Possible Fix for Internet Dropping Issue When Connecting Deco to AT&T Network

Occasionally, some customers may report that the client devices failed to access the internet when connecting our Deco to the AT&T modem and luckily with the cooperation of our customers, we are able to locate the problem and find a possible fix for it. We'd like to share how did the engineers work it out and most importantly, we believe this will help others who may experience a similar issue.

Issue Description: 

Network Topology will be like this: AT&T Internet --- AT&T Fiber Router (BGW210/BGW320) --- Main Deco --- Devices
 

When the issue happens, the main Deco would still stay green. However, all devices connected to the main Deco don’t have internet but devices that are connected to AT&T Router directly or AT&T Wi-Fi still have internet. This may not happen randomly but is more likely to be triggered by a series of events such as certain devices joining the network, or some special behaviors performed on a specific device.

Root Cause:

We will show you how the issue was located by some command lines: 

• DNS queries: still good which explains why the Deco units are still green.
• ICMP communications (ping command): rejected with Port Unreachable. 
• TCP communications (mainly used by all kinds of applications): rejected with TCP RST. 
• UDP communications: unknown yet. 

It seemed like something was interfering with the network and we knew it wasn't Deco since it had never been reported before on other services yet.

Upon further investigating, we noticed some special traffic from the client devices triggered the “Home Network Security”, or “Active Armor” on the AT&T router, which is a built-in network protection system that could monitor network flow, detect, and prevent threats.

Understanding this issue better, we will try to explain more. Under the network layout AT&T Internet --- AT&T Fiber Router (BGW210/BGW320) --- Main Deco --- Devices, the Main Deco is a client device of the AT&T Router and the AT&T Router cannot "see" those clients behind Deco due to NAT protection. So Deco will work as the network agent between them in order to make clients have internet service. Basically, Deco itself barely generates traffic and is not likely to trigger the Active Amor. However, with more and more devices joining the Deco network, certain traffics are considered “suspicious” by Active Amor. Its actions would be blocking this client from the internet for a period of time (Probably 30-60mins).

Possible Solutions:

Solution one: Disable “Home Network Security” on AT&T Router

• Access the URL http://192.168.1.254/cgi-bin/securityoptions.ha to turn it off.

Solution two: Change Deco into Access Point mode

• If you tend to enable Home Network Security, please refer to this link to change Deco to Access Point mode: How to set up Deco to work in Access Point mode.

If neither works, or you want to find out the trigger of the security system, please email tech support with the following information:

• The model numbers of the AT&T router and Deco.
• More details about what happened during the disconnection, such as a new device joining the Deco network.
• The model numbers of the clients that are connected to Deco.
• The frequency of disconnection.