Link to home
Start Free TrialLog in
Avatar of aando

asked on

What do I need to setup Comcast Fiber to my network?

I decided to move from a T1 with Paetec to Comcast Fiber. Paetec supplied a router and then handed off to my Firewall. Now comcast drops a switch in back to their outfit and says they don't do routing. So I either have to figure out how to set my Firewall up to do it and it's normal functions or buy a Cisco Router or something else. How can I set this up?

Avatar of John Meggers
John Meggers
Flag of United States of America image

Just do a static default outbound on the firewall, and NAT your inside traffic so you don't have any internal routes to advertise.  What kind of firewall?
The only thing you may have to do is re-configure the WAN interface on your firewall.
If your Comcast fiber service includes a static IP address, you'll need to configure your firewall WAN for that; otherwise leave it as DHCP.
also, if you haven't been using your sonicwall as a router, i'd ask what you've been using it for. you can't turn that functionality off especially the NAT'ing. as kdearing said, you'd really only need to change the WAN interface with the public IP info your ISP gives you.

are we missing something?
Avatar of aando


I think we are on a different page. I have a SonicWall TZ100. Comcast is telling me they are giving me a /30 that has to be setup to connect to them. Then they are giving me a /29 to connect to the world.

So I don't just have one IP address for the WAN that has to be configured like with a normal T1 or something. I have two. Right now I have a T1 and a Router in place from the ISP. Then on my Firewall I setup the external IP like as the WAN and as the LAN.

On Comcast they gave me two sets of WAN IP's and said one had to go on my Router and one on the Firewall. But of course that Router belongs to the other ISP.
OK, I think I understand now.

The IP that Comcast gave you with the /30 is for the link to them.
That should go on your SonicWall's outside interface.

The IPs with the /29 are typically used for your DMZ.
If you don't have any publicly-available servers that would normally reside in your DMZ, then don't worry about it.
You don't have to used those IPs.
indeed. this looks awfully familiar to a client of mine who has Cox internet. their WAN interface is a completely different subnet from the IPs used for Exchange, HTTP, etc. i only assign the WAN interface IP and Cox takes care of the routing for me. i believe this may be what you have as well.
Avatar of aando

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
ah, that makes sense. in essence, your router is acting as the ISPs router. how odd. glad you got it though.
Avatar of aando


Mine is correct.
aando, Today Comcast completed the install of their fiber to my office. I am wanting to do some testing prior to going live with our production TZ210. I tried to setup 2 routers (Cisco Small Business RVS4000 routers) as you stated but cannot get to the internet. I know the internet is live as I can connect one router with the point to point IP info to their switch and get out no problem. I am obviously not putting the correct information into my second router. Would you mind being a little more specific on how you configured each device?

Thanks in advance for your help!
I just ordered the same comcast service between two sites... Do I need a router or not? I currently have a sonicwall at each site, good idea to use my sonicwall as layer3 or should I buy a cisco router? The sales tech says "It's like having a long cable between two sites.  If that's the case, then I really only need one router and not at both sites? Right?