U-verse for BUSINESS? : 2Wire 3600HGV bridge mode? or another AT&T supported VDSL modem?

Teacher

U-verse for BUSINESS? : 2Wire 3600HGV bridge mode? or another AT&T supported VDSL modem?

[ Edited ]

I am having trouble properly configuring this AT&T 2Wire 3600HGV modem for my network. Maybe someone is aware of a different firmware for this product?

 

I am completely aware of how to setup the DMZ mode & router behind router setup in these boxes but that is NOT the point. (We have supported firewalled networked equipment working that has all the bells & whistles including QoS)

 

In the event of a factory reset of the AT&T 2Wire VDSL modem at this business, I want to properly insure the following business requirements are met:

- DHCP - OFF (at min, it appears you must leave one available?)

- WiFi - OFF (Yes this can be turned off, but bridging it always insured it was turned off in the past. ON is a security concern among just bad business i.e. conflict with other business WiFi, employees might see/use this non-content filtered WiFi, etc etc)

- & passing off internet service needs to be easy to another networked supported OUTSIDE of AT&T firewall. (I'm NOT asking for AT&T support on this, but in the bridge DSL world, this was EASY)

- if bridging this 2Wire is NOT an option, backing up the configuration settings would be a nice alternative but that is not available as well?

 

Bridging the old DSL modems always worked nicely but the 2Wire 3XXXHGV line appears to be the ONLY ones to support the AT&T VDSL Max Turbo speeds. 24Mbps down / 3 Mbps up which we use not only for normal business operations (credit cards, business email, web based training, etc) but this high speed is required to view onsite security video (3Mbps up) and offer customers FAST free WiFi!

 

AT&T U-Verse offers the right price, contract, speed, internet package & installers to properly handle our resturant locations company's data needs but I'm struggling with the their "business" support of this 2Wire VDSL modem product. We ONLY use the internet, no TV (not legally available for restaurants, yet). No Voip because POTS is our reliable backup. So it's just the internet service ...

 

For coverage on AT&T Uverse, we have over 50 locations lit up like a Christmas tree but sadly business support on this product is driving me nutz! Maybe because I now see this is listed under "Residential Gateway"? Is this AT&T 2Wire VDSL modem product not meant for business? Is anyone aware of another supported AT&T VDSL modem or a different 2Wire firmware available? Official AT&T support has me running in circles (AT&T U-verse support > AT&T Connecttech > AT&T Connecttech360 > AT&T U-verse support, rinse, repeat)  

 

help?

Message 1 of 636 (565,609 Views)

Re: U-verse for BUSINESS? : 2Wire 3600HGV bridge mode? or another AT&T supported VDSL modem?

Yes, I am part of the latter. I would like to have 802.11n functionality, but would still like to have the RG do all the things a normal router would do (DHCP, etc).

Thanks for your quick and thorough reply! I think I have all the information I need now.
Message 286 of 636 (4,284 Views)

Re: U-verse for BUSINESS? : 2Wire 3600HGV bridge mode? or another AT&T supported VDSL modem?

Jeez 10 pages and not another person needing to do VPN... I have the vpn router setup in dmz plus with the external ip, no problem getting the internet to work. I have the 3600hgv setup as 172.16.0.1, and the vpn router as 192.168.0.254 , and a windows server doing DHCP for all the computers. (the 2wire has dhcp on obviously to give the router the static external ip).

 

I can create vpn tunnels, and they establish the tunnel / so are succesfully agreeing on the key / encryption. But i am not able to ping the other computers on either side, from either side, so essentially no data goes over the VPN once established. I have all the advanced firewall rules off on the 2wire device, so the only thing left that im thinking maybe you did different is the part about overloading NAT on your vpn device, but i dont know what that means and im using a netgear fvs318n and dont know any option similar.

 

Any ideas?

Message 287 of 636 (4,508 Views)
Expert

Re: U-verse for BUSINESS? : 2Wire 3600HGV bridge mode? or another AT&T supported VDSL modem?

What type of VPN? What device is the VPN server and how is it connected to this network? Is this an inbound or outbound tunnel? Do you have proper IP routing on your VPN device?
Message 288 of 636 (4,498 Views)
Mentor

Re: U-verse for BUSINESS? : 2Wire 3801

ComputerJoe and SomeJoe-

Follow up with the answer. I haven't had time to devote to this due to work related projects. In gathering the data you requested, I was reviewing the settings on my NAS. What I found buried in the server settings was the problem and thus the solution. It turns out the devices that were the problem that were those that had static ip addresses. In reviewing their network settings, all of them  had the dns and gateway assigned to Comcast.net, not gateway.2wire.net. Once I changed that in the settings on my nas and ip camera - everything returned to the way it was before I switched to Uverse. Nice!  I was able to find the correct settings from my iMac, which gets its ip via dhcp from my router.   I feel like an i,d,i,o,t.  So...the instructions to get it in to bridge mode worked perfectly for me. The only thing to add, would be to remind people who follow your instructions to make sure all the network settings for all networked devices change accordingly. 

