Welcome to Comcast Help & Support Forums
Find solutions, share knowledge, and get answers from customers and experts

New to the Community? Start here.




online now



Configuring business gateway for a VPN router

Posted by
  • Congrats on Posting your first topic!

Member Since: ‎11-30-2011
Posts: 1
Message 1 of 2 (15,353 Views)

Configuring business gateway for a VPN router


I need to connect a VPN router to my network.  Is there a way I can have the Business Gateway configured to just be a passive cable modem and send my internet IP to my router?  If not can I just connect the router to the business gateway and forward ports to the VPN router?  I'm looking at using a netgear FVS338.  Does anyone know which ports I would need to forward?

Thank you.

Posted by
Edited on
‎12-01-2011 08:52 AM

Networking Expert

Member Since: ‎07-28-2003
Posts: 24,240
Message 2 of 2 (15,341 Views)

Re: Configuring business gateway for a VPN router

[ Edited ]

This is a question best asked of the Business Support folks, most of us here are Comcast residential customers and have little expereince with the SMCD3G gateway that Comcast rolls out with their Business service.


That said, as I understand it, you have several options:


1. Just connect the VPN router behind the gateway and port forward and passthrough the VPN connection's to the private IP assigned to the VPN router's WAN interface.  Be sure to check the firewall option "Disable Gateway Smart Packet Detection" on the gateway, I understand it can cause trouble with VPN connections.


2. Place the VPN router's WAN IP address into the DMZ on the gateway and let the VPN router handle things. No port forwarding required, etc.


3. Disable the gateway's firewall entirely and assign one of your public static IP addresses to the VPN router's WAN interface and use the VPN router as the point of entry into your network.


Personally I'd go with #3.  #1 can be problematic with some VPN's and the whole thing will just slow down due to the NAT layer.  #2 is acceptable if your network is partially behind the gateway and partially behind the VPN router.


You don't say what you have for static IP's, but as I understand it, everyone gets at least one.  You take one of them and configure it in your VPN router's WAN interface and just connect the router to the gateway.  With the gateway's firewall disabled, it just routes packets to your router (or any other static IP you have connected to it).