
New Member
•
2 Messages
Can I connect my fiber directly to my own firewall w SFP/transceiver?
Hi Guys,
It's probably been asked about before. I have an SMB firewall in home (a Zywall USG Flex 200) and would strongly prefer not to have to use the ATT router/wireless if at all possible. My firewall has an SFP+ and I can get whatever transceiver I need for the provider's connection. I'm plenty technical and willing to spend time on experimenting. Has anyone been successful at fully bypassing the provider's equipment?
I'm not asking if it is supported by AT&T, but
(a) is it a violation of our T&C to not use the provided equipment if I already have a better device that appears it could work, and
(b) is it technically possible to not need AT&T's modem with their fiber service? And if possible to omit their equipment, what do I need to know about the service or any issues discovered.
Thank you in advance.
-Steve
Accepted Solution
Official Solution
JefferMC
ACE - Expert
•
33.5K Messages
2 years ago
There's a couple of issues that you'll run into for a consumer and/or small business GPON/XPS-PON shared fiber installation:
1) AT&T has to configure the ONT to work on their network, and that must be done by the AT&T installer who installs that ONT. It cannot be done over the phone with a CSR or online, or via any other mechanism. So, you have to have an AT&T installed ONT.
2) A device has to respond to a request that arrives via that ONT with the proper certificate showing that it's an AT&T-provided device with AT&T's firmware in it. That's supposed to be done by the AT&T-provided Gateway (BGW210, 5268AC).
AT&T actually now uses an all-in-one device, the BGW320 which has the ONT and the Gateway in one enclosure, and uses an SPF+ media converter to connect the fiber to the BGW... but they seem to be having an easier time of getting Nokia 020 ONTs at the moment so some people are getting them. 2 gbps and 5 gbps service require a BGW320.
(edited)
0
sweltman
New Member
•
2 Messages
2 years ago
Hi JefferMC... Thank you very much for a super-fast response.
I think I let the tech go too early then, is what you appear to be saying, because I needed AT&T to install a certificate on my firewall to recognize my device (which, I can appreciate; not a bad plan) as if it's 'their' ONT for my services to operate.
I see your point... Ok... I can deal with their modem in line. In all reality, not what I prefer, but not a giant deal breaker either. All I really gain is one less thing to operate on my UPS.
One small point of clarification; I ended up purchasing the 1G service for now, so I didn't get the newer BGW-505... just the BGW-500. I also haven't looked into the Nokia 020 ONT at all. But based on your previous point, it appears that a physical visit is needed to load a certificate on to a Nokia or my firewall, so either way, it's a service call.
Ok.. Question answered.. I am resolved to use their modem on the outside and in passthrough mode and we'll see the next step looks like soon.
Thank you again for your time and thoughtful answer.
Best!
Steve
0
0
JefferMC
ACE - Expert
•
33.5K Messages
2 years ago
The BGW320 comes in two variants, the -500 and the -505. Neither is "newer," they're just made by different manufacturers and are supposed to be functionally equivalent. (Yes, there are probably subtle differences, don't know what any of them are).
I've never known a tech to register anything but an AT&T ONT. For most people, IP Passthrough on the BGW320 just works.
0
cinderblock63
Participant
•
5 Messages
1 year ago
0
0
JefferMC
ACE - Expert
•
33.5K Messages
1 year ago
1) We cannot discuss such information on this forum. AT&T requires the use of their equipment, any information to facilitate bypassing their equipment is forbidden by the Community Guidelines.
2) Ditto.
(edited)
0
0
cinderblock63
Participant
•
5 Messages
1 year ago
I am in no way trying to bypass AT&T's equipment. On the contrary, I'm trying to authenticate securely and directly to AT&T's equipment.
0
0
JefferMC
ACE - Expert
•
33.5K Messages
1 year ago
Oh, really? Then how should I have interpreted this:
The ONT (either in a separate box or in the Gateway that they require you to use) is AT&T equipment. How can you "skip their ONT entirely" but not "bypass AT&T's equipment."
Oh, right... you only meant that you didn't want to bypass the AT&T equipment outside your home. Well, that's not a distinction AT&T makes.
0
0
cinderblock63
Participant
•
5 Messages
1 year ago
It's a huge distinction. AT&T's demarcation point is outside of my home. If I cause problems inside that line, it's my problem. Otherwise, it's theirs.
0
0
JefferMC
ACE - Expert
•
33.5K Messages
1 year ago
DEMARC is an old tariffed telephony terminology. AT&T is very inconsistent these days about how they terminate the fiber as it enters your home. They may run the outside drop straight to a wall plate next to your ONT/Gateway.
and
0
0
cinderblock63
Participant
•
5 Messages
1 year ago
"AT&T will make available to you certain equipment" indicates it's not required. I don't need the "WG" part of the "Service". I see they are allowed to charge me for it, even if I don't use it.
I wish them luck in remotely managing my router. I watch hackers try all the time.
0
0