Motivation & Background

When I moved into my new home AT&T UVerse was my only real option for internet access. I called them up & had the service installed & activated. The installation consisted of a special, proprietary, AT&T VDSL modem, a DC Power Supply, & a special, AT&T 2Wire Router model i38HG.

To my initial dismay, I found that the VDSL modem could not function without the AT&T 2Wire Router. This was a problem for me as the 2Wire Router is limited in functionality and I was used to administering my home network using a Linksys WRT54G with DD-WRT firmware installed. I used this firmware load to allow me to assign static IPs, MAC Address Filtering, and reasonably complex Port Forwarding.

I did a little bit of Googling & some experimenting and ended up with a solution I was happy with. Essentially I disabled the wireless radio on the 2Wire i38HG, plugged my Linksys WRT54G into the i38HG and had the i38HG pass all traffic through to the WRT54G. I have the local address of the i38HG as 192.168.0.1 and it can assign 192.168.0.2 through 192.168.0.5 on its wired ports. The WRT54G has a local address of 192.168.1.1 and assigns all wired & wireless IP addresses from the 192.168.1.XXX block.

Since then I've also gotten standard DSL service from AT&T which uses the typical phone line connection and, this time, a Pace 5268AC Gateway. Luckily the web interface on the 5268AC is virtually identical to that of the i38HG. I have also upgraded my router from the WRT54G to a TP-Link TL-WDR3600 with DD-WRT firmware. Not surprisingly the DD-WRT interface is the same on both units.

I've also had an opportunity to configure this type of system at my parents' house with an AT&T Arris BGW210-700 and TP-Link AC1750 Archer C7 v2. The web interface on the BGW210-700 is different than the other two and so the steps change a bit.

The trick to getting everything to work is ensuring that the settings are correct on both the i38HG/5268AC/BGW210-700 & WRT54G/TL-WDR3600/AC1750 (running DD-WRT). Below is a explanation of the steps to go through to set your network up like mine. I'm assuming you've already got DD-WRT installed and working on your Router. If not, visit the DD-WRT website for help.

The IP address of your i38HG Router (or 5268AC Gateway or BGW210-700) is printed on the side, or bottom, of the unit. The default password for the i38HG is a long string of numbers printed on the side of the DC Power Supply / Battery Backup (I recommend you change this password). The 5268AC and the BGW210-700 use a "Device Access Code" instead which is printed on the bottom or side of the unit.

DD-WRT Setup

1. Using a wired connection, log into your DD-WRT router
2. Navigate to Setup -> Basic Setup -> WAN Setup -> WAN Connection Type -> Connection Type & select Automatic Configuration - DHCP
3. Navigate to Setup -> Basic Setup -> Router IP and enter in the values below
   1. Local IP Address: "192.168.1.1"
   2. Subnet Mask: "255.255.255.0"
   3. Gateway: "0.0.0.0"
   4. Local DNS: "0.0.0.0"
4. Navigate to Setup -> Basic Setup -> Network Address Server Settings (DHCP) and enter in the values below
   1. DHCP Type: "DHCP Server"
   2. DHCP Server: "Enable"
   3. Start IP Address 192.168.1.: "100"
5. Hit Apply Settings
6. Hit Save
   

i38HG / 5268AC Setup

1. Using a wired connection, log into your AT&T Router (the IP address is printed on the side, or bottom, of the unit. The i38HG password is printed on the side of the DC Power Supply / Battery Backup. The Device Access code for the 5268AC is printed on the bottom of the unit)
2. Navigate to Settings -> LAN -> Wireless (or Wi-Fi) -> Wireless Access Point & select Disabled for both the 2.4GHz and 5GHz (if you have it) Wireless Networks. Then hit Save
   
3. Navigate to Settings -> LAN -> DHCP & select the Configure manually radio button and enter the values below. Then hit Save
   1. Router Address: "192.168.0.1" (this is the address of your AT&T 2Wire i38HG)
   2. Subnet Mask: "255.255.255.0"
   3. First DHCP Address: "192.168.0.2" (this and the settings below select the range of assignable IP address. You only need 4 since the box only has 4 wired ports)
   4. Last DHCP Address: "192.168.0.5"
      
