Difference between revisions of "How to Setup a DD-WRT Router with AT&T U-verse"

From steamWiki
Jump to: navigation, search
(i38HG / 5268AC Setup)
 
(One intermediate revision by the same user not shown)
Line 16: Line 16:
 
=DD-WRT Setup=
 
=DD-WRT Setup=
 
#Using a wired connection, log into your DD-WRT router
 
#Using a wired connection, log into your DD-WRT router
#Navigate to Setup -> Basic Setup -> WAN Setup -> WAN Connection Type -> Connection Type & select "Automatic Configuration - DHCP"
+
#Navigate to '''Setup -> Basic Setup -> WAN Setup -> WAN Connection Type -> Connection Type''' & select '''Automatic Configuration - DHCP'''
#Navigate to Setup -> Basic Setup -> Router IP and enter in the values below
+
#Navigate to '''Setup -> Basic Setup -> Router IP''' and enter in the values below
##Local IP Address: "192.168.1.1"
+
##'''Local IP Address:''' "192.168.1.1"
##Subnet Mask: "255.255.255.0"
+
##'''Subnet Mask:''' "255.255.255.0"
##Gateway: "0.0.0.0"
+
##'''Gateway:''' "0.0.0.0"
##Local DNS: "0.0.0.0"
+
##'''Local DNS:''' "0.0.0.0"
#Navigate to Setup -> Basic Setup -> Network Address Server Settings (DHCP) and enter in the values below
+
#Navigate to '''Setup -> Basic Setup -> Network Address Server Settings (DHCP)''' and enter in the values below
##DHCP Type: "DHCP Server"
+
##'''DHCP Type:''' "DHCP Server"
##DHCP Server: "Enable"
+
##'''DHCP Server:''' "Enable"
##Start IP Address 192.168.1.: "100"
+
##'''Start IP Address 192.168.1.:''' "100"
#Hit Apply Settings
+
#Hit '''Apply Settings'''
#Hit Save<br />[[File:DDWRT-Setup-Basic_Setup.png]]
+
#Hit '''Save'''<br />[[File:DDWRT-Setup-Basic_Setup.png]]
 
