Open ports on Comcast
I have Comcast Xfinity and need to open 3 ports on the comcast modem. I can see port 3389 is open but i also need port 3390, 3391 and 3392 open. I have port forward these ports to my computers for Remote desk access. When i test these 3 the fail. How can i open them with the comcast modem.
Thank you.
Thank you.
Last Comment
Did you change the port the remote desktop is listening on for those other computers not using 3389?
Generally the preferred solution is to install remote desktop gateway on one of your servers. Then you only need to forward 443 to the gateway server.
Generally the preferred solution is to install remote desktop gateway on one of your servers. Then you only need to forward 443 to the gateway server.
Which model router do you have?
You need to manage your Comcast router, from the internal network browse to the gateway address.
e.g. your internal network is 192.168.1.0/24 and your default gateway is 192.168.1.1
browse to - http://192.168.1.1, login in with the credentials they provided for your router
admin
XXXXX
From here you can change the configuration of your router, port forwarding, security policy etc .....
http://customer.xfinity.com/help-and-support/internet/change-the-login-and-password-on-your-router
http://customer.xfinity.com/help-and-support/internet/port-forwarding-xfinity-wireless-gateway/
https://www.youtube.com/watch?v=Tpih6zB7k4I
harbor235 ;}
e.g. your internal network is 192.168.1.0/24 and your default gateway is 192.168.1.1
browse to - http://192.168.1.1, login in with the credentials they provided for your router
admin
XXXXX
From here you can change the configuration of your router, port forwarding, security policy etc .....
http://customer.xfinity.com/help-and-support/internet/change-the-login-and-password-on-your-router
http://customer.xfinity.com/help-and-support/internet/port-forwarding-xfinity-wireless-gateway/
https://www.youtube.com/watch?v=Tpih6zB7k4I
harbor235 ;}
ASKER
I have a new comcast router and i can RDP in on 3389 to any of my computer but only when i change the port forward 3389 to different computers. I am looking to open the other ports so i can have 4 different port forwarding rules.
.
.
Ok, so you will need something like this:
external IP - internal IP
1.1.1.1:3389 -->10.1.1.1:3389
1.1.1.1:3390 -->10.1.1.2:3389
1.1.1.1:3391 -->10.1.1.3:3389
1.1.1.1:3391 -->10.1.1.4:3389
I do not know the router model number you have, however, since you want to use multiple port forwarding rules for the same service you need one of the following: multiple external IPs or the ability to configure custom services. e.g well know service RDP uses tcp port 3389, customservice1 uses tcp 3391, customservice2 uses tcp 3392, customservice3 uses tcp 3393, customservice4 uses tcp 3394, ......
Do you have multiple external IPs? or do you have the ability to configure custom service rules. The key with custom service rules is the ability to define an external service port (tcp 3391) and translate that to an internal server IP:port combination
1.1.1.1:3391 --> 10.1.1.1:3389 You see?
So look at how you create new services and assign them to port forwarding rules
harbor235 ;}
external IP - internal IP
1.1.1.1:3389 -->10.1.1.1:3389
1.1.1.1:3390 -->10.1.1.2:3389
1.1.1.1:3391 -->10.1.1.3:3389
1.1.1.1:3391 -->10.1.1.4:3389
I do not know the router model number you have, however, since you want to use multiple port forwarding rules for the same service you need one of the following: multiple external IPs or the ability to configure custom services. e.g well know service RDP uses tcp port 3389, customservice1 uses tcp 3391, customservice2 uses tcp 3392, customservice3 uses tcp 3393, customservice4 uses tcp 3394, ......
Do you have multiple external IPs? or do you have the ability to configure custom service rules. The key with custom service rules is the ability to define an external service port (tcp 3391) and translate that to an internal server IP:port combination
1.1.1.1:3391 --> 10.1.1.1:3389 You see?
So look at how you create new services and assign them to port forwarding rules
harbor235 ;}
ASKER
I only have the 1 external ip address and i don't have the ability to configure custom service rules. I think i will have to buy an Netgrear router and see if i can set up port-forwarding on that.
Thank you.
Thank you.
What model router do you have?
The problem is that the functionality you desire is typically classified as an enterprise class feature or business feature.. Providers love to charge you more for the increased functionality.
Tell me your router number and I will take a look.
harbor235 ;}
The problem is that the functionality you desire is typically classified as an enterprise class feature or business feature.. Providers love to charge you more for the increased functionality.
