Archive for January 31st, 2012

January 31, 2012

AT & T U-Verse Business Class. Really?

Over weekend one of our clients moved to new offices. Since the timeline was tight, their primary Internet connection wouldn’t be ready for another couple of weeks. So we decided to get them up and running on their backup connection: AT&T Business Class U-Verse.

The router came up easily and we were able jump out to the Internet. The next step was to get their locally hosted applications working (email etc.) and we wanted to configure our client’s Sonicwall firewall to work with AT&T’s 2Wire 2701 router.

After awhile we bailed on that option. Normally we would configure the 2Wire in bridge mode essentially making it an Ethernet switch. Unfortunately due a unique type of authentication, you can’t do that with U-Verse. Then we thought, why not just open up all traffic from the 2Wire to the Sonicwall and let the Sonicwall do the filtering.  Nope, you can’t do that either. The only way to enable that on the 2Wire is to place the Sonicwall in a DMZ (they call it DMZ Plus) – but on the 2Wire you can’t place a device with a statically assigned IP in a DMZ, it has to be in 2Wire’s DHCP range. Huh?

Okay fine – for a few weeks, we decided that we could use the 2Wire as the firewall and bring the Sonicwall back when the primary connection was up. The next step was to configure NATing and some firewall rules to allow outside traffic to the appropriate hosts. Easy stuff right? Not so fast. You can’t simply type in a LAN IP address and forward traffic – the 2Wire has to detect it the LAN first. And the 2Wire doesn’t detect anything on the network without some ‘coaxing’.

We wrestled with it for a while and finally got the firewall configured to forward the correct ports. But it still didn’t work. After about 6 hours on the phone with various agents at AT&T Tier 2 support, we ultimately found the guy that knew the answer. The ports were blocked by default at AT&T’s end. About 30 seconds later we were up and running.

Conclusion – if you have a small business that needs to connect to the Internet and you don’t host any applications locally – U-Verse will work for you – otherwise I would stay away….

Further more AT& T needs to do a much better job training its support personnel and documenting their system. We have IT clients all over the Bay Area and we’re in a position to recommend or not recommend ISPs…