We help IT Professionals succeed at work.

Remote access to Comcast modem - possible?

33 Views
Last Modified: 2020-07-10
It's been such a strange trip dealing with Comcast tech support. One guy will say the firewall's on, another says it's off. Nobody can tell me what mac address they see on an interface.

Anyhow - what I want to do in the future for these baby branch offices is to get onto the cable modem from afar. They told me on the call that I could manage the device at a 10.x.x.x and a standard uid/password. What interface on the cable modem would give me this access? I have a Cisco ISR on the inside of the cable modem with a public IP address. Would that interface be dual addressed with the 10.x.x.x management as well?

Then the big question - if I wanted to login to the cable modem from my data center public NAT IP, should I be able to do so if someone configures that permission locally? I just want to see the settings with my own eyes and without having to wait on hold 15 minutes for a barely helpful Comcast tech.
Comment
Watch Question

Simple Geek from the '70s
CERTIFIED EXPERT
Distinguished Expert 2019
Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION
CERTIFIED EXPERT
Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION
amigan_99Network Engineer

Author

Commented:
Well if the site was accessible via VPN tunnel (meraki, dmvpn, pan ipsec whatever) - then there'd be no issue. The problem arises mostly at the opening of an office and you put in your firewall and you can't access it remotely and the VPN tunnel won't come up. The cable modem is clearly blocking the traffic but you get two techs from Comcast saying the firewall's off and the third one on the third day finally says 'oh yeah, the firewall is on'. I can't highlight how bad the tech support is and how limited the set of things they're willing to look at to resolve things. So I definitely want WAN access to the cable modem to get them the heck out of the picture and to not have to involve sales people in the process. But I'd only want WAN access if I could limit what source IP could have access to the device. If the device were accessible from any source address that would be another story.
CERTIFIED EXPERT

Commented:
Comcast hires high school dropouts or something.  They played with computers during high school and fancy themselves to be IT, when they're really only tech savvy users.  I have not ever talked to anyone on their first tier that really knows anything about computers or networking.  They only know their scripts and want you to reboot your modem even after you've done so a few times on your own.  The American centers are better at hiding the fact that they're still following their scripts.

Their 2nd tier is only slightly more knowledgeable college dropouts.  One of them told me that 30 ms ping times are normal, and told me I must have had "perfect" (with sarcastic tone) networking because I told him my work network and AT&T ping times were in the single digits.  He must have grown up knowing only comcast and never worked with real network equipment.  I even had to explain to him what higher ping times meant.

If they made their equipment and service work correctly, then you wouldn't need to ever call them.  Unfortunately, it must be cheaper for them to hire these idiots than to spend the money to make a solid network.

Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.