Friday, September 28, 2012

Using a dd-wrt router behind an AT&T U-Verse Gateway

This is a unique problem which I felt needed its own post. Many people use routers flashed with dd-wrt the open source linux firmware. This allows you to implement loads of terrific personalized network settings and to turn your basic $30 router into a $200 monster for free!


I have recently moved to an area where AT&T U-Verse is the only internet connection type possible. This means that my old ADSL modem which worked fine with my AT&T hsi account was now useless! In fact, the only available modem is built into the AT&T provided modem/router combo!

The switch from my highly customized dd-wrt setup, to a wireless g only locked down AT&T pile of garbage that cost me $100 was too much to bear! I immediately began working on a way to restore order to my LAN.


For those of you who are unfamiliar with dd-wrt please read this post [coming soon].

My old network setup was as follows on AT&T ADSL:

Phone Line > D-Link ADSL modem > Linksys e-1000 flashed with dd-wrt > 10/100/1000 unmanaged network switch > devices

This allowed me to: 
  • update my ip with dyn.com from the router itself
  • broadcast 802.11n/g mixed
  • connect my NAS and all of my devices through the gigabit switch
  • forward ports through the router to my dyndns.org address
  • set static ip's
  • backup my configuration files efortlessly
  • life was perfect...

After moving to the AT&T U-Verse DSL my setup looked like this:

Phone Line > AT&T 2-Wire modem/router gateway > devices

This allowed me to: 
  • Broadcast in 802.11b/g
  • Connect my devices through the gigabit switch
I had lost the ability to:
  • Update my dyn account from the router.
    • instead I would need to run my desktop 24/7 if I wanted it to update.
  • Forward ports through the router to my dyndns.org address
    • I was able to assign a 24hours lease to the pinhole...
    • After that I had to manually reassign the lease for another 24hours.
    • Else I needed to impose DMZplus mode and open all of my ports to the outside... lame...
      • Which as it turned out was also a temporary lease!
  • Set Static ip addresses for each device
Clearly my utopia of a LAN was dead. My devices no longer communicated in the way I wanted and I was unable to access many of my services and my server from outside the LAN. Something needed to be done!

I began by searching for U-Verse Modems...
Don't bother...

U-Verse is VDSL and there are no VDSL modems on the market that you are going to want to try to buy. Especially after shelling out $100 on that att mandated crap!
There is one Motorola modem that you can get your hands on, but I don't know how you are going to because no one sells it. I managed to get one by a miracle. It worked perfectly! Everything was like the old days! On top of that ATT did not acknowledge that my modem existed! So I was not subject to data overage charges!

Then I moved again and my new roomie (yes I'm in college) was desperate to have TV. Blerg!
So we ended up with the ATT U-Verse TV package, and I ended up without a solution to my problem again. Since the TV needs the special ATT modem router combo... which is still crap... and they have to attach a special 802.11n wireless access point to for the TV recievers, thus stealing one of your 4 LAN ports... sooooooooo terrible!!!

My quest once again began to find a way to fix my network.

The best solution that I have found is to simply use my dd-wrt router behind the ATT gateway.

Phone Line > ATT gateway > dd-wrt router > devices

Making this work is easy if you do it right the first time!
Otherwise it is a crazy pain in the ass process of rebooting routers over and over again and switching your network connections until you get it right!

So here we go...

