I followed the suggested ConnecTech link, and then the AT&T ConnecTech: link. Please, help me put this devil to rest. Is this a business AT&T account? I don't know how or who to report the problem to. ... Go to the "Firewall" -> "Packet Filter" tab. Ask a question! Packet Filter – I deleted all the rules here as I didn’t want to risk anything interfering now or later. If you have a device that wasn't provided by AT&T, please refer to your device manufacturer’s documentation. Just once I'd like an AT&T installation to work as advertised. This triggered me to look at the BGW210 again. I disabled the BGW210's WiFi, firewall, packet filter as recommended. The AT&T gateway issued in your installation must remain in the network as the main gateway. *sigh*. I’m going to try posting this again (3rd try now)…. Still unsure as to why AT&T couldn't deliver a router product that can't do a simple firewall pinhole restriction. It makes me wonder what other firewall features aren't working. Start by visiting the. Page 9: Hardware Gateway Installation Chapter 3 Hardware Gateway Installation A BGW210-700 Broadband Gateway cabling overview, as well as rear panel illustration, is provided below. We recently switched to AT&T 50Mbps service and the supplied Arris BGW210-700 router. The Orbi gets a public IPv4 address. As we understand, you're trying to block everything except the source IP above from connecting through remote desktop but currently, other IPs are getting through? Thank you for contacting us on AT&T Community Forums! Things seem stable for 1-3 days at a time. (MS Edge browser Version 85.0.564.51 (64-bit). AT&T ConnecTech as a paid service available to residential customers only. I'll be using a Cisco router for the gateway. A better solution, of course, would be for an AT&T tech that actually understands the BGW210-700 to help me fix the Packet Filter function so it worked, but alas, I’ve given up hope on that front. I'm going to log off before I start throwing things. This triggered me to look at the BGW210 … Got this from the "ConnecTech support" link: I'm trying to work my way through the labyrinth of the "reach out.." link. It's pretty simple. Can someone tell me what I'm missing from these rules, and why NAT/Gaming Port Forwarding appears to override the blocks? I'd love to "reach out" and find a tech to chat with. 8. I found "packet filter rules", but also a stark warning that these impact the performance of the device. There is a Port Forward in NAT/Gaming that maps 3395 to 3389 on the IP of the PC. The last AP I purchased and installed was a Ubiquiti Dual-band AP. I need to be able to replicate the current level of access with the new equipment. At the bottom of the page there was this in the disclaimer: 1. All day I tried to login on, or even just view the existing thread. All rights reserved. Step 2: Disable Packet Filtering Once you're in your BGW, you will need to disable Packet Filtering. The reason for using port 3395 is we were already experiencing a bad actor in eastern Europe repeatedly trying to login on 3389 with rotating user names and passwords. Is these Block rules don't work, it is a HUGE security hole for our network. If you need further assistance with your IP Passthrough setup and configuration contact ConnecTech Support. I have a doorbell and an IP camera. Click the 'Firewall' tab at the top of the page, and then select 'Packet Filter' from the sub-menu. What does your ASUS router show as its WAN IP address? New to the AT&T Community? Make sure you have a laptop or a computer that you can directly connect to the BGW210-700. This is the third time I've been called in to resolve deficiencies in a new AT&T service installation. Can you not disable ipv6 on the BGW210? This could be caused by a misconfiguration, or possibly a malformed request. *I am not an AT&T employee, and the views and opinions expressed on this forum are purely my own. I'll get back to you after I see where I end up there. I just spent the better part of 2 hours putting a comprehensive post together. Since remote desktop uses TCP/UDP port 3389 by default, can you try adding those to the 2nd drop rule? Clearly the 2 Internet lines are listed as “Business” lines, but I know now the Arris BGW210-700 is a Residential WiFi Gateway and I still don’t understand why Residential equipment is supplied for a, New to the AT&T Community? @MEP_Consulting, we are trying to understand your request for a resolution for your issue. Still need help? The filter itself remains disabled. It does indeed show the gateway's public IP address. Does the Packet Filtering on the Arris BGW210-700 work or not? *I am not an AT&T employee, and the views and opinions expressed on this forum are purely my own. Can