Uverse and pfsense - can't we just get along?



  • Hello All,
    I just built a machine, installed a dual Intel nic, and installed the latest version of pfsense. I am having issues with it. I am on uverse and have the Motorola NVG589 gateway. I have read the forums and found some info on cascading and pass-through…but I am stuck. I am not sure what to do. Currently my gateway, NVG589, handles the Wi-Fi and hands out DHCP addresses. How can I install my PFSENSE router behind this? I have been reading everything and cannot seem to come to an answer. Any help is appreciated.
    Thanks!
    BTW: I just have the internet with them, no TVs.

    Any guides out there, or is this a simple passthrough isssue I am missing? I am not sure how to configure it. Again, I hate to post such a dumb questions but I am out of ideas and not sure where to go with this one.



  • perhaps you should state the issues ?



  • I'm sorry, I just got caught up in the problem of it not working. Here is the deal - I sincerely want to learn and I plead for your help folks.

    1. When I first plug in the WAN side, uverse, and the Lan, everything seems to work.
    2. I start getting errors when trying to add packages - the same type you get with an incorrect config - but the config is confirm via documentation - so I reboot it
    3. HERE is where the problems come in.
    4. I reboot the pfsense box and I am unable to ping it, it doesn't show up on the networking via arp -a
    5. The pc's lose connectivity to the internet but the local network is working.
    6. Once I unplug the pfsense box and plug the uverse gateway into my dell swtich the computers gain internet access once and release and renew of the IP address is done.
    7. I can plug the PFsense, lan side, into the network and I am able to see the box and work with the GUI.

    From reading other posts and trying their fixes I know there is formula to allow the Pfsense box to work BEHIND the att "gateway," device…I am just not sure what it is. I am not 100% on all of this stuff but i am reading and I know I am not the only one out there that wants to use a pfsense box behind my uverse box.

    My setup is pretty basic:
    I have a 24 port dell powerconnect switch - basic config - nothing really setup, and this uverse gateway. Any, and all help is so much appreciated!
    Thanks.


  • Netgate

    You might be in over your head.



  • The slightest hint about your pfSense config could, maybe, help, don't you think so?
    Infos given about your Dell switch and uverse GW are way more explicit, though.



  • whats the ip-range of the uverse box? what did you set as LAN subnet on pfsense ?



  • Sorry Guys,
    I might be in a little over my head. I have not done much networking stuff for over a decade, this was supposed to help spark it and help me learn again.

    My dell switch is set to grab an address of 192.168.1.200. - I can plug in a unmanaged switch to rule this thing out - I just used this one because I was intending on learning as much as possible.

    My uverse gateway has an address of 192.168.1.254

    I set the Pfsense box to 192.168.1.50 /24

    The uvese box of course is a gateway device which hands out DHCP address and serves up WIFI.

    I am pretty sure I need to put the pfsense box on its on subnet but I am not sure what is best, and how I will get the uverse box to actually forward to the pfsense box if I put it on a different subnet. I have read several threads on uverse boxes and how you have to config them for pfsense, in that you have to set up some sort of stacked router or forwarding. Again, any and all help is appreciated - I will post whatever info you guys want - I am just stuck…and am trying to figure this out with little experience or luck,



  • @s1nemesis1s:

    Sorry Guys,
    I might be in a little over my head. I have not done much networking stuff for over a decade, this was supposed to help spark it and help me learn again.

    My dell switch is set to grab an address of 192.168.1.200. - I can plug in a unmanaged switch to rule this thing out - I just used this one because I was intending on learning as much as possible.

    My uverse gateway has an address of 192.168.1.254

    I set the Pfsense box to 192.168.1.50 /24

    The uvese box of course is a gateway device which hands out DHCP address and serves up WIFI.

    I am pretty sure I need to put the pfsense box on its on subnet but I am not sure what is best, and how I will get the uverse box to actually forward to the pfsense box if I put it on a different subnet. I have read several threads on uverse boxes and how you have to config them for pfsense, in that you have to set up some sort of stacked router or forwarding. Again, any and all help is appreciated - I will post whatever info you guys want - I am just stuck…and am trying to figure this out with little experience or luck,

    Hey bud,

    I can relate, I too have a Uverse (NVG599) beast and I am working on getting pfsense working with it. So here is how I got mine to work, wired LAN only, with intermittent issues I am still working out:

    You need to put Uverse in FULL Bridge/Passthrough mode with ONLY the Pfsense box connected to it.

