Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    AT&T BGW320 issues with Netgate 6100

    Scheduled Pinned Locked Moved
    Official Netgate® Hardware
    3
    3
    822
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      knoxium
      last edited by

      Hi all,

      so my company has a Netgate 6100 with pfsense, and AT&T fiber with the BGW320 Uplink gateway. Switch, APs and Console to control the switch are Ubiquiti. We primarily use MacOS computers.

      I have been struggling to load most websites after connecting the BGW320 to my netgate and I believe the culprit is AT&T's DNS servers. I can load websites like cloudflare, google, and quad9 but most other websites in general will not. I tried setting the BGW320 to IP Passthrough mode, disabled all the firewall features of it, disabled Ipv6 and disabled its packet filtering. I am using 8.8.8.8 and 1.1.1.1 as my DNS servers in my netgate gateway, has the DNS resolver turned on with TLS/SSL unchecked, have DNS forwarder turned off. Network interfaces is set to all, outgoing network interfaces is set to LAN1 (where I have my laptop plugged into right now for testing this). My AT&T gateway is plugged into WAN1. And my search domain is set to home.arpa. I also cannot ping hostnames or IPs from cmd or terminal, and consistently have trouble pinging the negate gateway or getting the web GUI to load from 192.168.1.1 without having to restart the gateway and reseat its connecting to the AT&T BGW320

      I understand that AT&T's DNS servers on the BGW320 cannot be changed, and that bypassing and not using the at&t gateway entirely is extremely hard to do. Tonight, I’m gonna try changing these settings once again, flushing my DNS resolver cache, then rebooting both the at&t modem, switch, and negate gateway to see if it works.

      M 1 Reply Last reply Reply Quote 0
      • M
        michmoor LAYER 8 Rebel Alliance @knoxium
        last edited by

        @knoxium Assuming your clients are pointing to PF as their DNS server, pick a website that isnt loading and do a nslookup or dig and see what returns.
        If the ATT gateway is in pass-through and the PF is receiving a public address on its WAN then the culprit isnt the ATT gateway. PFsense in DNS resolver mode would query root servers anyway.

        Firewall: NetGate,Palo Alto-VM,Juniper SRX
        Routing: Juniper, Arista, Cisco
        Switching: Juniper, Arista, Cisco
        Wireless: Unifi, Aruba IAP
        JNCIP,CCNP Enterprise

        1 Reply Last reply Reply Quote 0
        • stephenw10S
          stephenw10 Netgate Administrator
          last edited by

          Yes, by default clients behind pfSense will use pfSense for DNS and pfSense will resolve IP addresses directly using Unbound (the DNS Resolver). So it shouldn't matter what AT&T is doing if that's still the configuration.

          Go to Diag > DNS Lookup in the pfSense gui and try to resolve some something. That will show you all the configured DNS services, including Unbound at 127.0.0.1, and whether they are responding.

          Steve

          1 Reply Last reply Reply Quote 0
          • First post
            Last post