anyone give me some guidance as to how to proceed? I know the Arris must remain as the primary gateway. Any product claim, statistic, quote, or other representation about a product or service should be verified with the manufacturer, provider, or party. Apparently, ConnecTech is only available for “Residential” accounts. Any product claim, statistic, quote, or other representation about a product or service should be verified with the manufacturer, provider, or party. I'll try again tomorrow. Keep in mind as well that we are limited to network troubleshooting; however, we do have ConnecTech support that offers a variety of support options as well. Our 1.4 million members typically respond within 1 hour. Transaction ID: 3eb6928f41b42955-000000000559c63f-000000005f529f48. I have already tried that rule. Explain how to set up the clearly available packet filtering on bwg210 or admit it doesn't work? AT&T ConnecTech services are available to residential customers only. I set up IP Passthrough and selected my router according to its MAC address (DHCPS-fixed). ©2020 AT&T Intellectual Property. Click on the "Disable Packet Filters" button. You you trying to eliminate the AT&T gateway from your network? On the IP Passthrough tab, set it to Passthrough and save. Either 'force_deny' or 'force_exception' was matched in policy. Then I get disconnects from random devices, sluggish connections. The BGW210-700 Broadband Gateway should not be used in locations exposed to outside heat radiation or where it is subject to trapping of its own heat. I need to limit the use of Remote Desktop into a Windows 2019 server to a single external IPv4 address. Set your router to use something other than ATT dns servers. The page that is the target of "If you feel as if there is an issue with the RG, reach out to our technical team and we can further review" Flashes twice and leaves a white screen, even after several refreshes. I haven't researched Router/AP's in the last three years so I am inquiring as to the best WiFi AP to purchase that is comparable to the Arris 210-700 WiFi capabilities. I need to allow ONLY 1 external IP access to the PC, and BLOCK all others. I am more confused than ever now. Get expert support for your software, virus, security, and PC performance and home network issues - anytime you need it. It should lock out the remaining options: Plug an ethernet cable into the ethernet port on the laptop and connect it to an ethernet port on the BGW. Apparently not! I look forward to any suggestions anyone may have so I can at least limit the scope of locating a suitable product. The issue is the Source IP. To learn more visit our website or call 866.294.3464. @sandblaster I changed DNS servers from auto (I assume AT&T) to cloudflare servers and disabled ipv6. You are however, can used additional router behind AT&T router and Port forwarding is an option. BGW210: filter outgoing traffic? I also have a rule to stop all access from a known bad-actor network. You can configure the RG in passthrough. Apparently, since the Arris Packet Filtering doesn't work, I have to install another, capable, router behind it. My retirement awaits. Hi @MEP_Consulting, we are unable to recommend the best third party router to us behind your AT&T gateway, we just don't have all the specifications. But when I go into the Account Profile I see this: As an aside, I also discovered this in the profile: There’s no explanation of the issue or even which line has the problem. Did anyone figure this out? Configuring a router to work with your AT&T router involves a few basic steps, as shown on our support article on connecting a non- AT&T router. I researched and found that I need to set up IP Passthrough. Restarting my router temporarily fixes things, but 1-3 days later things go south again. All rights reserved. Arris BGW210-700 not processing Packet Filter Drop rule We recently switched to AT&T 50Mbps service and the supplied Arris BGW210-700 router. Things seem stable for 1-3 days at a time. I've tested using both 3389 native and 3395 forwarded. As I said, I plan to acquire the same Cisco router I used at another site to sit behind an AT&T router because the supplied router didn't have the L2 capability to handle the ShoreTel VoIP system bundled in the "deal" my client got. I disabled the BGW210's WiFi, firewall, packet filter as recommended. Second the recommendation for a "real" network device behind the Gateway. (MS Edge browser Version 85.0.564.51 (64-bit). If you have any additional concerns, please feel free to reach out to us. I thought I was home free when I finally got logged in. Same on NAT/Gaming; disable it all, delete anything custom that had been added. There are ip4 and ip6 routing tables listed.