Comcast cable static IP / NAT / SMC modem / configuration basic questions

Posted on 2008-11-07
Last Modified: 2013-12-14
working with a comcast smc modem, I have some questions.  The modem they supplied has 4 'lan' ports on it.  Our network (firewall to a dual nic sbs box to the rest of our network) was plugged into port 1, 2 other networks were in port 2 & 3.  our firewall and the other networks were getting 10.1.10.x addresses from the smc (NAT), and we shared a single public IP.

Now we have a block of 5 static IPs.  comcast says the gateway is .18 and our block of IPs is .13 - .17.  We want our network to have it's own IP.  I entered the .13 info into our firewall and it gets out fine.  And using that IP, we can get in also with RWW.  

Comcast wasn't much help in helping me understand....  
so the other static IPs aren't being used right now, right?
those other networks will still keep getting nat addresses and a public ip of .18, right?
the key question:  the SMC box is set for NAT, but yet we are connecting to it with a public IP on the LAN side. That's OK?  It passes all traffic for .13 right to our firewall?  No rules are needed?  But anything else comes into .18 and you need rules to route inbound? (The smc is both NATting and simply routing?!  Neat!

Question by:babaganoosh
    LVL 89

    Accepted Solution

    Some of the DSL modems I am seeing lately include their own router and hand you off NAT'd addresses as you observe. I talked to Bell Technical support in Toronto about one of these in a highly tehcnical environment and he said you could set the modem to bridge the router and hand off its own external IP. If you were able to do that, you could put a small fast switch out from the modem, and then you should be able to access all the IP's. I do exactly that for one client, although the modem does not include a router and only has one output. Ask to speak to the next level up technical support at Comcast (I know they are cable and I am speaking about DSL, but the basic concept is the same).   ... T
    LVL 6

    Assisted Solution

    Comcast's modem/routers are usually either/or.  It is either set to bridge, and anything plugged into the lan ports needs the correct static public IP, or it is set to NAT, and everything plugged in gets a 10.1.X LAN IP.  If comcast sold you a block of 5, and you successfully set your firewall to use one, then the other networks should also need their public IPs programmed in to work properly.

    Featured Post

    Enabling OSINT in Activity Based Intelligence

    Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

    Join & Write a Comment

    Because virtualization becomes more and more common, and, with Microsoft Hyper-V included in Windows Server at no additional costs, and, most server hardware nowadays is more than capable of running a physical Small Business Server (SBS) 2008 or 201…
    Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    745 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now