How to bypass AT&T Router

There are many reasons you might want to bypass an AT&T router.

Some people complain that the router is limited in specific ways that prevent you from configuring your network the way you might want to.

The most rational reason is that you will have one less variable that might effect your internet speed. I just like the idea of having one less thing plugged in all the time. Plus, it just feels right (if you are here reading this, you know what I mean).

INFO This doesn't allow you to increase your AT&T service speed outside of your paid speed tier. That is controlled on the ONT not on the router.

WARNING This guide will interfere with the AT&T router phoneing home to tell AT&T that your internet is working as intended. If you ever need to call AT&T because of service outages or an AT&T technician is at your house, you will either have to plug back in the AT&T router or convince them that it is working even though their system likely says your router is not giving them the "internet working as intended" sign.

WARNING If you have any other AT&T services like TV or phone that go through your router you will not be able to completely remove your router so the best you can do is put it in DMZ mode, or you may be able to do some advanced routing using the second bypass method mentioned (but not explained) in the overview section.

Overview:

  1. The simplest is to put it in DMZ mode (which doesn’t really bypass it but it does remove any default firewall rules that might interfere with incoming connections).
  2. The second and more complicated way is to set up your own router in between the ONT (fiber gateway) and the AT&T router that handles all internet packets and routes only auth packets to the AT&T router (not covered in this write-up).
  3. The third and most complicated way is to unplug the AT&T router fully and use your own router with some extracted certs from any compatible AT&T router (that is not currently being used by anyone else) and let your own router do the 802.11x auth using wpa_supplicant (this guide)
  • Getting AT&T certs (tested hard way)

Downgrade AT&T router to a specific firmware

Disassemble AT&T router

Solder header pins

Connect to the AT&T router root interface using USB to TTL UART

Copy files from AT&T router to a USB stick

Decode those files on your computer

  • Getting AT&T certs (untested easy way)

Downgrade AT&T router to a specific firmware

Download an executable and run it while plugged in over ethernet

  • Setting up your router to authenticate using AT&T certs

Copy certs to your preferred router

Setup WAN on eth0.0 (VLAN 0 tagged over eth0)

Spoof MAC address on eth0 and eth0.0 to the one from AT&T router

Write a script/service to authenticate eth0 using wpa_supplicant

Requirements:

BGW210 range from $20 — $150

Wouldn’t pay more than $40

You could also skip purchasing a gateway and purchase certs, but YMMV I can’t vouch for any of the eBay sellers and they range from $40 — $100 for the necessary files.

Doesn’t have to be this one

This adapter is needed to get root access to the AT&T router.

  • Male Header Pin

These pins can be soldered to the AT&T router for a physically stable connection to the board. Otherwise, you can have a friend touch the wires to the points on the board (much more tedious).

  • Soldering Iron (if using the header pins)
  • USB stick (FAT32 formatted)
  • A router that can run OpenWRT or VyOS

This guide will provide instructions for either

pcengines apu2 (OpenWRT)

$120-$150 shipped from their website

This router is overkill for most purposes but performs very well with OpenVPN if you are interested in using it for a VPN enabled router at close to gigabit speeds.

Hint: To purchase click shop and fill in the quantity box, for apu2e2, a case, a power adapter, and an SSD. Click the cart tab and checkout.

If going this route make sure you have a USB to Null Modem cable to setup OpenWRT

OR

Edgerouter (VyOS)

Used for $30-$50

New for ~$60

Affordable, configurable, and reliable

Please checkout this gist for the most up to date instructions.

Willy Hardy is a Data Scientist at Red Hat