[TriLUG] open ports on Uverse 2wire gateway -- revisited

Joseph Mack NA3T jmack at wm7d.net
Tue Feb 4 15:58:05 EST 2014 

On Tue, 4 Feb 2014, James Jones wrote:

> Joe,
>
> This is the 2wire Uverse Gateway which has both the modem & router in one box 
> with a not so friendly way to use port forwarding and the problem is in the 
> ports facing the internet ( mainly ports used by AT&T's Uverse to access the 
> Gateway ).

got that.

I have no idea what/how a 2 wire gateway works. Still it has to be data coming 
in in some format on some physical layer and ethernet coming out the back. So 
it's a protocol converter. As far as you're concerned, you get ethernet. You 
don't get to interact with AT&T's 2 wire protocol.

> If bridging were enable how would it help my situation. From what I can find, 
> bridging is not an option on the 2wire gateways.

My dsl provider swore up and down that bridging wasn't available on my modem 
either, until someone here on the list said that was BS. After several tries to 
techservice and getting people who'd been working there for decades and were 
experts and saying that such a thing was technically impossible, I finally got 
someone who said "of course, we do this all the time for our customers". He took 
me to a part of the router's menu I hadn't noticed and showed me what to do.

Bill just came up to say you can't have bridging, but you've got something else 
which might do apparently

(Explanation of bridging follows. Sorry if this is redundant.)

In bridging the box just is a protocol converter. The box will not have any IPs. 
(In fact it will have one IP, probably 192.168.1.1 on the ethernet device. It's 
only there so you can configure it. Once the modem is configured, this IP is not 
part of the modem's function.)

In bridging mode, the ethernet port on the inside of the modem is wired through 
to the ethernet network at the ISP. You can dhcp through it and the dhcpcd box 
will get an IP in the ISP's network. This IP is the IP that the outside of the 
modem would have got in non-bridging mode.

The modem just looks like an ethernet wire into the ISP. You now need a 
router/firewall etc on the inside of the modem. I use an old 586 box with 3 
ethernet cards; one to the ISP with a public IP, and two with private IPs, one 
to the admin/DMZ and another the users. On the user's network I have the wifi 
boxes spread around the place, all with the same SSID. The router handles squid, 
DNS, DHCP, rrdtool, openvpn.

An example of bridging that may be more relevant: You have a wap (wifi box), and 
you only use the lan ethernet ports. You connect one lan port to the user's 
network (say 10.0.1.0/24). The wap has the IP 192.168.1.1 and is listening on 
port 80 for configuration input. You come along with your laptop on 
192.168.1.254, plug into another of the wap's lan ports and configure the SSID 
of the wap. You unplug the laptop and associate with the SSID. You get an IP in 
10.0.1.0/24. The IP 192.168.1.1 is still on the wap, but you can no longer 
easily get to it, unless you know it's there.

With your modem in bridge mode, AT&T can't get to the 192.168.1.1 IP on your 
modem.

Joe

-- 
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!

More information about the TriLUG mailing list