  1. Switch the subnet on your dd-wrt router.
    1. Connect to your dd-wrt and go to the basic setup page.
    2. Connection Type - "Automatic Configuration - DHCP"
    3. Router IP - "192.168.2.1"
    4. Network Address Server Settings - "DHCP Server"
      1. Enable
      2. Start ip "192.168.2.100"
    5. SAVE your settings
    6. Unplug your dd-wrt
  2. Plug your fresh dd-wrt router into your ATT gateway.
    1. Run a patch cable from one of the LAN ports on the ATT side, to the WAN port on the dd-wrt side.
    2. Power up the dd-wrt
  3. DMZplus mode
    1. Open the admin page for your att router - 192.168.1.254
    2. select your device in the pinhole/DMZ tab
    3. Select the DMZplus bubble and press apply.
    4. Once your att device has finished saving and applying the changes immediately reboot your dd-wrt router. [THIS IS EXTREMELY ESSENTIAL! If you do anything else the att router will probably cancel the DMZplus settings and revert to the old DHCP ip address settings associated with your device.]
    5. Your dd-wrt router should show the external ip address in the top right hand corner of the admin page now. This is your indication that everything is working correctly!!!
  4. You can now go about business as usual.
    1. Setup DNS updater in dd-wrt if you want to be able to talk to devices on your LAN from outside the network.
      1. Be sure to forward the associated ports for the services you are using.
      2. eg. if you normally connect to "192.168.2.100:5050" in order to view Sickbeard while on your LAN, then you need to forward port 5050 for ip address 192.168.2.100.
      3. Do this in your dd-wrt router.
      4. then you can use your DNS address to connect to that service from a computer anywhere else in the world.
        1. eg. in a browser rather than "192.168.2.100:5050" you would use "yourdomainname.dyndns.org:5050"
I have experienced a few issues with pinholes/port forwarding that I have not yet resolved, but everything works within acceptable limits at the moment.

Post any questions in the comments and I will do my best to help provide answers.
The worst thing in the world is the isolation and helplessness summarized in this wonderful XKCD comic...

22 comments:

  1. Nice Article! Thanks for sharing with us.
    IP Routing

    ReplyDelete
  2. Seriously, man. I've been trying to do this all day after throwing dd-wrt on a router. Yours is the first thing I've read that actually 1) makes sense, and 2) works. Gracias.

    ReplyDelete
    Replies
    1. I'm glad that I could help! You have no idea how many times I ended up banging my head against the wall trying to make something, ANYTHING, work after switching to U-Verse.

      Delete
  3. Hello,

    I did the same thing as you did... I see external IP on left hand top corner of dd-wrt page as you say... however, I am not able to connect to internet - keep getting: "ERR 101: The connection was reset"... Also, even though the assigned WAN IP is 108.x.x.x, my DNS still shows as 192.168.1.254... Not sure if this is how it should be..

    -thanks for any additional help you could provide

    ReplyDelete
    Replies
    1. Hey Glogger, sorry about the delay... The last two weeks have been very busy!
      It sounds like your dd-wrt router has not fully applied the new settings. For the easiest fix, I would try saving your config-XML file and hit the physical reset button on the router. Reset dd-wrt to factory defaults and clear any weirdness that you might have going on. (Make sure that you are plugged into the #1 lan port on the AT&T gateway still.) The router will reboot and will be back on the original 192.168.1.x subnet. Log into the webGUI and check the top corner of the screen again for the router's external IP. If you have a 108.x.x.x address then try getting online. If everything is working right, you can upload your config-XML and reboot again. If that breaks something, start over... and add your settings manually. Good luck man! Just remember that you have to do things VERY deliberately with this equipment. Don't swap wires around plugging things in willy nilly and dont reboot stuff over and over again. If you want it to work you have to do stuff in the exact right order.

      Delete
  4. hello i have ddwrt router can i use it to watch uverse wifi iptv iam outside usa thanks

    ReplyDelete
    Replies
    1. To my knowledge you cannot. I had Uverse in my apartment and am pretty sure that the wireless tuner boxes were designed only to automatically connect to a special AT&T wireless access point that plugged into the normal AT&T Wireless Router/modem combo. This issue is mentioned in my post.

      Uverser ipTV requires an ATT gateway, connected to an ATT wireless ipTV access point, connected to an ATT Uverse ipTV tuner, connected to a TV. There is no way around that.

      My suggestion to you is to dump all that, because it is the same as the over priced garbage on any cable network.

      Sign up for a nice online subscription like Netflix and Hulu.

