PfSense behind AT&T 2wire Gateway



  • I just got off phone with AT&T tier II support about setting up a firewall behind the 2Wire gateway. Tech said I would be unable to disable NAT and DHCP on the 2Wire box. Tried to google and also tried to look through the various 2wire menus and didn't see anything there.

    The 2wire is assigning an IP address of 192.168.1.68 to pfSense via DHCP. I cannot statically assign an IP address to the pfsense WAN interface. Matter of fact you cannot put 2wire into DMZplus mode unless you use DHCP.

    Two problems:

    1. I have setup DMZplus mode on the 2Wire. I am wondering if I setup a firewall, router, and wireless access point behind the 2Wire will there be any routing problems? Has anyone been able to disable DHCP and assign static IPs on 2wire?

    2. I am not trying or wanting to do NATing behind the 2wire. I just need to be able to route to internal VLANs and be able to set up a wireless router acting as an access point. Since the 2wire and pfSense will BOTH be performing NATing, I have read that double NATing causes problems.

    Since the 2wire and pfSense will BOTH be performing routing, I have read that double NATing causes problems. I have googled and googled and can't find a solution to this problem



  • I run a double NAT configuration: pfSense 1.2.3 downstream of a Zyxel ADSL modem. I've tried a couple of times to get the modem into bridge mode to avoid double NAT but haven't been able to get PPPoE to work. I did have some problems with VOIP soft phones but was able to resolve them by careful software selection.

    Sometimes I run "triple NAT": a test pfSense box downstream of the production pfSense box.

    Everything works pretty well for me but I don't have a wide range of applications and protocols in use (pretty much basic home use: mostly gaming, web browsing and email with occasional FTP).


Log in to reply