[ale] isp questions

Alex Carver agcarver+ale at acarver.net
Tue Jun 16 16:35:03 EDT 2020


On 2020-06-15 18:22, Raj Wurttemberg via Ale wrote:
> I think that I have the exact configuration you are looking for.
> 
> - AT&T fiber goes into a U-Verse "modem"
> - Enabled the DMZ feature on one port of the U-Verse modem
> - pfSense firewall plugged into the DMZ port
> - pfSense shows my true IPv4 and IPv6 IP addresses
> - The DMZ passes _almost_ ALL traffic to the pfSense firewall
> - Inbound ssh and other high-ports work fine
> - I think inbound http/https, NetBIOS, and SMTP (tcp/25) are blocked by AT&T
> 

You can actually request all port blocks be removed.  I've done it
multiple times (each time I moved I had to request it again).  It takes
a minute to get through to the Level 1 call center that you're not
asking about the on-board firewall in the modem but actually removing
the blocks on their upstream equipment.  Then they have to go through a
"warning" that you can be subject to malicious attacks, etc.  After
that, no port blocks, the connection is wide open.


More information about the Ale mailing list