    ATT-Uverse router–---pfsense box----switch----connected devices of house

    To put uverse in full bridge/pass through go here - https://goo.gl/dkvy5f (& OR) http://www.dslreports.com/faq/17734

    This will get the wired LAN working, at least it did for me, I have a TP-Link TL-WDN4800 in my pfsense box and I'm trying to get Wifi AND Wired through my one pfsense box.

    Your best bet is to NOT have Wifi served up by the UVerse router since in order for pfsense to work you must put that uverse box into full bridge/pass through.

    Your best bet, the one I'm leaning to now, is have a separate Wifi device hanging off of your switch behind your pfsense box.

    In my recent searches I'm finding out from folks smarter than me that Uverse wants to know EVERYTHING that passes through your home network!!!!!

    ATT Uverse does not like to be put in the corner...

    Meaning that Uverse routes all traffic through their NVG, DNS, etc and if you try to bypass their systems they packet shape, throttle and will do their damnedest to make your experience miserable. (paraphrasing on official networking terms since smarter people explained it better than I can write it.)

    An example I have well documented on my home Uverse with DD-WRT/OpenVPN: (different vpn providers tested & on different home computers too.)

    My Uverse is 45 down 8 up - runs close to that on my Uverse NVG599 (all traffic through my vanilla home uverse equipment)

    OpenVPN running (UDP or TCP any and all ports, servers around the world, does not matter) 7mbps down & 7mbps up

    OpenVPN running SSL or SSH 43mbps down & 8mbps up

    A quick google search will reveal a lot of other folks experiencing similar issues...

    A ray of hope potentially for us Uverse users - pfsense forum user -  icemanncsu - also has Uverse and somehow connect his pfsense box directly to his uverse fibre termination point and bypassed his Uverse NVG altogether.

    But his link explaining his step by step on how he did that is down. I've PM'd him hoping he can share his step by step on here.



  • There might be something In this Article that can help you out as well.



  • Wow,
    This is a ton to comb through - I really appreciate it folks!!! I do not have a static address and wish to use the PFsense box to handle DHCP and I plan to run a main wireless router and few older wireless routers using DDWRT as wireless repeaters in the house so friends and family can use their Wi-Fi devices. But I really want to get this box online.

    Should I hook up my unmanaged switch to rule out problems on the Dell switch side - its just a basic config - nothing really configured for the most part except for the IP address for the device being at 192.168.1.200.

    I don't understand why they make this so hard - we PAY for the service. I miss my cable modem…but last I checked they went to a device similar to this in my area...plus I am locked into contract.

    I will start working with this more ASAP - with work, the family, and online courses my wife and I are taking it is hard to have much downtime and it must be done at night - after bedtime - so it seems I am in for a "treat." I really appreciate the posting of the uverse user and hope to duplicate your setup ASAP to try and get this to work.

    I noticed when I have the box online and tried to configure packages, HVAP antivirus, it would not retain my changes and tell me it was restoring the config. I did eventually get some of the package configured but it was forced…in that it just seemed to take it against loading the config...weird.

    If anyone else with uverse configs would post their information maybe we can make a sticky of some sort, or at least make this post a definitive place to point to when you are using uverse. I appreciate all the help so far. I look forward to talking to you more and look forward to further ideas as well.



  • @s1nemesis1s:

    1. When I first plug in the WAN side, uverse, and the Lan, everything seems to work.
    2. I start getting errors when trying to add packages - …..

    This seams dead easy to me.
    Re install - and STOP after you finished step 1. If Step 2 (packages) break things - and yes, some really mess up things for some people - then just forget packages.
    Or: trial and error so you know which package to exclude (let me guess: the squid family ;))



  • @Gertjan:

    @s1nemesis1s:

    1. When I first plug in the WAN side, uverse, and the Lan, everything seems to work.
    2. I start getting errors when trying to add packages - …..