Tell me your router number and I will take a look.
harbor235 ;}
ASKER
Arris, Model number = TG862G/CT
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
Thank you
I am confused how that is different from than what I provided, my second link provides the same menus but from the Comcast website.
harbor235 :-}
harbor235 :-}
Sorry guys, but you are missing the issue here, or some of you are. These links show how to forward port xx to port xx on IP 1.2.3.4, but the problem is that these Xfinity Arris modems don't let you forward port xx to port yy on the target IP. no place to change what the target port is. This is the same on a couple of Comcast Business router/modems I have worked on as well.
So of course one fix is to locate a different router downline from the Xfinity router, send your ports straight to that router, and then do your port switching on the downline router. e.g.
say Comcast is at 10.0.0.1 and you put a NetGear router inside at port 10.0.0.2. Now you forward, 3389, 3390, 3391 all over to the Netgear at 10.0.0.2. On the Netgear, where it is (sensibly) possible to forward to a different port, you set forward 3389 to your first PC (say at 192.168.1.2), then forward 3390 to 3389 on the second PC at say 192.168.1.3, etc. Now of course you have the issue that you've got some items & probably Comcast/Xfinity WiFi running on the 10.0.0.x network and your devices below the Netgear are in the 192.168.1.x network. this may NOT be a problem depending on what you want to be able to talk to each other. I do this by leaving Xfinity's WiFi out of the game entirely and run my Wifi and all devices off the Netgear (manageable) network. Then you get to the issue of "bridge mode" , which Comcast does not seem to handle in a friendy way. From what I can tell it's not really a complete bridge mode, and on top of that once you turn it on you still have to contact Comcast and have them REALLY turn it on. And the Xfinity router's "port triggering" is a different thing, although in some ancient times at least some D-link routers did the "forward to a different port" think under the name of port triggering. As was mentioned above, Comcast has probably decided to not let you forward ports to different ports so they could charge more for this completely common capability. So what is the best solution? Since the two router config can be a PITA if you can't get bridge mode going and/or are using Xfinity WiFi, I would recommend just changing the TCP listening port on the PC to some non standard port like 3394. Then forward 3394 to that IP. And lastly when you connect to this remotely you have to specify your target address as IP:port, as in 70.1.33.44:3394. That will get you through. Be sure to write down that you changed the registry for the listening port. You can google up the registry entry to change pretty easily. "remote desktop listening port registry entry" should do it. I also saw a really great entry here or somewhere I was searching that suggested using a netsh command on the PC. As with changing the registry, if you use this it is something you want to note for future reference
So of course one fix is to locate a different router downline from the Xfinity router, send your ports straight to that router, and then do your port switching on the downline router. e.g.
say Comcast is at 10.0.0.1 and you put a NetGear router inside at port 10.0.0.2. Now you forward, 3389, 3390, 3391 all over to the Netgear at 10.0.0.2. On the Netgear, where it is (sensibly) possible to forward to a different port, you set forward 3389 to your first PC (say at 192.168.1.2), then forward 3390 to 3389 on the second PC at say 192.168.1.3, etc. Now of course you have the issue that you've got some items & probably Comcast/Xfinity WiFi running on the 10.0.0.x network and your devices below the Netgear are in the 192.168.1.x network. this may NOT be a problem depending on what you want to be able to talk to each other. I do this by leaving Xfinity's WiFi out of the game entirely and run my Wifi and all devices off the Netgear (manageable) network. Then you get to the issue of "bridge mode" , which Comcast does not seem to handle in a friendy way. From what I can tell it's not really a complete bridge mode, and on top of that once you turn it on you still have to contact Comcast and have them REALLY turn it on. And the Xfinity router's "port triggering" is a different thing, although in some ancient times at least some D-link routers did the "forward to a different port" think under the name of port triggering. As was mentioned above, Comcast has probably decided to not let you forward ports to different ports so they could charge more for this completely common capability. So what is the best solution? Since the two router config can be a PITA if you can't get bridge mode going and/or are using Xfinity WiFi, I would recommend just changing the TCP listening port on the PC to some non standard port like 3394. Then forward 3394 to that IP. And lastly when you connect to this remotely you have to specify your target address as IP:port, as in 70.1.33.44:3394. That will get you through. Be sure to write down that you changed the registry for the listening port. You can google up the registry entry to change pretty easily. "remote desktop listening port registry entry" should do it. I also saw a really great entry here or somewhere I was searching that suggested using a netsh command on the PC. As with changing the registry, if you use this it is something you want to note for future reference
Networking
Networking is the process of connecting computing devices, peripherals and terminals together through a system that uses wiring, cabling or radio waves that enable their users to communicate, share information and interact over distances. Often associated are issues regarding operating systems, hardware and equipment, cloud and virtual networking, protocols, architecture, storage and management.
102K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
This page has directions if you have a static IP address from Comcast. http://businesshelp.comcast.com/help-and-support/internet/comcast-business-ip-gateway-static-firewall/