Port forwarding on ATT BGW210-700 - AT&T Uverse in California

OK, like many others, I could not get ARC to stream other than using WiFi. After many attempts, I was successful in configuring my ATT router (BGW210-700) using the following steps. Inspect the router stickers to find the “access code” and write it down for later. The IP address is usually 192.168.1.254

You will need to find the IP and MAC address of your Roon Core, in my case a Nucleus+
I am running Win 10, so after launching Roon, I used the command prompt (CMD) to verify that my core was on the network. There are several ways to get the MAC address from the IP address, I won’t go into that here, Google is your friend.

Then on my network connected laptop, I used the browser to type in the router IP address (192.168.1.254) which opens my AT+T
router configuration screen.

You likely will be prompted to enter your router “access code” at some point.

First thing I did was go to the “Firewall” tab, then the sub-tab “Firewall advanced” and turn ALL of the buttons you see to OFF.

Then I went to the “IP Passthrough” tab, changed the “Allocation mode” to “Passthrough”, and the “Passthrough mode” to “DHCPS-fixed”

Then on the “Passthrough Fixed MAC Address” click on the “device list-choose from list” where you will see a LOT of choices. If you see your core listed, select it and it will auto-fill in the Mac address. In my case there was an entry named “ROCK” that had the same MAC address of my core that I had already discovered. If your core is NOT listed, you can enter the MAC address manually in the indicated “manual entry” box. Hit the save button.

At that point I thought everything was setup correctly, but when I logged onto Roon and went to the ARC page, it was still not showing an ARC connection to my core. I then rebooted everything… router, core, laptop and iphone that had ARC installed on it. After I did that, ARC worked on my phone even with wifi disabled.

Hope this helps others.

@Ronald_Gibson, I note from another post that your diagnostic message was…

{
“connectivity”: {“status”:“NetworkError”,“status_code”:504,“error”:“error: Error: ETIMEDOUT, response code: undefined, body: undefined connected? undefined”},
“external_ip”: {“actual_external_ip”:“108.aaa.bbb.ccc”,“router_external_ip”:null},
“natpmp_autoconfig”: {“status”:“NotFound”},
“upnp_autoconfig”: {“status”:“NotFound”}
}

This usually means the port forwarding diagnostics you’ve provided suggest that UPnP is not properly configured on your router or not working correctly.

However, what you have done may expose your home network to all Internet traffic. Therefore, I advise that you enable the firewall, and disable pass-through immediately, until your precise setup is understood.

Once you’ve returned everything to the original configuration, please provide the follwing information.

• What is the make and model of your modem and router?
• Do you have any additional network hardware, like additional routers or managed switches?

Thanks!

That error message was prior to doing the final router setup that I described in a later post. Are you saying that what I did to successfully enable port forwarding has put my network at risk? If not, I am hesitant to undo the setup that is now working. Please advise.

The sheer number of people that are having ARC connection issues due to port forwarding issues sort of stretches Roon’s credibility that the ARC setup would, in most cases, automatically setup our routers without issue. Other than that, a great offering.

I am using this router: ATT BGW210-700
No additional hardware other that an eero mesh system, but disabled
ISP is AT&T Uverse in Los Angeles
Bridge mode…ran a diagnostic on Ethernet which indicates that Forward/Bridging test confirms that low layer forwarding and bridging are functional. I can find nothing on the router config page about UPnP

Based on the information you have provided, yes. Unless you have another router in your network, in addition to the AT&T, your network may be at risk.

What you’ve effectively done with this configuration is put your entire Core on the public Internet with zero protections. That was never the intention of ARC. You want to limit the exposure to the 1 ARC port; not the entire Core machine.

Here’s the instructions from AT&T on port forwarding. There are a couple different threads here with more details specific to ARC if you search your router model.

It’d be my recommendation to unwind what you’ve done and replace it with a port forwarding configuration.

Thank you @ipeverywhere, I was going to state the same thing. The BGW210 requires port forwarding in the NAT/Gaming section, and IP Passthrough should not be used for most home networks.

@Ronald_Gibson, are you able to follow the guidance provided by @ipeverywhere to configure a port forwarding rule on your BGW210?

I will redo using the NAT/gaming section as you suggest and report back. Thank you for alerting me to this security issue with my current setup.

OK, I did reset my router to defaults, turned off IP passthru, and followed the instructions in the AT&T link above. Everything seemed straightforward until I got to the section on “Hosted applications” I used the “custom services” tab, entered a device name, set the global port range to 56000/56000, selected protocol TCP/UDP, and host port of 56000. Then i go back to NAT/gaming and see the “Application Hosting Entry” area, where My entered Service is filled in with my device, and it wants me to select from the drop-down list “Needed by Device” list. This is where I get confused…what device am I supposed to select here? I tried one that named “uverse” but that won’t allow ARC to connect. There is another entry called “ROCK” and another that is “GatewayDEB4AD” PLEASE ADVISE!

UPDATE!!! It seems my problem was that I needed to set the port to match the ATT port to match the port that Roon ARC was showing in settings. BTW, I selected “ROCK” as the listed device in the “Needed by Device” field. All working now. Thanks for the assistance.

This topic was automatically closed 36 hours after the last reply. New replies are no longer allowed.