AT&T Gateway router

Discussion in 'Blue Iris' started by jranalletta, Sep 30, 2018.

Share This Page

  1. jranalletta

    jranalletta Young grasshopper

    Joined:
    Dec 20, 2014
    Messages:
    51
    Likes Received:
    3
    Just about to ditch comcast for AT&T fiber w/ gateway router. Only concern is ability to use BI, i.e. port forwarding. Is it possible? Is anyone doing it?

    Thanks.
     
  2. Mike

    Mike Staff Member

    Joined:
    Mar 9, 2014
    Messages:
    2,428
    Likes Received:
    1,570
    Location:
    New York
    Should be. My buddy in Florida has AT&T fiber and inset him up with BI.
     
  3. Sapo Concho

    Sapo Concho n3wb

    Joined:
    Aug 30, 2018
    Messages:
    13
    Likes Received:
    5
    Location:
    Florida, USA
    I did port forwarding for something else with the at&t u-verse gateway some time ago, though now I know port forwarding is not as safe as other options available
     
  4. gwminor48

    gwminor48 Getting comfortable

    Joined:
    Jul 16, 2015
    Messages:
    1,602
    Likes Received:
    361
    Location:
    TX
    I have AT&T fiber with a gateway router model Pace 5268 AC. The service has been rock solid for me. I have my BI & cams on an Asus router in access point mode behind the AT&T router and it all works very well although I'm presently trying to get vpn working since I don't like the idea of port forwarding.
     
  5. Vettester

    Vettester Pulling my weight

    Joined:
    Feb 5, 2017
    Messages:
    177
    Likes Received:
    106
    You can just use stunnel to secure a port that is being forwarded. This adds a Transport Layer Security (TLS) to the open port. This protocol ensures privacy between the router and and your BI server.
     
    Last edited: Oct 1, 2018
    gwminor48 likes this.
  6. jranalletta

    jranalletta Young grasshopper

    Joined:
    Dec 20, 2014
    Messages:
    51
    Likes Received:
    3
    Thanks for all replies.
     
    gwminor48 likes this.
  7. TonyR

    TonyR IPCT Contributor

    Joined:
    Jul 15, 2014
    Messages:
    3,713
    Likes Received:
    3,447
    Location:
    Alabama
    Best option is an outboard VPN router. That addresses security issues presented when port forwarding.

    In many, but perhaps not all AT&T regions, no instructions, even those provided by AT&T themselves, to port forward on the Pace 5268C (they call the process "opening pinholes") or put it in 'Bridge mode' in order to use an outboard router...will work.

    You can spend fruitless hours speaking with AT&T support or reading pages and pages of 'solutions' on various online forums and get no further than you are now.

    I won't bore anyone with how I got port forwarding to work on an AT&T uVerse with a Pace 5268AC locally (I used an outboard router) because it very likely won't work in YOUR area.

    Don't ya just love AT&T? Who else would change a term like "port forwarding", which works just fine and is not broken, to "opening pinholes"? Or provide a residential 4G/LTE cellular router/hot spot with configurable features like "port forwarding", "DMZ" and "VPN Pass-thru", none of which work?

    I cannot believe the SEC allowed them to gobble up DirecTV. What's next....Sirius/XM? Or Bank of America? GM?

    I feel so much better now. Well, not really.:banghead:
     
  8. jranalletta

    jranalletta Young grasshopper

    Joined:
    Dec 20, 2014
    Messages:
    51
    Likes Received:
    3
    Well, there's another contender in the market: Verizon 5G. Our neighborhood not covered yet. Another option and lots of questions.
     
  9. TonyR

    TonyR IPCT Contributor

    Joined:
    Jul 15, 2014
    Messages:
    3,713
    Likes Received:
    3,447
    Location:
    Alabama
    And getting a public IP on a cellular hotspot (to access BI remotely, for example) is like pulling teeth, from what I hear. :facepalm:
     
  10. jranalletta

    jranalletta Young grasshopper

    Joined:
    Dec 20, 2014
    Messages:
    51
    Likes Received:
    3
    Hey, boys and girls. I think the problem is solved but will know for certain tomorrow.

    This YouTube video explains how to make nice between your current router and the AT&T Gateway. Uverse fiber (100 meg) installed today.

