Re: AT&T U-Verse Data Setup Convention

[Keith Stokes <keiths () neilltech com>]

Access is not the only reason we ask for non-changing source IP addresses.

I’m not arguing the long-term sensibility of the approach. It’s arguably a legacy app and has 5000 endpoints that we 
have to still support until different solutions on our side are complete. That process is outside of my control.

On Jul 30, 2015, at 11:20 AM, Chuck Anderson <cra () WPI EDU<mailto:cra () WPI EDU>> wrote:

People need to really stop using Source IP as an ACL mechanism
whereever possible.  Have you considered using SSL certs or SSH keys
or some other sort of API key instead?  I'm mean, do you really want
to have to know how the technology of every ISP that every possible
SaaS customer may use to access your service is set up?

On Thu, Jul 30, 2015 at 04:02:06PM +0000, Keith Stokes wrote:
I’m wondering if some can share their experiences or maybe there’s an AT&T person here who can confirm policy.

I work for SaaS provider who requires a source IP to access our system to businesses.

Normally we tell the customer to request a “Static IP” from their provider. That term makes sense to most ISPs.

However, we’ve recently worked with an AT&T higher-up tech who told us that every U-Verse modem is locked to an address 
even when set to DHCP and will not change unless the unit is changed. Ordering a “Static IP” from them means your 
devices will individually get public addresses, which isn’t a requirement for us, isn’t quite as easy to add multiple 
devices and costs our customers more money.

Here are my questions:

1. Is it really accurate that the customer’s address is tied to the modem/router?

2. For my curiosity, is this done through a DHCP reservation or is there a hard coded entry somewhere?

3. Do all U-Verse modem/routers behave the same way? This particular unit was a Motorola but the friends I’ve seen with 
U-Verse use a Cisco unit.


---

Keith Stokes