<br />
 
<br />
 
<br />
 
<br />
 +
 
=i38HG / 5268AC Setup=
 
=i38HG / 5268AC Setup=
#Using a wired connection, log into your AT&T Router (the IP address is printed on the side, or bottom, of the unit.  The i38hG password is printed on the side of the DC Power Supply / Battery Backup.  The Device Access code for the 5268AC is printed on the bottom of the unit)
+
#Using a wired connection, log into your AT&T Router (the IP address is printed on the side, or bottom, of the unit.  The i38HG password is printed on the side of the DC Power Supply / Battery Backup.  The Device Access code for the 5268AC is printed on the bottom of the unit)
#Navigate to Settings -> LAN -> Wireless (or Wi-Fi) -> Wireless Access Point & select "Disabled" for both the 2.4GHz and 5GHz (if you have it) Wireless Networks.  Then hit "Save"<br />[[File:Settings-LAN-Wireless.png]]
+
#Navigate to '''Settings -> LAN -> Wireless ''(or Wi-Fi)'' -> Wireless Access Point''' & select '''Disabled''' for both the 2.4GHz and 5GHz (if you have it) Wireless Networks.  Then hit '''Save'''<br />[[File:Settings-LAN-Wireless.png]]
#Navigate to Settings -> LAN -> DHCP & select the "Configure manually" radio button and enter the values below.  Then hit "Save"
+
#Navigate to '''Settings -> LAN -> DHCP''' & select the '''Configure manually''' radio button and enter the values below.  Then hit '''Save'''
##Router Address: "192.168.0.1" (this is the address of your AT&T 2Wire i38HG)
+
##'''Router Address:''' "192.168.0.1" (this is the address of your AT&T 2Wire i38HG)
##Subnet Mask: "255.255.255.0"
+
##'''Subnet Mask:''' "255.255.255.0"
##First DHCP Address: "192.168.0.2" (this and the settings below select the range of assignable IP address.  You only need 4 since the box only has 4 wired ports)
+
##'''First DHCP Address:''' "192.168.0.2" (this and the settings below select the range of assignable IP address.  You only need 4 since the box only has 4 wired ports)
##Last DHCP Address: "192.168.0.5"<br />[[File:Settings-LAN-DHCP.png]]
+
##'''Last DHCP Address:''' "192.168.0.5"<br />[[File:Settings-LAN-DHCP.png]]
#Navigate to Settings -> LAN -> IP Address Allocation, find your router (identified by its MAC Address) and enter in the values below.  Then his "Save"
+
#Navigate to '''Settings -> LAN -> IP Address Allocation''', find your router (identified by its MAC Address) and enter in the values below.  Then his '''Save'''
##Firewall: "Disabled"
+
##'''Firewall:''' "Disabled"
##Address Assignment: "Public (select WAN IP Mapping)"
+
##'''Address Assignment:''' "Public (select WAN IP Mapping)"
##WAN IP Mapping: "Router WAN IP address (default)"<br />[[File:Settings-LAN-IP.png]]
+
##'''WAN IP Mapping:''' "Router WAN IP address (default)"<br />[[File:Settings-LAN-IP.png]]
#Navigate to Settings -> Firewall -> Applications, Pinholes and DMZ, select your Router (identified by its MAC Address) and select the "Allow all applications (DMZplus mode)... radio button.  Then hit "Save"[[File:Settings-Firewall-Apps.png]]
+
#Navigate to '''Settings -> Firewall -> Applications, Pinholes and DMZ''', select your Router (identified by its MAC Address) and select the '''Allow all applications (DMZplus mode)''' radio button.  Then hit '''Save'''[[File:Settings-Firewall-Apps.png]]
#Navigate to Settings -> Firewall -> Advanced Configuration and enter the values below.  Then hit "Save"
+
#Navigate to '''Settings -> Firewall -> Advanced Configuration''' and enter the values below.  Then hit '''Save'''
##Enhanced Security
+
##'''Enhanced Security'''
###Stealth Mode: unchecked
+
###'''Stealth Mode:''' unchecked
###Block Ping: unchecked
+
###'''Block Ping:''' unchecked
###Strict UDP Session Control: unchecked
+
###'''Strict UDP Session Control:''' unchecked
##Outbound Protocol Control
+
##'''Outbound Protocol Control'''
###HTTP: CHECKED
+
###'''HTTP:''' CHECKED
###HTTPS: CHECKED
+
###'''HTTPS:''' CHECKED
###FTP: CHECKED
+
###'''FTP:''' CHECKED
###Telnet: CHECKED
+
###'''Telnet:''' CHECKED
###SMTP: CHECKED
+
###'''SMTP:''' CHECKED
###DNS: CHECKED
+
###'''DNS:''' CHECKED
###NetBIOS: unchecked
+
###'''NetBIOS:''' unchecked
###POP3: CHECKED
+
###'''POP3:''' CHECKED
###IMAP: CHECKED
+
###'''IMAP:''' CHECKED
###NNTP: CHECKED
+
###'''NNTP:''' CHECKED
###IRC: CHECKED
+
###'''IRC:''' CHECKED
###H323: CHECKED
+
###'''H323:''' CHECKED
###All Other Protocols: CHECKED
+
###'''All Other Protocols:''' CHECKED
##Inbound Protocol Control
+
##'''Inbound Protocol Control'''
###NetBIOS: unchecked
+
###'''NetBIOS:''' unchecked
##Attack Detection (disabling these passes everything to your WRT54G which should be configured to deal with these types of problems)
+
##'''Attack Detection''' (disabling these passes everything to your WRT54G which should be configured to deal with these types of problems)
###Excessive Session Detection: unchecked
+
###'''Excessive Session Detection:''' unchecked
###TCP/UDP Port Scan: unchecked
+
###'''TCP/UDP Port Scan:''' unchecked
###Invalid Source/Destination IP address: unchecked
+
###'''Invalid Source/Destination IP address:''' unchecked
###Packet Flodd (SYN/UDP/ICMP/Other): unchecked
+
###'''Packet Flodd (SYN/UDP/ICMP/Other):''' unchecked
###Invalid TCP Flag Attacks (NULL/XMAS/Other): unchecked
+
###'''Invalid TCP Flag Attacks (NULL/XMAS/Other):''' unchecked
###Invalid ICMP Detection: unchecked
+
###'''Invalid ICMP Detection:''' unchecked
###Miscellaneous: unchecked<br />[[File:Settings-Firewall-Advanced.png]]
+
###'''Miscellaneous:''' unchecked<br />[[File:Settings-Firewall-Advanced.png]]
#Navigate to Settings -> Firewall -> Status and you should have your Router listed (identified by its MAC Address) with the following information displayed
+
#Navigate to '''Settings -> Firewall -> Status''' and you should have your Router listed (identified by its MAC Address) with the following information displayed
##Allowed Applications: "All"
+
##'''Allowed Applications:''' "All"
##Application Type: "-"
+
##'''Application Type:''' "-"
##Protocol: "(all)"
+
##'''Protocol:''' "(all)"
##Port Number(s): "(all)"
+
##'''Port Number(s):''' "(all)"
##Public IP: "[http://www.whatismyip.com/ <your IP address>]"<br />[[File:Settings-Firewall-Status.png]]
+
##'''Public IP:''' "[http://www.whatismyip.com/ <your IP address>]"<br />[[File:Settings-Firewall-Status.png]]
  