    The only hitch so far appears to be the need to reset the hard ip addresses in each of the cameras. Will do that tomorrow.

    Having to change he cam ip addresses is due to having to change the lan ip in your router per the video. See min 5:50.
     
    Last edited: Oct 17, 2018
  11. J Sigmo

    J Sigmo Known around here

    Joined:
    Feb 5, 2018
    Messages:
    682
    Likes Received:
    662
    Preach, brother. Preach!
     
  12. jranalletta

    jranalletta Young grasshopper

    Joined:
    Dec 20, 2014
    Messages:
    51
    Likes Received:
    3
    Knowing as little as I do re: network technology, I assume too much. The BI service on :8282 is not accessible thru the ATT gateway. Oh well.
     
  13. gwminor48

    gwminor48 Getting comfortable

    Joined:
    Jul 16, 2015
    Messages:
    1,602
    Likes Received:
    361
    Location:
    TX
    You probably had the port forwarded in your old router unless you had vpn which is much better than forwarding a port. The AT&T routers call this "pinholes" in the firewall. You can do this on your new AT&T router too if you want, it's just the risk of port forwarding.
     
  14. TonyR

    TonyR IPCT Contributor

    Joined:
    Jul 15, 2014
    Messages:
    3,713
    Likes Received:
    3,447
    Location:
    Alabama
    Yep, same "pinholes" as above, too...which don't work anyway in a metro area near me.
     
  15. gwminor48

    gwminor48 Getting comfortable

    Joined:
    Jul 16, 2015
    Messages:
    1,602
    Likes Received:
    361
    Location:
    TX
    Ah, I had forgotten you put that in the thread earlier. I had BI working on mine for quite awhile on the old gateway and on the new Pace gateway until I recently managed to get vpn working and removed the pinhole for BI. I'm in Dallas area for what it's worth.
     
  16. jranalletta

    jranalletta Young grasshopper

    Joined:
    Dec 20, 2014
    Messages:
    51
    Likes Received:
    3
    We'll, I'm not the sharpest knife in the drawer when it comes to understanding how all this stuff works and bow to everyone's wisdom; however, following the instructions in the video and creating a pinhole for the BI service; and, updating the camera's IP addresses, it all works just as it did pre-ATT, taking the "risk of port forwarding". Thanks to all.
     
    gwminor48 likes this.
  17. gwminor48

    gwminor48 Getting comfortable

    Joined:
    Jul 16, 2015
    Messages:
    1,602
    Likes Received:
    361
    Location:
    TX
    I'm happy to hear you got things working again.
     
  18. TonyR

    TonyR IPCT Contributor

    Joined:
    Jul 15, 2014
    Messages:
    3,713
    Likes Received:
    3,447
    Location:
    Alabama
    This was in Jasper, AL area. It was over 3 years ago, had to do port forwarding on secondary TP-LINK router on different subnet, created a pinhole in the Pace 5268AC to allow the TP-LINK; ran cable from Pace's LAN to TP-LINK WAN, sure it was a double NAT but with 25 Meg down on the AT&T uVerse it was plenty fast, no noticeable slowdown. BTW, was unable to put the Pace in 'bridge mode' either, even following AT&T's online instructions specifically for that model.

    About 6 months ago I approached client to install VPN, he refused changes, additional costs, etc. for new VPN setup (he's on limited income). After I explained risks, he decided for me to pull out secondary router, remove pinholes in Pace 5268AC. Now he just views his cams on Blue Iris while at home. But it ran great for 3 years.

    I think if you visited 15 different AT&T territories across the U.S. you'd discover 15 different policies, hardware restrictions, etc.. And it's been my personal experience that out of 3,000 customer service reps (that's a made up number) that you could possibly speak with, maybe 2 could (or would) have the knowledge to be able to help you....and they're always helping someone else.
     
    looney2ns and gwminor48 like this.
  19. dt-cam

    dt-cam Young grasshopper

    Joined:
    Dec 9, 2016
    Messages:
    69
    Likes Received:
    7
    You should look into openVPN. Instead of opening port(s) for Blue Iris, you'd be opening port(s) for openVPN, but now you are only dealing with openVPN port(s), certificate and/or user/pass and you'd have access to your entire network, instead of Blue Iris. Connecting from a mobile app outside your network only takes a few seconds.