ATT Gigapower with Static IP Gateway no longer passing public IP or WAN traffic to Sonicwall

We have an ATT Arris 5268AC gateway that had dynamic IP internet service and was passing traffic flawlessly to a Sonicwall TZ400.  Last night traffic stopped being passed.  When connected directly to the gateway with an independent client (desktop) we can get WAN access and see our public IP no issues.  ATT convinced us to buy a block of static IPs to fix the problem but no luck.  I need to 5267AC to pass all WAN traffic to the TZ400 as no user behind the firewall have any WAN access at the moment.  We are on our failover comcast circuit at the moment but need to resolve this.  The Sonciwall provides DHCP and inherits DNS from the WAN.
Rick BornsteinPresidentAsked:
Who is Participating?
 
masnrockCommented:
So it looks like AT&T puts everyone through adventures with their devices (this is a place where Verizon is far better, as you're not forced to use their router). However, I think I found a forum article on TechNet that actually shows a very nifty way to solving the issue at hand. You're going to have to do some tinkering in the Broadband and LAN tabs (things including adding a supplementary network: https://blogs.technet.microsoft.com/klince/2016/02/15/psasetting-static-ip-address-with-the-att-u-verse-gigapower-router-pace-5268ac/

Now that said, if AT&T is going to try to upsell you, they should've been able to tell you HOW to go about fixing the problem. Too bad they didn't escalate you to someone higher level.
0
 
Blue Street TechLast KnightCommented:
Hi Rick,

I bumped your priority up since this seems urgent - no users have access to the WAN!

ATT convinced us to buy a block of static IPs to fix the problem but no luck.  
They are just selling you stuff. Whether the IP is static or dynamic only benefit your company if it needs a fix IP address for specific things like VPNs, internally hosted services, etc. An IP address being static or dynamic has NO bearing on being able to connect to the Internet with a SonicWALL or any other firewall for that matter!

OK, so my guess is the ATT Arris 5268AC gateway, which essentially is a multi-device xDLS modem was reverted/defaulted its configuration due to some anomaly or the WAN IP Assignment was setup wrong so when the IP address changed (being that its dynamic) the WAN Interface went down.

Login to the modem or call your provider and have them walk you through the process of putting the modem into Bridge Mode or Transparent Mode. You should also uncheck/remove all security functionality (the integrated firewall options including SPI (Stateful Packet Inspection) & the local IP spoofing verification) of the device and NAT. Putting the device into Bridge Mode should solve this be every device is different and I have seen cases where that needs to be done manually.

Let me know how it goes!
0
 
Rick BornsteinPresidentAuthor Commented:
Hi BST,
thanks for the bump.  Here are the screen shots of the settings from the ATT Gateway.  Based on this, for DNS on the sonicwall we currently have to inheritGeneral ATT Firewall SettingsDMZplus Mode from ATT GatewayDHCP Settings from ATTLAN Allocation on ATT it , but its showing dns as 192.168.1.254.  The DHCP of the LAN is a classic 192.168.0.1 environment.  Should i manually change the DNS as well you think?  Routing is not my skill set so I may need some hand holding.

-Rick
0
 
Rick BornsteinPresidentAuthor Commented:
I also have a block of Static IPs I can use if needed on the same service, but it worked fine up unitl monday Thursday AM with a dynamic IP.
0
 
Blue Street TechLast KnightCommented:
Wow there is a lot here...wish I had remote access it would be easier! Thanks for all this info!

It appears as your unit cannot go into Bridge Mode aka Transparent Mode but I would double check with your ISP. The best we can do is set it up to DMZ+ mode and remove the inbedded firewall completely. After seeing the config, I suspect that the firewall may have been acting up and blocking traffic (the firewall is very poor quality in the ATT gateway) or the IP assignment is wrong in the SonicWALL. Regardless, you should remove the firewall in the ATT gateway it will only cause you more issues. So, if the first image is the Firewall tab of the ATT Geatway (please confirm) then uncheck everything under Enhanced Security section and Attack Detection. Please include more screenshots if there are any other pages within the Firewall tab.

Based on this, for DNS on the sonicwall we currently have to inherit it , but its showing dns as 192.168.1.254.
No, Public DNS is completely independent. You can set your SonicWALL to any DNS you want. I'd recommend setting it to something other than your ISP for faster results like OpenDNS (208.67.222.222; 208.67.220.220) or Google's Public DNS (8.8.8.8; 8.8.4.4).

I have some follow-up questions and questions from above that were never answered.
• What do you have the WAN IP Assignment set to for the ATT WAN, e.g. Static, DHCP, PPPoE, PPTP, L2TP?
• Do you have dual WANs and LB (Load Balancing)/Fail-over configured in the SonicWALL?
• I don't know where the top two screenshots are coming from can you let me know the path and I'm assuming they are from the ATT Gateway, correct?
• Can you take a screenshot of your System Info tab & Broadband tab?
• Also please take a screenshot of your LAN > Status & Wired Interfaces tab

Other recommendations:
  • Are you using the WAP within the ATT 5268AC? If not, disabled all Wi-Fi.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.