 
[[Category: Computer Hardware]]
 
[[Category: Computer Hardware]]

Latest revision as of 21:09, 11 July 2019

Motivation & Background

When I moved into my new home AT&T UVerse was my only real option for internet access. I called them up & had the service installed & activated. The installation consisted of a special, proprietary, AT&T VDSL modem, a DC Power Supply, & a special, AT&T 2Wire Router model i38HG.

To my initial dismay, I found that the VDSL modem could not function without the AT&T 2Wire Router. This was a problem for me as the 2Wire Router is limited in functionality and I was used to administering my home network using a Linksys WRT54G with DD-WRT firmware installed. I used this firmware load to allow me to assign static IPs, MAC Address Filtering, and reasonably complex Port Forwarding.

I did a little bit of Googling & some experimenting and ended up with a solution I was happy with. Essentially I disabled the wireless radio on the 2Wire i38HG, plugged my Linksys WRT54G into the i38HG and had the i38HG pass all traffic through to the WRT54G. I have the local address of the i38HG as 192.168.0.1 and it can assign 192.168.0.2 through 192.168.0.5 on its wired ports. The WRT54G has a local address of 192.168.1.1 and assigns all wired & wireless IP addresses from the 192.168.1.XXX block.

Since then I've also gotten standard DSL service from AT&T which uses the typical phone line connection and, this time, a Pace 5268AC Gateway. Luckily the web interface on the 5268AC is virtually identical to that of the i38HG. I have also upgraded my router from the WRT54G to a TP-Link TL-WDR3600 with DD-WRT firmware. Not surprisingly the DD-WRT interface is the same on both units.

The trick to getting everything to work is ensuring that the settings are correct on both the i38HG/5268AC & WRT54G/TL-WDR3600 (running DD-WRT). Below is a explanation of the steps to go through to set your network up like mine. I'm assuming you've already got DD-WRT installed and working on your Router. If not, visit the DD-WRT website for help.

The IP address of your i38HG Router (or 5268AC Gateway) is printed on the side, or bottom, of the unit. The default password for the i38HG is a long string of numbers printed on the side of the DC Power Supply / Battery Backup (I recommend you change this password). The 5268AC uses a "Device Access Code" instead which is printed on the bottom of the unit.