4. Navigate to Settings -> LAN -> IP Address Allocation, find your router (identified by its MAC Address) and enter in the values below. Then his Save
   1. Firewall: "Disabled"
   2. Address Assignment: "Public (select WAN IP Mapping)"
   3. WAN IP Mapping: "Router WAN IP address (default)"
      
5. Navigate to Settings -> Firewall -> Applications, Pinholes and DMZ, select your Router (identified by its MAC Address) and select the Allow all applications (DMZplus mode) radio button. Then hit Save
6. Navigate to Settings -> Firewall -> Advanced Configuration and enter the values below. Then hit Save
   1. Enhanced Security
      1. Stealth Mode: unchecked
      2. Block Ping: unchecked
      3. Strict UDP Session Control: unchecked
   2. Outbound Protocol Control
      1. HTTP: CHECKED
      2. HTTPS: CHECKED
      3. FTP: CHECKED
      4. Telnet: CHECKED
      5. SMTP: CHECKED
      6. DNS: CHECKED
      7. NetBIOS: unchecked
      8. POP3: CHECKED
      9. IMAP: CHECKED
      10. NNTP: CHECKED
      11. IRC: CHECKED
      12. H323: CHECKED
      13. All Other Protocols: CHECKED
   3. Inbound Protocol Control
      1. NetBIOS: unchecked
   4. Attack Detection (disabling these passes everything to your WRT54G which should be configured to deal with these types of problems)
      1. Excessive Session Detection: unchecked
      2. TCP/UDP Port Scan: unchecked
      3. Invalid Source/Destination IP address: unchecked
      4. Packet Flodd (SYN/UDP/ICMP/Other): unchecked
      5. Invalid TCP Flag Attacks (NULL/XMAS/Other): unchecked
      6. Invalid ICMP Detection: unchecked
      7. Miscellaneous: unchecked
         
7. Navigate to Settings -> Firewall -> Status and you should have your Router listed (identified by its MAC Address) with the following information displayed
   1. Allowed Applications: "All"
   2. Application Type: "-"
   3. Protocol: "(all)"
   4. Port Number(s): "(all)"
   5. Public IP: "<your IP address>"
      

BGW210-700 Setup

1. Navigate to Home Network / Wi-Fi
   1. Under Home SSID / Home SSID Enable select Off
   2. Under Guest SSID / Guest SSID Enable select Off
   3. Click Save
      
2. Navigate to Home Network / IP Allocation and make sure that nothing in the Allocation column says Fixed Allocation. If a row does say Fixed Allocation then click the Allocate button and select Address from DHCP pool in the drop down and hit Save
   
3. Navigate to Home Network / Subnets & DHCP
   1. Under Private LAN Subnet set the following and then hit Save:
      • Device IPv4 Address: 192.168.0.1
      • Subnet Mask: 255.255.255.0
   2. Under DHCP Server set the following and then hit Save:
      • DHCP Server Enable: On
      • DHCPv4 Start Address: 192.168.0.2
      • DHCPv4 Stop Address: 192.168.0.5
        
4. At this point you will probably need to disconnect/reconnect the wired network from your computer since the address space of the BGW210-700 likely changed from 192.168.1.XXX to 192.168.0.XXX.
5. Navigate to Home Network / IP Allocation, find your DD-WRT router (based on its MAC address), click Allocate and select Private fixed:192.168.0.X. I like .2 but you may want a different # if you computer is currently using that IP.
6. Now turn the BGW210-700 and DD-WRT router off and back on again to make sure the new IP settings to take.
7. Navigate to Firewall / IP Passthrough and set the following, then click Save:
   • Allocation Mode: Passthrough
   • Passthrough Mode: DHCP-fixed
   • Passthrough Fixed MAC Address: (select your DD-WRT's IP/MAC from the dropdown list or enter the MAC manually)
     
8. Once again, power cycle both the BGW210-700 and DD-WRT router.