In this blog, I will walk you through setting up your Uverse gateway to allow all traffic to properly pass through to your pfsense router or any other router.
While this blog is aimed at configuring a Uverse gateway with static IP addresses, most of the information is the same for configuring a Uverse gateway with a dynamic IP. If you need to configure more than one static IP address into your pfsense router, then you will need to setup CARP virtual IP addresses which is beyond this tutorial.
First you must have a working Uverse gateway that has been installed by an ATT tech. Do not connect your pfsense router yet. On the gateway, you will find a sticker that contains the information you need to connect to the device. The default IP is usually 192.168.1.254, so fire up a browser and head to that IP address. If you are prompted for a password, it is the password on the side of your Uverse 2wire gateway.
Once you are logged in, go to the settings tab and then to the broadband tab. If your ATT tech already configured your static IP addresses, then your router address and Subnet Mask will already be entered in. If you have a block of 5 static IP addresses, then your subnet mask will be the same as below. If your static IP addresses have not been configured, you will have to get the Router Address (Gateway IP) from ATT support. Make sure the check box for Auto Open Firewall is checked.
Save the page if you made any changes (most likely). Now it is time to configure your pfsense router. Connect your computer to the LAN of your pfsense box. Connect into the pfsense web administration (default IP: 192.168.1.1, default Username: admin, Default Password: pfsense). Go to Settings -> Routing to access the list of gateways. Click the add gateway button and you will then select your WAN interface, enter in a gateway name, and enter your gateway IP address (Router Address in the Uverse Link Configuration page). You will also need to check the Default Gateway box.
Now that the gateway is configured, you will need to setup your WAN inteface. Go to Interfaces -> WAN (or whatever your WAN is named such as UVERSE). You will need to select Static from the Type dropdown. Then enter in an IP address that is in your usable range and select the gateway that you configured in the previous step. You will also have to select the subnet mask (/29 for a 5 static IP address block).
Now that your pfsense router is configured with your static IP address, plug the WAN port of your pfsense router into one of the network ports on the Uverse 2Wire gateway. Connect your computer to one of the other ports on the Uverse gateway and log back into the Uverse gateway web page as we did in the first step. Go to the Settings tab, then the LAN tab and then the IP Address Allocation link. If you configured your pfsense router correctly, it should have pushed the static IP into this page. You might also see your computer in this list, do not worry about it. Make sure your pfsense router is listed on this page and that the settings look similar to the image below:
If your firewall on the device shows disabled like the image above, you can skip this next step. If your device has the firewall enabled, you will need to go to the settings tab, then the firewall tab and then the Applications, Pinholes and DMZ link. On this page you will select your pfsense router from the devices and then select the last option (Allow all applications) which will essentially turn off the firewall. Then hit the save button.
Your gateway should now be passing all incoming traffic to your pfsense router. This last step is optional. Go to the settings tab, then firewall tab, then Advance Configuration link. This is my working configuration below, I let the gateway handle some basic firewall functions. If you would like to completely disabled the gateway firewall, you can uncheck Stealth Mode & Block Ping under Enhanced Security. It is best to leave the timeouts alone. You can also uncheck all of the items under Attack Detection since your pfsense router will be handling these.
Once you get your gateway working, try to avoid changing WAN ports. The Uverse gateway associates that static IP address to your pfsense WAN MAC address. I recently built a new pfsense box and ran into a few problems trying to get the Uverse gateway to let me use that same static IP with a new MAC address. Leave any questions or comments below.
11 thoughts on “Configure Uverse Gateway (Static IPs) with pfsense router”
Thanks for posting this. Could not have gotten my PFSense box using Uverse without it.
Great post. Do you have a good reference for creating a VPN IPSEC session through to the network the pfsense box is on?
This might help, I usually do OpenVPN or PPTP so I am not so sure about the IPSEC setup.
Great tutorial. I have set my Pfsense with my new U-verse connection. I can access the gateway’s page by typing in it’s IP from the Pfsense box my laptop is on. But I can not get interet access for some reason.
I can get internet perfect when I have the laptop plugged straight to the gateway though.
What brand Uverse gateway are you using? I know the new bonded connections are using a new Arris gateway device. You might have an IP conflict since both the Uverse gateway and Pfsense are setup with similar IP ranges. You might need to change one or the other to a different IP range. I recently set up some of the new Arris gateway devices and they are a bit different from the older 2Wires. They have a different firewall setup than the 2Wires which can be a bit trickier to setup.
It’s a Pace 5031NV model. The gateway gets the IP x.x.x.153 and from the step listed I have put the RG IP as x.x.x.158 under System: Gateways on Pfsense.
I switched the IP under Interfaces – WAN to some of the other ranges and restarted, but I still can’t get internet.
This might help: http://forums.att.com/t5/Third-Party-Devices/How-to-Bridge-PACE-5031-NV-to-3rd-Party-Router/td-p/3612175
Are you sure that you have the pfsense WAN set to DHCP instead of static? Can you see the pfsense in the list of devices on the Pace gateway?
I know the gateways can be weird with DHCP so you might want to try reseting the gateway settings to clear the current DHCP allocations.
I have not personally worked on the Pace modem but I have heard the menus are similar to the 2wire menus.
Let me know if you make any progress.
Having similar issues. I built my PFSENSE box and have the NVG599 router. Are these using business class services or home services? I have done this once before but a few years ago and setup my WAN IP on my pfsense box on the same subnet as my att gateway, then created another LAN segment (VLAN) with a different subnet for my LAN leaving my pfsense box.
Can you assist me with setting mine up?
I wrote this blog based on my experience with the business class service with static IPs. I actually just reconfigured all 5 office last year when they upgraded to the faster AT&T speeds and had to get new gateways installed. What issues are you having getting it setup?
Could you provide a example of a setup using AT&T ARRIS NVG599
does this method for setting up the Gigapower Uverse gateway still work? I just got mine setup in my new home and wanted to get my system setup and running using my pfsense firewall?