There's a mobile version of our website.
I had previously been using a Cisco 871 router as a Firewall/NAT/VPN router with ADSL internet service. The U-verse installation placed a 2wire residential gateway (RG) in between my 871 router and u-verse VDSL2. There is no bridge function like an ADSL bridge modem does. I have read online how one can configure dhcp on F4 on the router, see the host entry in the home network on the RG web admin page, and then change the RG firewall setting for that host to DMZplus mode. Supposedly this configures a pass-through situation where, via dhcp, the RG gives the public IP to the router and passes through all traffic through to that router. It is supoposed to let someone user their own router or firewall and bypass such on the RG. Unfortunately I cannot get it to work.
Indeed I can see a host entry for the 871 router on the home network page of the RG website. But no matter what I do I cannot get the RG to send the router a DHCP offer or lease. I debugged dhcp and see the router sending a request but nothing is seen from the RG in return. The RG works fine as a dhcp server for everything else on my network when I try it. The 871 router is the only device that will not pull an address via dhcp from the RG.
Any ideas why this is happening. I have connected to various internet service providers with this router and have never had an issue receicing and address on F4 via dhcp.
One interesting happening was that intitially when I started setting this up, I tried to browse to an internet web server and the RG intercepted it and returned a page stating that it detected a router-behind-a-router. It asked me whether to ignore this or to "fix it". First time I selected "fix" and from that moment on I could browse nothing I tried over HTTP except for opendns.com. other types of traffic worked but not http. All browsing attempts were responded to with a site FQDN indicating it was the RG device responding. For a while I could not get the router-behind-a-router web page to show up but finally did. This time I selected "ignore" and internet access has been fine since...but I cannot use the 871 router.
Anyone know the trick to using an 871router with a U-verse resiential gateway?
Did you ever get any answers I am using the same 3800HGV-B Residential Gateway with IPN 4320 box and want to hook up external camera security system and modulate through my televisions and I don't know how to even post this! Thanks.
No I have never received a usable answer. Someone in NANOG claimed that he was able to get AT&T to configure his RG in a bridge mode. I tried the same with AT&T support and they are clueless. They claim they cannot do this and that I have to use the DMZplus mode. Well since that doesn't work, AT&T has basically told me that they want me to use their device how they want me to use it and to shut up an go away. I can't use my own device. I am so close to switching back to Time Warner. At least they gave me a modem I could connect any device to and I could do my own routing/nat/firewall.
We'll I'll be a monkey's...
I tried using the 871 again this morning with the 2wire RG. This time my router DID pull an address via DHCP. I followed the instructions for configuring DMZplus. It worked...for about 2 minutes.
Interface F4 had received a lease that was the public IP info given to the RG device, as it was supposed to. At that point everything worked. Then after a few minutes, internet connectivity stopped. When I checked the IP address of my 871, it had a private IP address from the pool the RG is configured with. Not sure why that happened but I took the public info previously given to my router and entered it statically. It worked. Internet connectivity restored.
I can only guess that maybe U-verse performed a firmware update since the last time I tried and it fixed the DHCP issue. But the second issue I just experienced today was a problem with the DHCP lease with the public info, after configuring DMZplus, not being sticky. Using the public information first provided, and entering it statically, fixed it. Naturally, if my public IP changes, I will have to re-configure IP addressing on F4. Since my public IP address has not changed since I first started using U-verse, I don't anticipate having to do that often.
Now I have also found out that the 871 is not a terribly good performing router for 24 Mbps U-verse. I had lots of inspection lines, and some custom QoS, IPS, etc. I had to turn most of it off.
I now have only these inspection lines. IPS, QoS is turned off:
ip inspect name SDM_LOW tcp
ip inspect name SDM_LOW udp
ip inspect name SDM_LOW pptp
If I add just one more, to add HTTP or HTTPS inspection, etc., my speed via speedtest.net drops by about half.
I will have to keep the config simple, or get a faster router.
Login to share your discussion activity with your friends on Facebook. You can control what you share and turn off sharing anytime.
Your Facebook friends can now see that you have started this discussion
Your Facebook friends can now see that you have commented on this discussion
Your Facebook friends can now see that you have read this discussion