2700 in Bridge mode

[Tacitus]

Is it possible to run a 2700 in Bridge mode?  What I want to do is to use the 2700 as a modem on a PPoA connection to present the external IP address to a PPoE Firewall which would then take over the NAT and Firewall functions - mainly so I can use a VPN.

The only reference I can find to Bridging is in the encapsulation settings.  It's running firmware 5.29.107.12

[MisterW]

It's quite well hidden but Try here http://home/xslt?PAGE=J30&THISPAGE=J32&NEXTPAGE=J30
Uncheck the 'Enable routing' box
Hope that helps

Edit: if your firewall can do Static IP instead of only PPPOE then you could always use the 'Public Routed subinterface' and 'Public proxied Subnet' here http://home/xslt?PAGE=C06&THISPAGE=C01&NEXTPAGE=C06
Thats the way we run our 2700 to the firewall in the office. You seem to have to check both options to get it to work though. You then just give your firewall your public ip as a static. The advantage of this is that the 2700 still operates on its configured local subnet e.g 192.168.x.x and provides DHCP leases. This means that in our office we can let visitors/clients directly connect to the 2700 ( either wired or wireless ) and they can have access to the internet without getting anywhere near our internal network.

[Tacitus]

Thanks for this. 

I'm away now for a few days but I'll give it a try when I get back.  The 2700s are more versatile than I thought, but it really is a shame they don't do some serious business kit.  Either that or a single port modem that is easily configurable to Bridge mode for use with an external firewall.  AFAICT there's only Draytek, Netgear and (I think) Zyxel offer single port modems that fit the bill.

[Tacitus]

Just one point.  When connecting the 2-Wire to the external firewall, is it necessary to use a specific ethernet port?   For example the Draytek 120 has four ports and I think it's only Port 1 that is usable for connecting a firewall. 

Like the 2-wire in Bridge mode, with the Draytek you need a second connection to get the stats. 

[MisterW]

When connecting the 2-Wire to the external firewall, is it necessary to use a specific ethernet port?

Nope, you can use any port.

[Tacitus]

Nope, you can use any port.

OK thanks 

[Steve]

Just one point.  When connecting the 2-Wire to the external firewall, is it necessary to use a specific ethernet port?   For example the Draytek 120 has four ports and I think it's only Port 1 that is usable for connecting a firewall. 

Like the 2-wire in Bridge mode, with the Draytek you need a second connection to get the stats. 

The Draytek Vigor 120 I use has only one ethernet port.

[Tacitus]

The Draytek Vigor 120 I use has only one ethernet port.

They must have changed then.  I must be thinking of the the early 100 model which had four ports.

[Steve]

So could I use a 2700 in bridge mode with my Airport Extreme Base Station via PPPOE

[Tacitus]

So could I use a 2700 in bridge mode with my Airport Extreme Base Station via PPPOE

Don't see why not    You would connect from one of the ports on the 2700 to the WAN interface on the Airport - I think there's a PPoE setting somewhere.   The only thing is that, AFAIK (could be wrong), the Airport only has a NAT firewall rather than using SPI.  The 2700's firewall is actually rather good, just a pity it doesn't do VPN.

I'm not clear how you would use the Public Routed Subinterface/Public Proxied Subnet (NAT/Routed) settings under the Local Network -> Advanced settings tab on the 2700.  Don't think you can with the Airport, but you probably wouldn't want to split your network to allow guest access via the 2700 like MisterW describes above.

If you do try it I would check it's all working OK by doing a port scan via Gibson Research or similar.

[Tacitus]

Simple question rather than start another thread.

In the 2-Wire settings there is a 'search domains' setting which defaults to gateway.2wire.net.  Given that the DNS servers I'm using are iDNet, what should this setting be?  I'm guessing idnet.net but is this correct, or doesn't it make any difference?

Also what exactly are the BT Fusion settings used for?  Can they be used as an alternative to the ordinary wireless settings?

[MisterW]

In the 2-Wire settings there is a 'search domains' setting

Not sure where that is , can you point me in the direction of which settings page that is on ?

Also what exactly are the BT Fusion settings used for?

BT Fusion enables you to setup a separate Wifi network. It operates on the same channel as the primary but has a different SSID and password. More importantly it allocates IP addresses from a different pool to the normal wired & wireless pool. This means that anyone connected on the Fusion network can get to the internet but NOT to your normal internal network. Means you can let visitors etc use the Fusion wifi without fear of them compromising your own network.
NB I don't think you can change the encryption mode on Fusion, its WPA-PSK only.

[Tacitus]

Not sure where that is , can you point me in the direction of which settings page that is on ?

It shows up under 'search domains' on the iPhone wifi setup when my iPhone is connected, so I assumed it was a setting under the 2-Wire.  Since posting I've done a thorough search and can't find it under anything on the 2-Wire so have simply set the iPhone to idnet.net.  I think it may be to do with manually setting DNS servers, but it doesn't seem to make any difference what it is set to.

I assume that under Broadband Link Advanced Settings ->broadband DNS, the domain name should be idnet.net if the idnet DNS servers are input manually?  It seems to find them automatically so it probably doesn't matter. 

I've set it to automatically get the IP address, since I seem to remember from somewhere that a manual setting upsets the load balancing at iDNet Towers. 

BT Fusion enables you to setup a separate Wifi network. [SNIP]  More importantly it allocates IP addresses from a different pool to the normal wired & wireless pool. This means that anyone connected on the Fusion network can get to the internet but NOT to your normal internal network. 

Incredibly useful.  Must admit I can see why people rave about the 2-Wire.  Given they are generally £20/25 tops on eBay, they have to be an absolute steal. 

Thanks for clearing up these points.  Very helpful.

PS is there any way of clearing unwanted/unkown devices from the local network list, short of a complete reset?

[MisterW]

I assume that under Broadband Link Advanced Settings ->broadband DNS, the domain name should be idnet.net if the idnet DNS servers are input manually?  It seems to find them automatically so it probably doesn't matter.

I've always used the Automatic option with all of my 2700's, even here in the office, and it works fine.

PS is there any way of clearing unwanted/unkown devices from the local network list, short of a complete reset?

If its v5 firmware then http://home/xslt?PAGE=J21&THISPAGE=A02_POST&NEXTPAGE=J21 and then use the
'Clear Network' button.

[Tacitus]

If its v5 firmware then http://home/xslt?PAGE=J21&THISPAGE=A02_POST&NEXTPAGE=J21 and then use the
'Clear Network' button.

Thanks that did it.    I had a device listed that I couldn't figure out what it was.  It was probably the Mac Mini that my nephew brought round for me to look at, but I couldn't reset the list to find out.

[Baz]

is it possible to tell the firmware version from the box of a 2700 if its still sealed.

one being sold on the bay

[Baz]

people must be getting wise to these been good as a lot of them on ebay are starting from £10+

[Rik]

Ask the seller, Baz.