How To Configure PPPoE Bypass On The Bell HH4000 Hardware
Since I got Bell Fibe 1.5 Gbps service installed, I’ve got a few questions about how I set up PPPoE bypass so that I can use my own router. I planned on doing a write up about that after I work out the speed issues that I had with my ASUS hardware, but since enough people asked about this I am doing this today.
First, let me explain why I want to use my own router rather the Bell HH4000 router, which stands for “Whole Home 4000”. I never, ever use the ISP supplied gear as that’s a way for the ISP to lock you in as it makes it difficult to switch providers. Because doing so would require you to basically tear down your network and rebuild it every time you switch. On top of that, ISP’s don’t have the best track record in terms of making their gear secure. Meanwhile most router companies spend more time and effort to make their gear secure. As long as you choose your vendor carefully, using a third party router is better from a security standpoint. Plus if you change ISP’s, at best it’s unplug one cable from the ISP’s hardware and plug the new ISP’s hardware in if you switch. At worst you have to do that and a bit of configuration on both the ISP’s hardware and your hardware. In the case of Bell, it’s the latter.
Now Bell’s HH4000 comes with the ability to do what’s called PPPoE bypass. In short, you type your PPPoE credentials into your router, and it passes them to the HH4000. Then assuming that they are correct, the HH4000 gives the router an external IP address and you’re good to go. It’s clean and simple and mostly works. I’ll explain the mostly part in a moment. But here’s all I had to do. Starting with the cabling:
- Connect A CAT 5e or CAT 6 cable from HH4000 10Gbps Port which is the silver one on the right hand side on the back of the HH4000 to the WAN Port on the router
On the HH4000 side, I had to log into it and do some setup there:
- Go to 192.168.2.1 and be prepared to type in your HH4000 password
- Go to ‘Manage my Wi-Fi’ and do the following:
- Change “Whole Home Wi-Fi” to OFF.
- Under “Primary Wi-Fi network” click on “Advanced settings”.
- Uncheck “Keep a common network name (SSID) and password for both 2.4 and 5 Ghz bands.”
- Turn OFF the 2.4GHz network but leave the 5.0GHz on so that you can get back into the HH4000 if you need to.
- Turn off Guest Network
- Click “Save”
- Click on “Advanced Tools and Settings”
- Turn off UPnP, DLN and SIP ALG
- Click “Save”
Next you have to log into your router and in the WAN section, set it up for PPPoE. How to do that varies by brand. But I will use my ASUS router as an example:
As you can see here, under “WAN Connection Type”, I have PPPoE selected. And under “Account Settings” I have my PPPoE username which starts with “b1” and password. Those have been redacted for security reasons. If you don’t have your “b1” PPPoE username and password, you can either get them from the Bell technician who does your install, or from the MyBell portal. You should also set up your PPPoE connection to connect automatically (in my case that’s the “Disconnect after time of inactivity” option) and make sure that PPP authentication is set to “auto”.
Once you do that, you should be able to connect to Bell’s network. If you get an WAN address that isn’t 192.168.2.xxx, then you’re good to go.
Here’s where I explain the “mostly” part. One thing that I noticed right away is that my upstream speed is way lower than the 1.06 Gbps that my connection is capable of. At the moment I am getting just over half that speed. And that’s likely because of how ASUS implements PPPoE. I say that because if I use DHCP to connect to the router, I get all the speed that I am paying for. Now some of you will say why don’t I use DHCP? That creates what’s called a double NAT which can play havoc with applications. If you really want to get into the weeds, you can read this but here’s what you need to know:
In a typical home network, you are allotted a single public IP address by your ISP, and this address gets issued to your router when you plug it into the ISP-provided gateway device (e.g. a cable or DSL modem). The router’s Wide Area Network (WAN) port gets the public IP address, and PCs and other devices that are connected to LAN ports (or via Wi-Fi) become part of a private network, usually in the 192.168.x.x address range. NAT manages the connectivity between the public Internet and your private network, and either UPnP or manual port forwarding ensures that incoming connections from the Internet (i.e. remote access requests) find their way through NAT to the appropriate private network PC or other device.
By contrast, when NAT is being performed not just on your router but also on another device that’s connected in front of it, you’ve got double NAT. In this case, the public/private network boundary doesn’t exist on your router — it’s on the other device, which means that both the WAN and LAN sides of your router are private networks. The upshot of this is that any UPnP and/or port forwarding you enable on your router is for naught, because incoming remote access requests never make it that far — they arrive at the public IP address on the other device, where they’re promptly discarded.
Thus a double NAT is not optimal. Now to be fair to ASUS, they are likely not the only ones with a poor PPPoE implementation in their routers. I am just pointing the finger at ASUS as that’s the router that I have and I have clearly proven that it is at fault. Which is why I have opened a support ticket with ASUS to get them to address this as in the age of 1 Gbps or faster Internet connections, having a router do what I am describing isn’t acceptable. Thus the vendor of said router should be held accountable.
Now some of you will point out that another option other than to use PPPoE passthrough is to use Bell’s “Advanced DMZ” function along with DHCP. From what I can tell from experimenting with it, it moves your router into the HH4000’s DMZ or demilitarized zone where it can give the the device, in this case my router an external IP address. And this does work as it gives my router the full speed the I am paying for. But based on my research, Bell doesn’t implement this very well as many have reported that a router that sits in the DMZ can often lose Internet connectivity every day or two which is not good to say the least. Thus this option is likely one that you should avoid. Though I may try it for giggles just to find out if the instability of this option that has been noted by others is something that I see.
Now what would be better is if Bell much like Rogers implemented a proper bridge mode. That’s a mode where the device shuts off all routing functions and basically becomes a modem that served up an external IP address to the router. But Bell wants you using their gear for everything and I guess that by not having a proper bridge mode, they force the less technical down that path and lock them into using their service.
If you have any questions about any of this, please let me know in the comments. Or if you have a 100% reliable method to bypass the HH4000, I would love to hear from you as well.
UPDATE: I did some more experimentation with the “Advanced DMZ” functionality built into the HH4000. My conclusion is that it isn’t very stable based on the fact that it broke HomeKit support and VPN connections from my network to another network would not work at all or very well. Thus I would avoid this option entirely.
UPDATE #2: There is an alternate way of doing this that appears to be stable for me and might work for you. Details are available here.
August 6, 2022 at 2:56 pm
[…] to do PPPoE bypass if you want to use your own router. Instructions on how to do that can be found here. But most people who get this will run it as a model/router. Let’s walk through the Home Hub […]
August 7, 2022 at 8:21 am
[…] like it if you use it if you phone into their tech support, but it’s there. Bell has PPPoE passthrough that accomplishes something similar. Whatever your telco offers, you should use it. The advantages […]
August 16, 2022 at 9:01 am
[…] suppled gear for these reasons. Originally, I was using the PPPoE bypass method as described in this article to make this happen, which worked fine except for […]
October 13, 2022 at 3:14 pm
Thanks for all the details and research! I have pursued both DMZ and PPPOE. PPPOE only getting me to 600 up and down while I can’t make the DMZ work for me at all. I have the same ASUS router and the Bell Giga Hub and Fibe 3.0. Very similar set up – cat 6 cables.
On bell’s hardware I’m getting 1000 up/down but on the ASUS I can’t move past 600 up and down. I’m hopeful DMZ can move me into the > 1000 territory.
I suspect that the issue I have is in the WAN set up on the ASUS setting up dhcp. Do I have to pass in any account credentials? To my simple mind if I’m putting the router ahead of the modem it would need something the validate with Bell but I’m probably at the limit of my understanding. If you have any thoughts much appreciated – and thanks for all the heavy lifting – hoping to get
October 13, 2022 at 3:18 pm
The DMZ setup does not require any credentials. If you follow this guide, it should work for you:
https://itnerd.blog/2022/08/16/revisiting-how-to-bypass-bells-hh400-hardware-with-your-own-router/
The reason why the PPPoE method doesn’t give you the speeds that you want is that how the ASUS router handles PPPoE traffic, to be frank, sucks. But to be fair, most consumer routers aren’t much better with the exception of a few. Two of which I mention in the above guide. Thus DMZ is the way to go as you can see the speeds that I get with a pair of XT8’s.
October 13, 2022 at 3:30 pm
Thanks for fast respond – followed it to a T (and the PPPOE walk through) but get no internet through to the ASUS router. Was there anything you did specifically for the WAN on the ASUS router side other than switch from PPPOE back to Automatic IP (DHCP).
October 13, 2022 at 3:32 pm
No. I didn’t do anything special. I do note that in my guide, I say to power up the router first, then the HH4000 (I assume that is what you are using). Did you do that?
October 13, 2022 at 4:01 pm
Hmm I will try it again. It isn’t the HH4000 but the GigaHub which from what I’ve heard is essentially the same. I did do the router first! Will report back.
October 13, 2022 at 4:02 pm
The Gigahub isn’t the same. It looks the same but it has a bunch of differences that are apparently causing issues for some people. More here:
https://itnerd.blog/2022/10/13/bell-rolls-out-their-gigahub-to-replace-the-hh4000-and-it-has-some-issues-that-i-would-like-to-understand-which-is-why-i-need-your-help/
October 13, 2022 at 4:18 pm
Ahhhhh that’s why it isn’t working – thanks again for helping me out. Unfortunately I’m not in the Toronto area to help you out on the reconnaissance. Hmm well I’ll keep my eye out for solutions. If I can help you let me know.
October 29, 2022 at 4:10 pm
Hi, thanks for writing up a detailed guide on how to use Asus XT8 with Bell without loosing around half the upload speed. Now, unfortunately after setting up the XT8 in DHCP mode,I am running into intermittent connection issues, and I wonder if that could be because of the10 minute connection lease assigned to the router. Any suggestions? Thanks a bunch!
October 29, 2022 at 5:17 pm
Dumb question. When you powered everything up, did you power on the XT8 FIRST then the HH4000 (you are using the HH4000 and not the Gigahub, correct)? If you haven’t, you should try that and see if the behaviour changes.
October 29, 2022 at 7:20 pm
Hi Thanks for the quick response. I’m using HH4000, not Gigahub, and I powered on the XT8 first, waited for the status light to turn red and then turned on Home Hub. I also just did the whole setup from scratch, but still running into the same issues.
October 30, 2022 at 9:29 am
Odd. It’s pretty straightforward and I’ve implemented this for a number of my clients with no issues.
IF you plug this in and set this up so that you only get a local IP address (192.168.2.x) and don’t use the advanced DMZ, do you get Internet access? What I am trying to determine here is if the issue is with your XT8 or with the Bell hardware.
Also, are you sure you’ve set the WAN port to DHCP?
November 4, 2022 at 7:20 am
Hi,
Yes I do get internet access with a local IP address of my HH4000. WAN Connection type is set as Automatic IP
November 4, 2022 at 7:25 am
And yes WAN port (and not Ethernet) is set to do DHCP. Funny thing is that without Advanced DMZ on in the Bell Home Hub, my lease time on XT8 is for 2 days (instead of 10 minutes) and internet is stable, the issue being Double NAT of course.
November 27, 2022 at 8:42 am
[…] is was the Home Hub 4000 (AKA: HH4000) hardware, which I have effectively bypassed by using first this method and then this method to do it. But since Bell has been rolling out a new piece of hardware as they […]
November 30, 2022 at 4:46 pm
Thx for this. If you leave the 5Ghz channel open on the HH, are you still double NATd?
December 11, 2022 at 2:27 pm
I have an ASUS 550-F motherboard that contains an Intel I225-V 2.5Gb ethernet chip.
LSHW shows:
*-network
description: Ethernet interface
product: Intel Corporation
vendor: Intel Corporation
physical id: 0
bus info: pci@0000:06:00.0
logical name: enp6s0
version: 02
serial: f0:2f:74:00:00:00
size: 1Gbit/s
capacity: 1Gbit/s
width: 32 bits
clock: 33MHz
capabilities: bus_master cap_list ethernet
physical 10bt 10bt-fd 100bt 100bt-fd
1000bt-fd autonegotiation
configuration: autonegotiation=on
There are no 2500bt options. Googling “I225-V” shows all sorts of problems with this chip.
December 18, 2022 at 9:13 pm
Hi,
Is it possible to connect to the Bell Giga Hub if I have successfully setup PPPoE and am on the Wifi network of my own router?
When I connect directly to the Wifi network created by the Bell Giga Hub, I just need to go to 192.168.2.1 and I get the login page for the Bell Giga Hub.
When I connect to the Wifi network from my own router (that is using PPPoE with the Bell Giga Hub), I get a ‘page not found’ when I try to go to 192.168.2.1.
Is there a way to get to the Bell Giga Hub router management page when connected to my own Wifi network?
Thank you very much for the help!
December 18, 2022 at 9:52 pm
Do a search of my blog for the word “Gigahub”. In short the Gigahub has issues with this setup. But Bell is in the process of addressing these issues. More details in the posts that I referenced.
December 19, 2022 at 7:37 am
Hi,
Thank you very much for the reply!
It is thanks to you (and Bell__Dom) that I have PPPoE working as I needed the firmware update to 1.15.1 for my Bell Giga Hub before it would start working at all.
Pardon my blindness, but I was not able to find information on how to access the Giga Hub when connected to Wifi through my router connected by PPPoE. Is this problem still not solved with the latest firmware pushed by Bell__Dom?
Thank you again for your help!
December 19, 2022 at 10:20 am
I’ll leave any credit for getting this fixed to Bell_Dom.
I noticed this when I was experimenting with PPPoE on the HH4000. What I did to access it when I needed to is to leave a Ethernet cable connected to it and plugged my laptop into it when I needed to. That’s because I turned off the WiFi. My theory is that when you do PPPoE bypass, you are truly bypassing the Bell hardware. I say that because I am running Advanced DMZ and I can get to the Bell hardware from my network simply by typing in 192.168.2.1 into a web browser. Though I do admit that I leave an Ethernet cable connected to the HH4000 just in case.
December 19, 2022 at 5:57 pm
Thank you again for your reply!
On the DSL Reports forum there are (many) posts about choosing between PPPoE and Advanced DMZ. From my reading, it seemed like a pretty even split in people recommending one over the other.
I have read your posts here that you have tried both. Would you have a recommendation to make for one or the other?
If I can access the Bell Giga Hub management page by using Advanced DMZ, then I might make the switch to have this additional functionality. I just don’t know what I might be losing by moving away from PPPoE? (I have an Orbi RBR850 if that matters for the overhead considerations of PPPoE).
Thank you again for your time and help!
December 20, 2022 at 8:29 am
Here’s the TL:DR version of this.
PPPoE is the most stable way to bypass the Bell hardware. However most consumer routers can’t handle this level of PPPoE traffic as PPPoE was never designed for these kinds of speeds. So you will end up having slower speeds than you are paying for unless you have some high end router like an ASUS AX89X for example which will fully utilize a 1.5 Gbps connection.
I use the Advanced DMZ method because that is the only method that gives me the 1.5Gbps/940Mbps (or in my case a tiny bit more) that I am paying for. The way Bell implements that is a bit suspect. And you have to make sure that your router is booted first before you boot the Bell hardware like the HH4000. Otherwise strange things happen like for example the router will have no route to the Internet. Not a big deal in my case as booting both at the same time has the router come up before the Bell hardware. Another factor is that not all consumer routers play nice with this setup. I’ve seen some instability from specific routers from Netgear and Links’s for example. While other routers from the same brands are fine. Thus I consider this a “your mileage may vary” sort of thing.
So in short, I don’t have a recommendation as such as it depends on your use case. For example:
– If you have one of Bell’s lower speed tiers like their 500Mbps tier, then PPPoE is the way to go.
– If you have a faster Bell speed tier, and your router plays nice with the Bell hardware, then try the Advanced DMZ method and see how it works for you. But be prepared to fall back to PPPoE if it isn’t stable.
Honestly, this conversation would be moot if Bell simply implemented a proper bridge mode the way Rogers does in their modems as that would allow anyone to connect anything to their hardware without going through all sorts of gymnastics to do so.
December 20, 2022 at 7:21 pm
Thank you very much for the information, very clear and I understand why you are using Advanced DMZ.
I will give it a shot and see how stable it is in my case.
+1 for wishing Bell would implement a proper bridge mode on their modem!
Thanks again for all your help, greatly appreciated!
December 22, 2022 at 11:16 am
I tried Advanced DMZ and run into a problem where there will be a significant delay (~5-10 seconds) before loading a webpage. It’s an intermittent problem, and is present across different websites and different browsers. It seems as though there is a pause to resolve the route, or a high ping before returning the data.
I was able to access the Bell Giga Hub dashboard when using Advanced DMZ, so I was happy about that, but I don’t know how to fix the random long pauses before loading webpages. I am on Firmware 1.15.1.
Any chance you came across this problem and have found a solution?
Thank you!
December 22, 2022 at 12:27 pm
What you might be seeing are lag spikes. That was reported here:
https://www.dslreports.com/forum/r33502228-Internet-Bell-Giga-Hub-4000-PPPoE-passthru-not-working~start=330
Scroll down to a post dated 2022-Dec-11 9:25 am. If you have this issue, I’d report it to the Bell Direct forum.
December 22, 2022 at 2:49 pm
Thank you very much. I saw on a later dated post (2022-Dec-19 2:38 pm) that the issue was not resolved and the user changed to PPPoE to avoid the lag spikes they were getting when using Advanced DMZ.
I will take your advice and post to the Bell Direct forum.
Thank you again for all your help throughout this process!