• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 645
  • Last Modified:

Taiming ATT U-verse Business Internet Router - Need help getting it to behave like a real firewall/router

I have a client with ATT U-verse business service and I am trying to get it to behave like a traditional internet firewall.

My goal is:
1 - Use the public static IP addresses this customer is paying for
2 - Open specific ports to a server on the LAN
3 - Configure DHCP to specify OpenDNS to provide filtering for this location

I have spent quite a lot of time with ATT support, which has been a large expense of time, with very little to show in results.

ATT has told me is that the public IP addresses that are allocated to this account cannot be used in a conventional fashion - that is to assign one of the public IP addresses to the WAN interface.
 When the U-verse router is configured to use one of the available IP addresses, it continues to use the dynamically assigned address.

They tell me that the router has a "WAN IP Mapping" feature that they are not able to explain how it works or what it does – and that is how the static IP addresses are utilized.

I am not sure if I just don’t understand what ATT is doing with their U-verse router, or if it is really just a terrible and very limited piece of equipment, and poorly suited to SMB use.

Do I just need to concede that ATT just doesn't allow this, and try to find a way to work with what they do allow?

And I still don't see any way to setup DNS to use anything but ATT’s DNS servers.
I have found the EE article that explains how to put the U-verse router into something close to a bridge mode: ( titled: “U-verse Business Internet, Cisco Switches and Watchguard firewalls” ), and I have tried that.  But it still uses the public address dynamically assigned by ATT, and I still can’t see any way to assign any of the static IP addresses allocated.

(BTW, the U-verse router is a 2Wire 3800HGV-B )

If anyone has experience on how to tame this beast, it would be greatly appreciated.
Ken C.
0
Creas
Asked:
Creas
  • 2
1 Solution
 
lhcsdDirector of TechnologyCommented:
Not sure that this is truly a solution, but since you mentioned it in your post, yes I would run far away from uverse if you're looking for a conventional network connection. They do a lot of non standard things that make your life harder than necessary

http://www.soldierx.com/tutorials/2WIRE-Hell

0
 
CreasAuthor Commented:
Well... I finally got passed up stream to an ATT support agent who understood what I was trying to accomplish.  He did confirm that the 2Wire router is really meant more for residential users, and might not be the best solution for my customer's business needs.
He also confirmed that the 2Wire router does not have a true bridge mode, but he took me through several attempts to get it to be as transparent as possible and it did allow me to assign my FW with one of the public IP addresses.
Seems to be working and has not been a problem for the past week.
KC
0
 
CreasAuthor Commented:
.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now