    This seams dead easy to me.
    Re install - and STOP after you finished step 1. If Step 2 (packages) break things - and yes, some really mess up things for some people - then just forget packages.
    Or: trial and error so you know which package to exclude (let me guess: the squid family ;))

    Thanks for the reply! I was trying to get the HVAP Antivirus working. When I try to configure an section of it I would get the error letting me know it had reset the config. The other trouble with uverse happens with packages and without. hmm… I am planning on trying to work on it a bit tonight if I can. I am really let down by the fact that it would seem uverse is causing me some much trouble and getting it configured the right way seems like it takes magic. :(



  • @tokamak:

    @s1nemesis1s:

    Sorry Guys,
    I might be in a little over my head. I have not done much networking stuff for over a decade, this was supposed to help spark it and help me learn again.

    My dell switch is set to grab an address of 192.168.1.200. - I can plug in a unmanaged switch to rule this thing out - I just used this one because I was intending on learning as much as possible.

    My uverse gateway has an address of 192.168.1.254

    I set the Pfsense box to 192.168.1.50 /24

    The uvese box of course is a gateway device which hands out DHCP address and serves up WIFI.

    I am pretty sure I need to put the pfsense box on its on subnet but I am not sure what is best, and how I will get the uverse box to actually forward to the pfsense box if I put it on a different subnet. I have read several threads on uverse boxes and how you have to config them for pfsense, in that you have to set up some sort of stacked router or forwarding. Again, any and all help is appreciated - I will post whatever info you guys want - I am just stuck…and am trying to figure this out with little experience or luck,

    Hey bud,

    I can relate, I too have a Uverse (NVG599) beast and I am working on getting pfsense working with it. So here is how I got mine to work, wired LAN only, with intermittent issues I am still working out:

    You need to put Uverse in FULL Bridge/Passthrough mode with ONLY the Pfsense box connected to it.

    ATT-Uverse router–---pfsense box----switch----connected devices of house

    To put uverse in full bridge/pass through go here - https://goo.gl/dkvy5f (& OR) http://www.dslreports.com/faq/17734

    This will get the wired LAN working, at least it did for me, I have a TP-Link TL-WDN4800 in my pfsense box and I'm trying to get Wifi AND Wired through my one pfsense box.

    Your best bet is to NOT have Wifi served up by the UVerse router since in order for pfsense to work you must put that uverse box into full bridge/pass through.

    Your best bet, the one I'm leaning to now, is have a separate Wifi device hanging off of your switch behind your pfsense box.

    In my recent searches I'm finding out from folks smarter than me that Uverse wants to know EVERYTHING that passes through your home network!!!!!

    ATT Uverse does not like to be put in the corner...

    Meaning that Uverse routes all traffic through their NVG, DNS, etc and if you try to bypass their systems they packet shape, throttle and will do their damnedest to make your experience miserable. (paraphrasing on official networking terms since smarter people explained it better than I can write it.)

    An example I have well documented on my home Uverse with DD-WRT/OpenVPN: (different vpn providers tested & on different home computers too.)

    My Uverse is 45 down 8 up - runs close to that on my Uverse NVG599 (all traffic through my vanilla home uverse equipment)

    OpenVPN running (UDP or TCP any and all ports, servers around the world, does not matter) 7mbps down & 7mbps up

    OpenVPN running SSL or SSH 43mbps down & 8mbps up

    A quick google search will reveal a lot of other folks experiencing similar issues...

    A ray of hope potentially for us Uverse users - pfsense forum user -  icemanncsu - also has Uverse and somehow connect his pfsense box directly to his uverse fibre termination point and bypassed his Uverse NVG altogether.

    But his link explaining his step by step on how he did that is down. I've PM'd him hoping he can share his step by step on here.

    Hello! I used http://www.dslreports.com/faq/17734 and it totally worked! I left my wireless intact for a guest network that is on a different subnet. Thank you! What is with the packages though? HVAP did not work correctly for the web part, kept getting errors and it would not let YouTube play….
    Also what is with squid, I don't play a ton of games but it blocks GTA 5...

    I need to do more reading, but without the packages everyone raves about...hmm..I guess I need to look at all of it as learning :)