Page 1 of 1

Sonic Fiber (resold ATT) w/ your own wifi & router

Posted: Wed Feb 05, 2020 10:29 am
by Blumberg@gmail.com
I am getting Sonic installed (resold att fiber) and I am being told that you can't change the router or enable bridge mode.

So if I use Google Wifi, it would be double NAT. Just curious if anyone has this setup (or similar, where you use your own wifi/router AFTER the ATT provided modem). This is definitely not ideal, but at the same time I am not running/hosting services where port forwarding would matter, but are there any other issues/limitations I should expect?

Re: Sonic Fiber (resold ATT) w/ your own wifi & router

Posted: Wed Feb 05, 2020 12:23 pm
by gtwrek
Officially, ATT supports "DMZ Plus" mode which should, in theory, accomplish what you wish. In fact up to around 24 months ago this worked quite well. I have my own router (handling NAT, DHCP, firewall, etc), my own Wireless APs. I turned on DMZ Plus on the ATT box, and disabled all other functions on that box (NAT, wireless, etc), and let my router manage those functions. (Single NAT only, no double-NAT)

This is all still currently officially supported (by ATT). However, recent firmware upgrades (last 24 months) on the Pace Router basically neuters this mode of operation, making it almost impossible to work. Folks seem to have better success with a Non-PACE router. But acquiring one is difficult.

I feel for Sonic here, having to really on ATT's entirely broken infrastructure. But them's the way things are currently.

Re: Sonic Fiber (resold ATT) w/ your own wifi & router

Posted: Fri Feb 14, 2020 7:58 pm
by lasevich
Is your answer for resold fiber or DSL service? I was under impression you did not need a "modem", as such, for fiber installation, just fiber to ethernet adapter and a router.

Re: Sonic Fiber (resold ATT) w/ your own wifi & router

Posted: Mon Feb 17, 2020 2:43 am
by Sonic Guest
It depends on what gateway you get from AT&T. If you get the BGW210 you will get double-NAT even with using IP Passthrough. On a 5268AC you won't get double-NAT using DMZ+.

There are pros and cons with either gateway. BGW210's webUI is much more responsive than the 5268AC's but I rarely use it. Both gateways have problems and you can take a look at DSLreport's uverse forum for more information.

I am on AT&T resold fiber and got the BGW210 from AT&T. I purchased a 5268AC on eBay and am using that.

If you use a Linux-based router/firewall like pfSense/OPNsense/Ubiquiti you can bypass the gateway. There are a couple of methods and they only work reliably if you are on AT&T fiber infrastructure. Again, check out DSLreport's uverse forum.

Re: Sonic Fiber (resold ATT) w/ your own wifi & router

Posted: Mon Feb 17, 2020 3:35 pm
by lasevich
Interesting. I think I have a 5268AC as my Sonic DSL router (and boy, is it a POS) but I figured it was primarily needed for decoding the DSL signal - which should not be necessary for fiber. Is there a reason to use 5268AC and not just put any other ethernet based router instead of it?

Re: Sonic Fiber (resold ATT) w/ your own wifi & router

Posted: Mon Feb 17, 2020 10:47 pm
by Sonic Guest
You're expected to send your older Sonic-branded 5268AC back to Sonic.

You'll be given a new gateway as part of your upgrade. AT&T-branded gateways perform 802.1x authentication in order to get on their network.

Re: Sonic Fiber (resold ATT) w/ your own wifi & router

Posted: Tue Feb 18, 2020 8:09 am
by lasevich
Sonic Guest wrote:You're expected to send your older Sonic-branded 5268AC back to Sonic.

You'll be given a new gateway as part of your upgrade. AT&T-branded gateways perform 802.1x authentication in order to get on their network.
So, there is not technical reason other than they force you to use their equipment by hiding 802.1x credentials from you? That's appalling.. :-( on the flip side, 5268 didn't strike me as terribly secure, we can probably extract the credentials...

Re: Sonic Fiber (resold ATT) w/ your own wifi & router

Posted: Thu Feb 20, 2020 5:04 pm
by Artakamoose
lasevich wrote:
Sonic Guest wrote:You're expected to send your older Sonic-branded 5268AC back to Sonic.

You'll be given a new gateway as part of your upgrade. AT&T-branded gateways perform 802.1x authentication in order to get on their network.
So, there is not technical reason other than they force you to use their equipment by hiding 802.1x credentials from you? That's appalling.. :-( on the flip side, 5268 didn't strike me as terribly secure, we can probably extract the credentials...
Don't bother with the 5268 certs; they're encrypted. NVG589, NVG595, NVG599 and BGW210 certs are known to work.

Re: Sonic Fiber (resold ATT) w/ your own wifi & router

Posted: Wed Mar 11, 2020 2:18 pm
by rconti
I have the BGW210 from ATT through Sonic. Before I got it, I looked up the most obvious settings for pass-through or whatever, used them, and now my public IP sits on the WAN interface of my usg-pro-4 gateway. I don't remember which settings I used, but it's worked flawlessly for a year. So, it's doable. I just used whatever was the most-recommended method for the bgw210.