DD-WRT Setup

  1. Using a wired connection, log into your DD-WRT router
  2. Navigate to Setup -> Basic Setup -> WAN Setup -> WAN Connection Type -> Connection Type & select Automatic Configuration - DHCP
  3. Navigate to Setup -> Basic Setup -> Router IP and enter in the values below
    1. Local IP Address: "192.168.1.1"
    2. Subnet Mask: "255.255.255.0"
    3. Gateway: "0.0.0.0"
    4. Local DNS: "0.0.0.0"
  4. Navigate to Setup -> Basic Setup -> Network Address Server Settings (DHCP) and enter in the values below
    1. DHCP Type: "DHCP Server"
    2. DHCP Server: "Enable"
    3. Start IP Address 192.168.1.: "100"
  5. Hit Apply Settings
  6. Hit Save
    DDWRT-Setup-Basic Setup.png



i38HG / 5268AC Setup

  1. Using a wired connection, log into your AT&T Router (the IP address is printed on the side, or bottom, of the unit. The i38HG password is printed on the side of the DC Power Supply / Battery Backup. The Device Access code for the 5268AC is printed on the bottom of the unit)
  2. Navigate to Settings -> LAN -> Wireless (or Wi-Fi) -> Wireless Access Point & select Disabled for both the 2.4GHz and 5GHz (if you have it) Wireless Networks. Then hit Save
    Settings-LAN-Wireless.png
  3. Navigate to Settings -> LAN -> DHCP & select the Configure manually radio button and enter the values below. Then hit Save
    1. Router Address: "192.168.0.1" (this is the address of your AT&T 2Wire i38HG)
    2. Subnet Mask: "255.255.255.0"
    3. First DHCP Address: "192.168.0.2" (this and the settings below select the range of assignable IP address. You only need 4 since the box only has 4 wired ports)
    4. Last DHCP Address: "192.168.0.5"
      Settings-LAN-DHCP.png
  4. Navigate to Settings -> LAN -> IP Address Allocation, find your router (identified by its MAC Address) and enter in the values below. Then his Save
    1. Firewall: "Disabled"
    2. Address Assignment: "Public (select WAN IP Mapping)"
    3. WAN IP Mapping: "Router WAN IP address (default)"
      Settings-LAN-IP.png
  5. Navigate to Settings -> Firewall -> Applications, Pinholes and DMZ, select your Router (identified by its MAC Address) and select the Allow all applications (DMZplus mode) radio button. Then hit SaveSettings-Firewall-Apps.png
  6. Navigate to Settings -> Firewall -> Advanced Configuration and enter the values below. Then hit Save
    1. Enhanced Security
      1. Stealth Mode: unchecked
      2. Block Ping: unchecked
      3. Strict UDP Session Control: unchecked
    2. Outbound Protocol Control
      1. HTTP: CHECKED
      2. HTTPS: CHECKED
      3. FTP: CHECKED
      4. Telnet: CHECKED
      5. SMTP: CHECKED
      6. DNS: CHECKED
      7. NetBIOS: unchecked
      8. POP3: CHECKED
      9. IMAP: CHECKED
      10. NNTP: CHECKED
      11. IRC: CHECKED
      12. H323: CHECKED
      13. All Other Protocols: CHECKED
    3. Inbound Protocol Control
      1. NetBIOS: unchecked
    4. Attack Detection (disabling these passes everything to your WRT54G which should be configured to deal with these types of problems)
      1. Excessive Session Detection: unchecked
      2. TCP/UDP Port Scan: unchecked
      3. Invalid Source/Destination IP address: unchecked
      4. Packet Flodd (SYN/UDP/ICMP/Other): unchecked
      5. Invalid TCP Flag Attacks (NULL/XMAS/Other): unchecked
      6. Invalid ICMP Detection: unchecked
      7. Miscellaneous: unchecked
        Settings-Firewall-Advanced.png
  7. Navigate to Settings -> Firewall -> Status and you should have your Router listed (identified by its MAC Address) with the following information displayed
    1. Allowed Applications: "All"
    2. Application Type: "-"
    3. Protocol: "(all)"
    4. Port Number(s): "(all)"
    5. Public IP: "<your IP address>"
      Settings-Firewall-Status.png