 

Thanks again for your patience and sage advice. 

 

Here is one additional question. My linksys router for some reason today lost its Internet connection.  I was able to do a quick check to verify it had an ip address from the 2Wire. I unplugged and reset the 2wire and all worked well following thisreboot. Any ideas?  Should I expect this to happen every month?  I believe my external ip has not changed. 

 

Thanks. 

Message 289 of 636 (4,450 Views)
Expert

Re: U-verse for BUSINESS? : 2Wire 3801

Glad everything's working.

Today's oddity may have just been that the RG needed a reboot due to everything on the network getting recent configuration changes. If it happens again, start a new thread and we'll troubleshoot.
Message 290 of 636 (4,437 Views)

Re: U-verse for BUSINESS? : 2Wire 3600HGV bridge mode? or another AT&T supported VDSL modem?


SomeJoe7777 wrote:
What type of VPN? What device is the VPN server and how is it connected to this network? Is this an inbound or outbound tunnel? Do you have proper IP routing on your VPN device?


Hey SJ, don't you have a VPN thread going already?

If not, it looks like we have another project for you, just in case your plate is not full enough yet.Smiley Wink

 

 




__________________________________________________________
How can you be in two places at once, when your not anywhere at all?
------------------------------------------------------------------------------------------------------
I really want to become a procrastinator, but I keep putting it off.
------------------------------------------------------------------------------------------------------
There are three kinds of people, those that can count, and those that can't.
------------------------------------------------------------------------------------
“Our great democracies still tend to think that a stupid man is more likely to be honest than a clever man, and our politicians take advantage of this prejudice by pretending to be even more stupid than nature has made them." :Bertrand Russell

                              

Message 291 of 636 (4,379 Views)
Expert

Re: U-verse for BUSINESS? : 2Wire 3600HGV bridge mode? or another AT&T supported VDSL modem?

No VPN-specific thread that I know of.

Most types of outbound VPN should work on all 2Wire routers with no issues. Inbound VPN on 2Wire routers may work if configured properly, but I've seen many people say it requires your own DMZ router or static IPs.

Outbound VPN on the Motorola NVG510 works only with the very latest firmware. I don't think inbound VPN works at all without static IPs.
Message 292 of 636 (4,378 Views)
Mentor

Re: U-verse for BUSINESS? : 2Wire 3801

Ugh!  New thread started!

Message 293 of 636 (4,370 Views)

Re: U-verse for BUSINESS? : 2Wire 3600HGV bridge mode? or another AT&T supported VDSL modem?

Forgot to check back for reply, and have been to busy to even work on this problem some more.

 

Im using a netgear fvs318n(newer model) behing the 2 wire router, and it is in dmz plus mode with the static IP going to the netgear (it properly receives it),

 

On the other end i have tried netopia 3347 dsl modems, and a netgear fvs318(and old model). Both "connect" and agree on a key with the fvs318n(newer model), but Im not able to ping devices on either end from either side.

Message 294 of 636 (4,329 Views)

Re: U-verse for BUSINESS? : 2Wire 3600HGV bridge mode? or another AT&T supported VDSL modem?

In regards to your other questions that i forgot to answer, it is a ipsec vpn tunnel, i dont think those are really "directional" but you can set whether 1 device initiates the tunnel, but i believe both devices are in both mode where either tries to initiate the connection based on who realizes its down first.

 

Im not sure if my "ip routing" is correct, i think the whole problem might be due to some ip routing options to overcome the NAT (2wire) inbetween. But basically the fvs318n is 192.168.0.254, and all the computers at that site are int he .0. subnet and receiver their ip's from the windows server dhcp server. (although as a side note occasioanlly the 2wire will still somehow assign dhcp's throught the netgears wan port, if the windows server dhcp server is offline, i dont get how a dhcp could be passed through the wan port...) but before testing the tunnel i of course make sure im on the .0. subnet.

 

The other end is much simpler with either the netopia or the netgear fvs318(older model) acting as the DHCP and being 192.168.6.1, and assigning addresses in the .6. subnet.

 

I make sure when setting up the vpn tunnel to allow .0. subnet for the 1 location and .6. for the other (in each routers vpn settings) but if any additional ip configuration / settings are required then i probably have not done them (such as i have no static routes, or ports open on either router on either end) i also have no signed certificate on the fvs318n (doubt that matters for ipsec) and

Message 295 of 636 (4,330 Views)
Expert

Re: U-verse for BUSINESS? : 2Wire 3600HGV bridge mode? or another AT&T supported VDSL modem?

OK, so it sounds like your tunnel is actually coming up, you just aren't able to route traffic over it.

