Solved

VPN Disabled after Comcast Upgrade

Posted on 2014-02-06
6
2,863 Views
Last Modified: 2014-07-22
We just upgraded our Comcast service and our VPN now only allows one person to connect at a time. Comcast denies responsibility.

We have a static IP address. The new modem is a Netgear CG3000DCR. I've setup port forwarding for a PPTP connection. Our old modem was a SMC Networks SMC8014. The setup for port forwarding on that was similar, except you had to specify the GRE protocol. On the CG3000DCR there isn't a place to do this.

We're relying on the modem as the DHCP. Our server runs Windows 2003 Small Business Server. It's setup to support 10 PPTP connections.  Our clients are mainly Windows 7 and Windows 8.  

Can anyone help? Comcast says they offer no technical support for VPN. They offer no documentation for this modem. Thanks to anyone who can provide expert help!
0
Comment
Question by:Ron Indy
  • 3
  • 3
6 Comments
 
LVL 20

Expert Comment

by:masnrock
ID: 39841469
Comcast would give a response like that. Their attitude is that as long as you get a connection, everything is fine, even if their equipment causes your network not to work quite right. As much as I hate to suggest this, turn off the firewall entirely and see if that helps. I doubt that this will. Under the assumption that your modem came from Comcast, see if you can get them to either send you an SMC modem or provide you with a standalone modem instead. (The standalone modem would over course require you to get a router/firewall of some sort) A number of people fixed their issue that way.
0
 

Author Comment

by:Ron Indy
ID: 39841729
Thanks for the suggestions. I've already requested an SMC modem. The tech said sometimes they have one. It wouldn't be the model we had before. The tech said Comcast would not allow us to buy our own modem if we have a static IP.

What is a "standalone modem"? Do you mean a modem that is in bridge mode?

Using Windows 2003 SMS, we could of course setup the server as the DHCP, rather than the modem. The problem with that is whenever the server needs to go down (or if we had a problem with the server), we would lose internet connection for all computers in the office. Our personnel need access to the internet to do their jobs.
0
 
LVL 20

Accepted Solution

by:
masnrock earned 500 total points
ID: 39842071
That's right, Comcast only provides "business gateways". A standalone modem is more like the type of modem you would find in a house. Some cable companies like cox will let you use those.

Another option would be to buy a something like a sonicwall and configure your existing Comcast device as a passthrough. That way you'll won't be very dependent on Comcast equipment, except for connectivity.
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 

Author Comment

by:Ron Indy
ID: 39846052
Having not heard anything from ComCast, I've ordered a ZyXel ZyWall 110. This should allow us to depend on ComCast equipment only as a modem while upgrading the VPN to SSTP. Some of our people used to have problems connecting through their ISP and SSTP should help with that. Still, it's an expense we certainly didn't budget for.
0
 
LVL 20

Expert Comment

by:masnrock
ID: 39846240
Yes, unfortunately that is a pain in the neck. But Comcast does not make people's life particularly easy, forcing you to get units from them rather than having the option to buy your own, etc. And of course, they do not exactly give you a choice in the units you get. But that is why I tend to recommend the set up you have now versus depending on their equipment for network services. However, now that you've made the improvement that you have, there should hopefully be no more issues.
0
 

Author Closing Comment

by:Ron Indy
ID: 40212290
We bought the ZyWall and it has been complicated to setup. Not sure I would recommend it.
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now