      Now, being outside the US, these services will not work for you. To that I say your recourse is to simply download your shows.

      I recommend reading my current series on getting started with Usenet and Sickbeard. For about $10/month you will be able to watch all the TV you want.

      http://www.hobo-geek.com/2013/02/beginners-guide-to-usenet-part-1.html

      Delete
    2. Thank you so much! Please note: it is Oct 2015 and I was able to use these instructions with success. So grateful. Thanks again.

      Delete
  5. I am trying to use my Linksys WRT54g v5 with DD-WRT as a repeater behind my 2Wire router. If i follow the steps above to get them to communicate, should i just be able to follow the DD-WRT Wiki instructions for setting up router as a repeater to get it to work?

    Thanks,

    ReplyDelete
  6. Great job and very nice content... i read this blog, this blog is very helpful for me...
    I am very thankful to share this post.. I hope you have more information about this post.. So, Please share me.. Thanks..
    Visit my site:- Linksys Router Support

    ReplyDelete
  7. So my question is do the AP for the TV receivers work within the DMZ, or do you still have to directly connect them to the AT&T device?

    ReplyDelete
    Replies
    1. As far as I know, they still have to be directly linked to the AT&T gateway... That is not a big deal though since they are only used to pipe uverse TV to individual receivers. The point of having this separate router behind the gateway is for routing normal internet traffic from your computers. It would be less efficient to connect the APs to the new router.

      Delete
  8. Thank you so much! Please note: it is Oct 2015 and I was able to use these instructions with success. So grateful. Thanks again.

    ReplyDelete
  9. Worked like a charm with my Netgear R7000 and ARRIS NVG599. Thank you!

    ReplyDelete
  10. Everything worked but the WAN IP on my Cisco WRt160nv3 dd-wrt router shows a LAN IP: 192.168.1.128

    I needed this done so I can clone the MAC address and attempt to change my WAN IP whenever need be, which for me requires me doing it > 10 a day!

    Any insight?

    ReplyDelete
    Replies
    1. Everything didn't work! It sounds like you failed to do the steps in order and the dmz plus mode was canceled. I would reset the router ip tables, reset the gateway. Then start again ensuring you do things exactly as i wrote the steps. I had to work on this for like six hours before I found the weird hangup that weren't allowing things to work. Just saving the settings and rebooting the devices won't work. Good luck.

      Delete
  11. This comment has been removed by the author.

    ReplyDelete
  12. Hello, Matthew! What do you think about Netgear R700 as a router for office or home? I read here http://www.routerstop.com/netgear-r7000-wireless-router-review/ that it has too much perfomance for home using, for exmple...So I want you to recommend me a good one for the cheap price. Thanks a lot.

    ReplyDelete
    Replies
    1. It is really difficult to tell exactly what your situation is based on your comment. The R7000 is a really great router, both for tech enthusiasts and for standard users. It is supported by the dd-wrt custom firmware, which means that the userbase will remain strong for some time (Read easy to troubleshoot your problems because lots of other users). I do not know what type of load you place on your home network, or your office (home?). If this is in your home I assume that you will be accessing internet from multiple devices. What size is your household, ie do you need this much bandwidth? With a small household, do you often stream video from places like netflix? If so then you may want to buy a fast and full featured router such as the R7000. Do you avoid internet at all costs and only connect through an old desktop tower? If so then this is vastly overkill. Without a great deal of information about your intended use and your specific circumstances I am afraid that this question is a bit like, "What is the best pair of shoes for me to buy?" A construction worker may need boots, a business woman may need heels, a barista may want tennis shoes. In any case, the R7000 is a top of the line router and will remain so, as it uses the new AC wireless standard, for several years to come.

      Delete
  13. This comment has been removed by a blog administrator.

    ReplyDelete
  14. This comment has been removed by a blog administrator.

    ReplyDelete

Blogger won't auto-notify the author of your comment, but he does reads through them every few days to post replies.