This is probably not an issue with U-Verse or the 2Wire. Check your routes carefully on each of the routers on each end, they have to have a route to the other network over the tunnel. If they're not running a routing protocol with each other, then these routes need to be entered statically.
Message 296 of 636 (4,319 Views)

Re: U-verse for BUSINESS? : 2Wire 3600HGV bridge mode? or another AT&T supported VDSL modem?

[ Edited ]

Turns out having the negear fvs318n router foward all the inbound ports/traffic to my sip phone server was interfering with vpn tunnels (or with pings / rdp connections i guess). (was only forwarding all the ports temporarily till i had time to tune it just to the right ports.).

 

The good news is that i can further confirm that when in dmz plus mode the 3600hgv does a decent job of allowing IP phone traffic, as well as VPN traffic through, which is good enough for most small businesses.

 

Only big downsides are it being necessary for it to be in DHCP mode (although i feel its more a peculiarty of the netgear that allows devices behind it to ocasionaly get DHCP from the 2wire gateway). And it also appears to have dificulty negotiating 10mbs full duplex with older devices (but i cant see many people running into that problem, and gave me a good excuse to buy the newer model fvs318n to replace my fvs318(older model). 

Message 297 of 636 (4,282 Views)

Re: U-verse for BUSINESS? : 2Wire 3600HGV bridge mode? or another AT&T supported VDSL modem?

Hi SomeJoe7777.

 

Spent a lot of time reading this thread but could not find what I was looking for exactly.  It seems to be a combination of 13 and 2 and something else perhaps.  Let's see.

 

So, I have a Linksys behind my 2wire.  I want the linksys for 2 reasons.  1) my desktop (upstairs) has no wireless interface and so I connect via ethernet to the linksys  2) I want to use the access control features of the linksys which the 2wire does not have for my children.

 

I also have two other laptops in the house that need to 1)connect to 2wire (both laptops and the 2wire are downstairs)  2) connect to the desktop upstairs.

 

So, if I configure the linksys so that it is just another static ip and a wireless access point on the same subnet (192.168.1...) by connecting LAN port to LAN port, then everyone gets internet, all computers can see each other, BUT the access controls do not work.  My children can get to the internet via a wireless connection to the linksys regardless of any controls that are in force.  I don't understand why the access controls don't seem to be working.  Is it because they only work if the linksys is acting as a router, and in this configuration it is only acting as a wireless access point / switch?

 

If I make it a dhcp server to issue ips to my children's laptops on 192.168.2..., the access controls work but now I cannot get to my desktop.

 

Thanks, James

Message 298 of 636 (3,454 Views)
ACE - Expert

Re: U-verse for BUSINESS? : 2Wire 3600HGV bridge mode? or another AT&T supported VDSL modem?


jamesvdale wrote:

...

 

So, if I configure the linksys so that it is just another static ip and a wireless access point on the same subnet (192.168.1...) by connecting LAN port to LAN port, then everyone gets internet, all computers can see each other, BUT the access controls do not work.  My children can get to the internet via a wireless connection to the linksys regardless of any controls that are in force.  I don't understand why the access controls don't seem to be working.  Is it because they only work if the linksys is acting as a router, and in this configuration it is only acting as a wireless access point / switch? 

...


Exactly.  Doing IP filtering is a layer 3 activity, opening and looking at the IP routing information in the packet and deciding whether to allow it or not.  Switching operates at layer 2, the MAC/Hardware layer.  The data has to be routed out the WAN port for firewall/access filtering to work.  In the AP/Switch configuration, hardware layer switching is occuring between the ports and the wireless interface.

 


jamesvdale wrote:

...

 

If I make it a dhcp server to issue ips to my children's laptops on 192.168.2..., the access controls work but now I cannot get to my desktop. 

...


Do you have the Linksys connected via the LAN port still?  You might could make this work by changing the SUBNET mask from 255.255.255.0 to 255.255.251.0  on all your devices that are interested in talking this way.  This allows them to talk directly on the same LAN without routing.  You can probably set up the Linksys to give out this netmask.  I don't think you're going to get the 2WIRE to, so you'd have to switch your PC to a static IP address with this mask set up.

 

*The views and opinions expressed on this forum are purely my own. Any product claim, statistic, quote, or other representation about a product or service should be verified with the manufacturer, provider, or party.
Message 299 of 636 (3,431 Views)
Teacher

Re: U-verse for BUSINESS? : 2Wire 3600HGV bridge mode? or another AT&T supported VDSL modem?

I have my belkin router setup behind the ATT router and all is working but when streaming video from the internet, my slingbox or playing xbox live the signal stutters every so often and even times out sometimes losing connection.  On xbox live i get dropped from games and can never finish a game on Madden.  Hooked up to the ATT router this does not happen any ideas what going on?

Message 300 of 636 (3,423 Views)