How to Setup a DD-WRT Router with AT&T U-verse

From steamWiki
Jump to: navigation, search

Motivation & Background

When I moved into my new home AT&T UVerse was my only real option for internet access. I called them up & had the service installed & activated. The installation consisted of a special, proprietary, AT&T VDSL modem, a DC Power Supply, & a special, AT&T 2Wire Router model i38HG.

To my initial dismay, I found that the VDSL modem could not function without the AT&T 2Wire Router. This was a problem for me as the 2Wire Router is limited in functionality and I was used to administering my home network using a Linksys WRT54G with DD-WRT firmware installed. I used this firmware load to allow me to assign static IPs, MAC Address Filtering, and reasonably complex Port Forwarding.

I did a little bit of Googling & some experimenting and ended up with a solution I was happy with. Essentially I disabled the wireless radio on the 2Wire i38HG, plugged my Linksys WRT54G into the i38HG and had the i38HG pass all traffic through to the WRT54G. I have the local address of the i38HG as and it can assign through on its wired ports. The WRT54G has a local address of and assigns all wired & wireless IP addresses from the 192.168.1.XXX block.

Since then I've also gotten standard DSL service from AT&T which uses the typical phone line connection and, this time, a Pace 5268AC Gateway. Luckily the web interface on the 5268AC is virtually identical to that of the i38HG. I have also upgraded my router from the WRT54G to a TP-Link TL-WDR3600 with DD-WRT firmware. Not surprisingly the DD-WRT interface is the same on both units.

The trick to getting everything to work is ensuring that the settings are correct on both the i38HG/5268AC & WRT54G/TL-WDR3600 (running DD-WRT). Below is a explanation of the steps to go through to set your network up like mine. I'm assuming you've already got DD-WRT installed and working on your Router. If not, visit the DD-WRT website for help.

The IP address of your i38HG Router (or 5268AC Gateway) is printed on the side, or bottom, of the unit. The default password for the i38HG is a long string of numbers printed on the side of the DC Power Supply / Battery Backup (I recommend you change this password). The 5268AC uses a "Device Access Code" instead which is printed on the bottom of the unit.

DD-WRT Setup

  1. Using a wired connection, log into your DD-WRT router
  2. Navigate to Setup -> Basic Setup -> WAN Setup -> WAN Connection Type -> Connection Type & select Automatic Configuration - DHCP
  3. Navigate to Setup -> Basic Setup -> Router IP and enter in the values below
    1. Local IP Address: ""
    2. Subnet Mask: ""
    3. Gateway: ""
    4. Local DNS: ""
  4. Navigate to Setup -> Basic Setup -> Network Address Server Settings (DHCP) and enter in the values below
    1. DHCP Type: "DHCP Server"
    2. DHCP Server: "Enable"
    3. Start IP Address 192.168.1.: "100"
  5. Hit Apply Settings
  6. Hit Save
    DDWRT-Setup-Basic Setup.png

i38HG / 5268AC Setup

  1. Using a wired connection, log into your AT&T Router (the IP address is printed on the side, or bottom, of the unit. The i38HG password is printed on the side of the DC Power Supply / Battery Backup. The Device Access code for the 5268AC is printed on the bottom of the unit)
  2. Navigate to Settings -> LAN -> Wireless (or Wi-Fi) -> Wireless Access Point & select Disabled for both the 2.4GHz and 5GHz (if you have it) Wireless Networks. Then hit Save
  3. Navigate to Settings -> LAN -> DHCP & select the Configure manually radio button and enter the values below. Then hit Save
    1. Router Address: "" (this is the address of your AT&T 2Wire i38HG)
    2. Subnet Mask: ""
    3. First DHCP Address: "" (this and the settings below select the range of assignable IP address. You only need 4 since the box only has 4 wired ports)
    4. Last DHCP Address: ""
  4. Navigate to Settings -> LAN -> IP Address Allocation, find your router (identified by its MAC Address) and enter in the values below. Then his Save
    1. Firewall: "Disabled"
    2. Address Assignment: "Public (select WAN IP Mapping)"
    3. WAN IP Mapping: "Router WAN IP address (default)"
  5. Navigate to Settings -> Firewall -> Applications, Pinholes and DMZ, select your Router (identified by its MAC Address) and select the Allow all applications (DMZplus mode) radio button. Then hit SaveSettings-Firewall-Apps.png
  6. Navigate to Settings -> Firewall -> Advanced Configuration and enter the values below. Then hit Save
    1. Enhanced Security
      1. Stealth Mode: unchecked
      2. Block Ping: unchecked
      3. Strict UDP Session Control: unchecked
    2. Outbound Protocol Control
      1. HTTP: CHECKED
      3. FTP: CHECKED
      4. Telnet: CHECKED
      5. SMTP: CHECKED
      6. DNS: CHECKED
      7. NetBIOS: unchecked
      8. POP3: CHECKED
      9. IMAP: CHECKED
      10. NNTP: CHECKED
      11. IRC: CHECKED
      12. H323: CHECKED
      13. All Other Protocols: CHECKED
    3. Inbound Protocol Control
      1. NetBIOS: unchecked
    4. Attack Detection (disabling these passes everything to your WRT54G which should be configured to deal with these types of problems)
      1. Excessive Session Detection: unchecked
      2. TCP/UDP Port Scan: unchecked
      3. Invalid Source/Destination IP address: unchecked
      4. Packet Flodd (SYN/UDP/ICMP/Other): unchecked
      5. Invalid TCP Flag Attacks (NULL/XMAS/Other): unchecked
      6. Invalid ICMP Detection: unchecked
      7. Miscellaneous: unchecked
  7. Navigate to Settings -> Firewall -> Status and you should have your Router listed (identified by its MAC Address) with the following information displayed
    1. Allowed Applications: "All"
    2. Application Type: "-"
    3. Protocol: "(all)"
    4. Port Number(s): "(all)"
    5. Public IP: "<your IP address>"