I have a client with ATT U-verse business service and I am trying to get it to behave like a traditional internet firewall.
My goal is:
1 - Use the public static IP addresses this customer is paying for
2 - Open specific ports to a server on the LAN
3 - Configure DHCP to specify OpenDNS to provide filtering for this location
I have spent quite a lot of time with ATT support, which has been a large expense of time, with very little to show in results.
ATT has told me is that the public IP addresses that are allocated to this account cannot be used in a conventional fashion - that is to assign one of the public IP addresses to the WAN interface.
When the U-verse router is configured to use one of the available IP addresses, it continues to use the dynamically assigned address.
They tell me that the router has a "WAN IP Mapping" feature that they are not able to explain how it works or what it does – and that is how the static IP addresses are utilized.
I am not sure if I just don’t understand what ATT is doing with their U-verse router, or if it is really just a terrible and very limited piece of equipment, and poorly suited to SMB use.
Do I just need to concede that ATT just doesn't allow this, and try to find a way to work with what they do allow?
And I still don't see any way to setup DNS to use anything but ATT’s DNS servers.
I have found the EE article that explains how to put the U-verse router into something close to a bridge mode: ( titled: “U-verse Business Internet, Cisco Switches and Watchguard firewalls” ), and I have tried that. But it still uses the public address dynamically assigned by ATT, and I still can’t see any way to assign any of the static IP addresses allocated.
(BTW, the U-verse router is a 2Wire 3800HGV-B )
If anyone has experience on how to tame this beast, it would be greatly appreciated.