ATT Fiber bgw320-500 Bridge Mode Blocking Inbound Traffic

LTS_Tom · October 17, 2023, 2:51pm

Worked with a client today to solve a problem of not just getting their ATT bgw320-500 to stop blocking traffic. Setting these devices in bridge mode work as per their instructions and getting the IP’s to work on the firewall is fairly straight forward but stopping them from blocking inbound traffic is MUCH MORE confusing. Once in bridge mode the system allows only for ICMP traffic to pass through leading you to then the firewall rules and turning them off inside the device so the firewall that you are bridging to can handle that, but there is still one more step.

To get the inbound traffic working you go from the “Home Network” tab (not the firewall tab for some reason) and go down to the “Public Subnet” option, in this case the client has a block of IP addresses from AT&T and turing on the “Allow Inbound Traffic” option has to be set to “On” to get inbound traffic to all those IP’s.

I made this post to help others as I know many people may not expect to look under “Home” “Public Subnet” and DHCP to find firewall settings, especially because there is that other spot labeled firewall

Greg_E · October 17, 2023, 5:24pm

You would think that ATT would have a document and exactly what you need to do with your static IP since they are providing that service.

But I agree, kind of convoluted. Do they allow direct connection to pfsense (with the correct fiber module of course)?

MingaTech · October 17, 2023, 5:32pm

Expecting AT&T to make sense now a days is nearly like wishing for the moon. These devices can indeed be very convoluted. But as far as direct connect, I have yet to see a modem supplied that had the available/free fiber port to connect via fiber. The newer ones do have 1GB and 2GB ethernet ports though. Dont quote me on the exact speeds, I’ll look when I get home and confirm.

LTS_Tom · October 17, 2023, 5:35pm

Once we fixed that all the IP’s and ports we needed open were working just fine. Also, this is for a commercial business and that is the device they received.

RonV42 · October 18, 2023, 11:13am

This is the only documentation I found, it’s on the gateway itself. I agree that AT&T needs to provide a bit more for their business clients when it comes to setting up their business services.