitive to me, but based on my previous efforts, I think that setting was actually getting in the way of making this work. Configuring the IP Passthrough options accomplishes the same thing.

3. I also disabled the wireless radios on the GBW210-700, via the Home Network=>Wi-Fi=>Advanced Options. If you disable the Packet Filtering and Firewall settings, this becomes mandatory, since you don’t want any of your home network devices using them unprotected.

Thanks to everybody else who commented on this thread. The information provided was very helpful in finding the right combination of settings to use for me!