I've got a sucky AT&T router.

ingeborgdot

Pulling my weight
Joined
May 7, 2017
Messages
599
Reaction score
143
Location
Scott City, KS
I have an AT&T Pace 5268AC router. I'm trying to setup the the remote access wizard in BI but when I get to UPnP it's a no go. My router just doesn't have it. Port forwarding on this thing is a nightmare (at least it is for me). I'm tempted to switch to another company for internet but AT&T is giving me such a good deal it would cost me $600 more a year to switch.
Does anyone know what it would take to port forward on this router. I can't do much of anything with it that's for sure. It doesn't even have a good way to bridge to another router.
 

fenderman

Staff member
Joined
Mar 9, 2014
Messages
36,896
Reaction score
21,247
You don't want to use upnp.. bridge it and use another router
 

ingeborgdot

Pulling my weight
Joined
May 7, 2017
Messages
599
Reaction score
143
Location
Scott City, KS
Okay, no upnp. I couldn't if I wanted to with this router anyway.
I have done a lot of reading on the bridge of this damn router also. The link above I have read but talking to others it really won't do what I need it to do unless I am mistaken. I have been mistaken before but this router is just not user friendly. Does anyone know why AT&T does this crap and makes you use their router and then makes it difficult to use another router?
Unless you guys know something I don't which could be the case. You guys are phenomenal to say the least.
 

NoloC

Getting comfortable
Joined
Nov 24, 2014
Messages
701
Reaction score
454
That's a great forum. Didn't read the whole thread but seems like DMZ+ mode would be an option for you.
 

ingeborgdot

Pulling my weight
Joined
May 7, 2017
Messages
599
Reaction score
143
Location
Scott City, KS
Do you think port forwarding is safe? I think it may be better to try the DMZ mode and use another router like fenderman thinks I should. I need to keep researching even though there is not a lot of info that I have found on DMZ.
 

Machine

Young grasshopper
Joined
Apr 11, 2017
Messages
35
Reaction score
3
I port forward, but I do it to a separate VLAN. I only allow the BI port through the FW, and its a high port (greater than 1024). The network the BI machine is on does not have access to the internet, and only has access to the network where my cameras reside.

If you do port forwarding correctly, its safe.
 

fenderman

Staff member
Joined
Mar 9, 2014
Messages
36,896
Reaction score
21,247
I port forward, but I do it to a separate VLAN. I only allow the BI port through the FW, and its a high port (greater than 1024). The network the BI machine is on does not have access to the internet, and only has access to the network where my cameras reside.

If you do port forwarding correctly, its safe.
This does not provide any protection against someone viewing your cams.....for some, depending on where their cameras are location, its a huge deal.
 

Machine

Young grasshopper
Joined
Apr 11, 2017
Messages
35
Reaction score
3
For someone to view my cams, they would have to crack BI itself.
 

fenderman

Staff member
Joined
Mar 9, 2014
Messages
36,896
Reaction score
21,247
For someone to view my cams, they would have to crack BI itself.
yes, that is the same that would have to happen if you werent using a vlan at all...so obviously you have a concern that it can happen.
 

Machine

Young grasshopper
Joined
Apr 11, 2017
Messages
35
Reaction score
3
If you are doing a remote client VPN, it would still be possible for someone to access it if they crack your username/password, unless you are doing some type of multiple factor authentication.
 

fenderman

Staff member
Joined
Mar 9, 2014
Messages
36,896
Reaction score
21,247
If you are doing a remote client VPN, it would still be possible for someone to access it if they crack your username/password, unless you are doing some type of multiple factor authentication.
Do you know how long it would take to crack a decent username and password? Even cheap asus routers have brute force protection...
Note, I am not saying that your solution is a bad one, its good for most scenarios, just wanted to point out the issue..
 
Last edited:

Machine

Young grasshopper
Joined
Apr 11, 2017
Messages
35
Reaction score
3
Yeah, I know, and I am not disagreeing that the VPN is probably the best solution. I am just saying that port forwarding can be extremely secure if done properly.

I run a site-to-site VPN between my home and lake house, and use my BI at home to monitor my lake house cameras. I plan to eventually setup a BI at the Lake house, but the site-to-site VPN works for now.
 

ingeborgdot

Pulling my weight
Joined
May 7, 2017
Messages
599
Reaction score
143
Location
Scott City, KS
Okay, another question. At this point I don't have another router purchased to DMZ through as I will be researching it first. I will be leaving this weekend and I have decided to port forward not 81 though and wanted to be able to view my cameras when away. When I went through the wizard they mentioned about no-ip at the very end. I have a no-ip account and hostname from a couple of months ago but don't know how to use it with BI. Could you tell me where to look to find out how to do it or if you have used it how I would do that. I have found hundreds of videos and 99% tell how to install but not how I would use it for BI. Thanks.
 

ingeborgdot

Pulling my weight
Joined
May 7, 2017
Messages
599
Reaction score
143
Location
Scott City, KS
When looking for a router with VPN on newegg what choices do I need to check? There are many. PPTP, L2TP, PPTP VPN pass through, PPTP pass through, VPN pass through. What is the main one I would need?
 

NoloC

Getting comfortable
Joined
Nov 24, 2014
Messages
701
Reaction score
454
Look at the Asus. I have an RT-AC68U and it is very easy to set up for vpn (openvpn). I think @looney2ns just bought the newer version and is pretty happy with it.
Maybe he'll see this and respond.
 

looney2ns

IPCT Contributor
Joined
Sep 25, 2016
Messages
15,494
Reaction score
22,603
Location
Evansville, In. USA
@NoloC and @ingeborgdot

Yes, I bought the Asus RT-AC1900P, reason I bought it instead of the RT-AC68U is it has a little faster processor for basically the same price.
I'm happy with OpenVPN and the router as a whole.
 
Top