Skip to content

heckler1/bgw210-700_bypass

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
00-netplan.yaml
00-netplan.yaml
 
 
00-netplan_hook.sh
00-netplan_hook.sh
 
 
README.md
README.md
 
 

Repository files navigation

Bypassing BGW210-700 with Ubuntu

These are the configs to use an Ubuntu 18.04 VM as a bypass for the AT&T BGW210-700 Residential Gateway.

The general concepts and configs behind this guide are based on the excellent post here by Matt Haught. I have adapted the network configs for Ubuntu, and am using an external router instead of the Linux VM as a router, but the underlying principles are the same.

Note: If all of this works right, you will get a red "Broadband" light on the BGW210. This is due to the gateway being unable to get a DHCP lease from AT&T.

Topology

# Interface names are from the perspective of the Ubuntu VM - see 00-netplan.yaml

            ONT 
   ens192f1--|                                (ens192f0 + ens192f1 = br0)
             |                                                        |
ens160---< UBUNTU --ens192f0--- BGW210                                |
     |       |                                                        |
     |       |--ens256                                                |
     |    SophosUTM                                       (ens256 + vlan0 = br1)
     |       | 
     |----> LAN

Required Materials

  1. ESXi Host. THis will run an Ubuntu VM to bypass the BGW210, and a Sophos UTM VM to serve as the gateway/firewall. I use a standalone SFF PC for this, as I prefer to have my router seperate from the rest of my virtualization stack.
    1. Hardware
      1. 4 cores/8GB minimun for 1Gbps connection
      2. Atleast one physical NIC, plus a PCI addon card with more NICs, dual or quad port Intel preferred.
    2. Config
      1. One vSwitch attached to the LAN, I just use the onboard NIC for the management network and the LAN vSwitch
      2. One private vSwitch for traffic between the Ubuntu VM and the Sophos VM
    3. Ubuntu 18.04 VM
      1. 1-2 vCPUs
      2. 1GB RAM should be plenty
      3. 4 NICs, atleast two of them physical, from the Intel card.
        1. The two physical NICs should connect to the ONT and the BGW210. They are ens192f0/1 in the above topology
        2. One virtual NIC (in the example, ens160) should connect to the standard LAN. This should have a static IP address or a static DHCP lease, so that SSHD can be bound to a specific IP. This is important because this server will directly face the public internet. This could also be a physical NIC if you have a quad port PCI card.
        3. A second virtual NIC attached to the private vSwitch. This is ens256 in the example.
    4. Sophos UTM VM
      1. 4+ vCPUs
      2. 4GB+ of RAM
      3. 2 or more NICs, all virtual
        1. One NIC attached to the private vSwitch shared with the Ubuntu VM
        2. One NIC attached to the LAN that this VM is the gateway for.
        3. Any number of other NICs for any VLANs you may have. Add any VLANs you are sure you need at creation time, as adding them later may renumber your NICs

Ubuntu VM Setup

  1. Install 00-netplan.yaml to /etc/netplan/
    1. Modify the interface names to match your environment
  2. Install 00-netplan_hook.sh to /etc/networkd-dispatcher/configured.d/
    1. Modify the interface name to match your environment
  3. Configure the ListenAddress directive in /etc/ssh/sshd_config to only listen on the IP address assigned to the LAN interface.

Sophos UTM VM Setup

  1. Configure the WAN interface with the MAC of the ONT port on the BGW210
    1. Browse through the WebAdmin consle to Interfaces & Routing --> Interfaces --> Hardware
    2. Edit your WAN NIC
    3. Set the "Virtual MAC" to the correct address

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages