[Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 7086
  • Last Modified:

Comcast Cable - Any Way to Place SMC 8013 into Bridge Mode?

Hello all,

I am trying to set up a VPN behind an SMC 8013 Cable Modem, and I'm running into IPSec pass-through difficulties that should be alleviated by placing the modem into bridge mode. Is there any way to accomplish this with the SMC 8013, or is there another Comcast-compatible cable modem I could use which would allow bridging?

Thanks,

John
0
chanteroc
Asked:
chanteroc
  • 5
  • 3
1 Solution
 
savoneCommented:
I am VERY familiar with Comcast.  I imagine since you have the SMC that you are using commercial services called Workplace.  There is a way to place the SMC into bridge mode but your would need the Comcast login.  They keep different logins and the cusadmin login you use will not let you to the option.  

Questions:

1) Do you have a reserved IP?  If not you can get a basic cable modem and it will act as a bridge.

2) Where are you located?  Comcast Commercial is rolling out a RIP solution to this problem.  If you can get this service, The SMC will work like a mini CMTS and pass off routable IP's to your devices.

Give me some more info and I am sure I can help you with this one.  Also make sure you have protocol 50 ESP and Port 500 open to your VPN termination point.

EX.  If you have a VPN box with an ip of 10.0.10.2 open ports 500 and ESP 50 to that IP.

Hope that helps1
0
 
chanterocAuthor Commented:
savone,

Thanks for your response. I'm glad someone else is familiar with Comcast, as this one has been giving me conniptions for the past week or so...

In response to your questions:

1) Comcast has just begun rolling out static IP service to my county; I anticipate signing up within the next ten days; till then, we're dynamic.

2) My office is located in Rockville, MD. This is the first I've heard of the RIP solution; can you elaborate or point me to more info?

I've current opened ports 500 (UDP) and 1723 (TCP), as well as ESP 50 (IPSEC_TUNNEL) to the VPN box. Anything else that I should be forwarding?

Thanks!
0
 
savoneCommented:
That seems right.  Try 500 TCP/UDP though. I am not sure what protocol you need.

As far as the RIP solution goes you can call tech support and they can fill you in.  If you need any specific info I can help you with I would be glad to.  Basically it you are on a giant DHCP network now and your mac address determines what IP you receive.  They are changing the network to a RIP based network that will allow for TRUE static IP addresses that you can buy in blocks of 5.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
savoneCommented:
By the way I dont think 1723 is needed.  It is for a pptp tunnel.
0
 
chanterocAuthor Commented:
Thanks - back to square one. I've spoken with Comcast technical support, and their opinion is that the problem lies in the double NAT'ing taking place. There is another cable modem I can use, a DOCSIS I believe, but it doesn't support static IP. I tried using the Motorola SB5100 we had in place prior to the SMC, and since Comcast couldn't find it in their inventory and was unable to add it, we're again stuck without a VPN.

Any other ideas?

Thanks...
0
 
savoneCommented:
Do you need a static IP?  Did you ask them about RIP?  

Also when you call Comcast tech support make sure you get Pennsylvania on the phone.  They are the Advanced Service Center.  The rest are just call centers.  

If you dont need the reserved IP you can go with a stand alone modem and it will not be doing nat.

If you DO need a static call and inquire about the RIP situation.  It should be in MD any day now if not already.


But the reason you can not put the SMC in bridge mode is because you do not have the correct login.
0
 
chanterocAuthor Commented:
Many thanks! You've steered me in the right direction; the order is now placed for static IP, and the VPN is up and running without having to place the router in bridge mode. All the remains is to work out some of the internal routing issues, which should be completed this weekend.

Your help is much appreciated!
0
 
savoneCommented:
No problem.  Good luck!
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 5
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now