Pace 5268AC with AT&T and Pfsense (Co-Existance) - Make it work



  • O.K. so you just got that AT&T Fiber installed and your ready to go, but you realize that AT&T equipment doesn't support U.P.N.P. and other features that you love and use on your network.
    Well, never fear, your comprehensive guide is here!!!

    Here is what you will need to make this work:

    1 AT&T Gateway (for this tutorial we will be addressing the Pace 5268AC) but this works on all others as well.
    1 pfsense router

    Make sure the Pfsense router is configured to be in a different IP range but in the same subnet 255.255.255.0 as your AT&T gateway (example the pfsense router should be 192.168.0.1)

    1 or more switches depending on you network needs

    Ok so first you want to connect your AT&T gateway to the Fiber box using the provided Lan cable (typically cat5 or 6) to the wan port of the att gateway. Then to one of the 4 lan ports connect a system.

    Now, the AT&T gateway usually works on the 192.168.1.1 ip range with the subnet of 255.255.255.0 hence the 192.168.1.254 IP to access the gateways internal setup.

    So, from a web browser enter 192.168.1.254, once this is done you will see the internal setup of the AT&T gateway.

    Now connect the Wan port of your pfSense Router the 1st lan port of the att gateway and power your pfsense router on.

    The AT&T gateway will assign the pfsense router an ip (youre done right here for now)

    Then go back to the AT&T setup screen

    Navigate to Settings, Firewall, Applications, Pinholes and DMZ.

    In that selection, Select the computer (PFSENSE ROUTER) that will be the DMZ.
    *note you should see the pfsense  router.

    Select Allow all applications (DMZplus mode) at the bottom of the page.
    Click Save.

    Restart the computer pfsense router.

    When the pfsense restarts, it should have the same IP address as the AT&T gateway.

    All WAN Network traffic TCP and UDP ports will be forwarded to it.

    Now hook your pfsnese lan Card cable into your switch and boom you should be good to go.

    Test your connections in your lan and it should all fire right up.

    Now all of those special servers and other services you like to run will continue to operate as normal with unlimited access to the outside world as per you custom config. no doubt.



  • Dureal99d - Does this create a double NAT situation, or any issues with port forwarding from PFsense to internal Servers?


Log in to reply