Treo600user's profile

Teacher

 • 

3 Messages

Wednesday, March 16th, 2011 3:18 PM

U-verse for BUSINESS? : 2Wire 3600HGV bridge mode? or another AT&T supported VDSL modem?

I am having trouble properly configuring this AT&T 2Wire 3600HGV modem for my network. Maybe someone is aware of a different firmware for this product?

 

I am completely aware of how to setup the DMZ mode & router behind router setup in these boxes but that is NOT the point. (We have supported firewalled networked equipment working that has all the bells & whistles including QoS)

 

In the event of a factory reset of the AT&T 2Wire VDSL modem at this business, I want to properly insure the following business requirements are met:

- DHCP - OFF (at min, it appears you must leave one available?)

- WiFi - OFF (Yes this can be turned off, but bridging it always insured it was turned off in the past. ON is a security concern among just bad business i.e. conflict with other business WiFi, employees might see/use this non-content filtered WiFi, etc etc)

- & passing off internet service needs to be easy to another networked supported OUTSIDE of AT&T firewall. (I'm NOT asking for AT&T support on this, but in the bridge DSL world, this was EASY)

- if bridging this 2Wire is NOT an option, backing up the configuration settings would be a nice alternative but that is not available as well?

 

Bridging the old DSL modems always worked nicely but the 2Wire 3XXXHGV line appears to be the ONLY ones to support the AT&T VDSL Max Turbo speeds. 24Mbps down / 3 Mbps up which we use not only for normal business operations (credit cards, business email, web based training, etc) but this high speed is required to view onsite security video (3Mbps up) and offer customers FAST free WiFi!

 

AT&T U-Verse offers the right price, contract, speed, internet package & installers to properly handle our resturant locations company's data needs but I'm struggling with the their "business" support of this 2Wire VDSL modem product. We ONLY use the internet, no TV (not legally available for restaurants, yet). No Voip because POTS is our reliable backup. So it's just the internet service ...

 

For coverage on AT&T Uverse, we have over 50 locations lit up like a Christmas tree but sadly business support on this product is driving me nutz! Maybe because I now see this is listed under "Residential Gateway"? Is this AT&T 2Wire VDSL modem product not meant for business? Is anyone aware of another supported AT&T VDSL modem or a different 2Wire firmware available? Official AT&T support has me running in circles (AT&T U-verse support > AT&T Connecttech > AT&T Connecttech360 > AT&T U-verse support, rinse, repeat)  

 

help?

Expert

 • 

9.4K Messages

11 years ago

StrsNStrps,

If you really want two different routers running in routing mode so that the two systems are as completely separate as they can possibly be, then there are only a few ways to do it:

1. Static IPs. You would get Internet service, add on the $15/month static IP package which gives you 5 usable static IP addresses, and use 2 of them -- one for your router and one for his. Both routers have control of their inbound traffic and firewall.

2. Double-NAT. Each router can operate in routing mode with 192.168.1.x addresses on the WAN port, and a different private subnet of your choice on the LAN port. Neither router has control of their inbound traffic, requiring firewall configuration on the 2Wire for inbound ports.

3. One router using double-NAT, one using DMZ. This would allow one of the routers to have control of it's inbound traffic and firewall (the DMZ one), but not the other.

Tutor

 • 

9 Messages

11 years ago

Thanks for your reply SomeJoe7777.

 

I really can't afford option 1, so it looks like it's between options 2 and 3. What's the downside/upside to using DMZ and double NAT. The routers we use have firewalls built in so threats coming in from the internet should not be a problem correct? Also, I am only using port forwarding in one instance on my router. Not trying to do anything fancy, just trying to get internet for the most part. 

 

I guess I could put my router in the the DMZ and have my renter double-NAT his. Would each of our routers have to be on different subnets? For example, the RG would be 192.168.1.154, my router would be 192.168.2.1 and my renter's router would be 192.168.3.1. Does that look right? Also, I normally have all my computers on my router set up with static IP addresses so DHCP is turned off on my router. Any conflict there? Sorry for all the questions. Just want to make sure it will work. They offered me a 18/1 package so I'm not sure which router I will get. 

Expert

 • 

9.4K Messages

11 years ago

No there's no problem with the firewalls, I'm just thinking that if your renter wants to configure his own router for any type of inbound traffic, he has to be able to do it without logging into the 2Wire, since you aren't going to give him the password to that.

So for that, I'd use option 3. Set his router up as the DMZ device, that way if he wants to configure inbound ports, he can do it on his router alone.

Set yours up for double-NAT, and then if you need an inbound port, you'll have to configure it in two places -- one on the 2Wire, and one on your own router also.

Yes, it's best if your LAN and his LAN are on two different subnets so there's no confusion, and those subnets should also be different from the one the 2Wire is using.

No problem with no DHCP on your own router if you want to assign everything statically.

One thing you do need to make sure of is that the two networks (yours and the renter's) are physically separated. That means different Ethernet wiring for the downstream computers off of each router. If you share Ethernet wiring, then it's trivial to statically assign an IP address in the other subnet and have access to the other party's computers. Same thing with wireless -- he needs to set his up with his own SSID, encryption, and password that he doesn't give you, and vice versa. You will also need to turn off wireless on the 2Wire gateway.

This setup is rather complex, but it should work fine on any of the 2Wire gateways. If you get a Motorola NVG510, however, then I can't help you.

Tutor

 • 

9 Messages

11 years ago

Thanks SomeJoe7777. Yes, everything will be wired separately. The RG will be kept in my room and my router WAN will be connected to one of its LAN ports. Then my renter will have a Cat5e connection from his room to my room to the RG. This will be connected from his WAN to the RG LAN just like mine. The confusion I have is in my router's settings. I currently have PPPOE setting. Should this be set to "obtain an IP automatically"?  This wont affect my routers device IP address of 192.168.1.1 (standard for most routers). Because if it did, it would defeat the idea of setting different subnets for all three routers. Maybe I am confused on how this works. 

Expert

 • 

9.4K Messages

11 years ago

Yes, you should set your router to "obtain an IP automatically". This causes your router to use DHCP on the WAN side to obtain an IP address, which is what you want.

However, you will need to go into your router and change the LAN subnet. Since the WAN side will use the RG's subnet of 192.168.1.x, your LAN side needs to use something else, like 192.168.2.x.

Tutor

 • 

9 Messages

11 years ago

So on my side with the double-NAT, is there anything else I should change? Will simply connecting my WAN to one of the RG's LAN ports get me internet?

Expert

 • 

9.4K Messages

11 years ago

Yes, it should, once you change your LAN IP addressing to not conflict with the RGs, and change your router's WAN IP acquisition method to "obtain an IP address automatically".

Tutor

 • 

9 Messages

11 years ago

Awesome. Thanks so much for your help SomeJoe7777. I will try this out once I get service. 

Tutor

 • 

9 Messages

11 years ago

SomeJoe7777, 

 

I just received news that I will be getting the 2wire 3801 RG. There should not be any problems setting this up as we discussed using this particular router, correct?

Expert

 • 

9.4K Messages

11 years ago

No, no issue. All the 2Wire 3xxx gateways have the same firmware, so they're all configured identically.
Not finding what you're looking for?
New to AT&T Community?
New to the AT&T Community? Start by visiting the Community How-To.
New to the AT&T Community?
Visit the Community How-To.