I have the new Arris gateway model # TG852G/CT that Comcast is testing. It's for a residential account. I am trying to set up port forwarding but not having any luck. I have given my computer a static IP address, and it is on a wired connection, not that it matters. I access the gateway config through http://10.0.0.1 and I am able to enter information for port forwarding, but the programs I run which need these ports forwarded are still unable to connect. If I set my computer as the DMZ host, then the programs connect without any problems, so I'm assuming the gateway is just not forwarding ports.
I called the special service number I was given, but was transferred to standard tech support who are not able to help with complex issues like this. The gateway's user guide seems like it may have been written based on a different firmware version or something. The screenshots are different from my interface. Here is the user guide from Comcast:
However, note that I got to that page by clicking a link to http://customer.comcast.com/userguides from the gateway config and the Comcast site magically redirected me to the above page for the TG852G/CT user guide. Your mileage may vary.
Arris doesn't appear to have any support options for me since I obtained the gateway from Comcast. They have a different user guide for the TG852G which does not even mention port forwarding or triggering. Googling "TG852G/CT" doesn't get any more useful information...I'm not sure what significance the "/CT" has. I don't know where else to look.
It's always in the last place you look. There's a Firewall Security Level setting for for gateway, and I was using the Maximum Security, which blocks all ports. So now I'm a little less secure, I guess, but a little safer than being in the DMZ.
Seems the Comcast firmware loads in their branded gateways are doing this oddly. In most routers from leading manufacturers, the presence of a ACTIVE port forwarding definition automatically pokes a hole in the firewall without the need for changing any firewall security level settings. But there is a similar setting in the Comcast branded SMCD3GNV gateway, or so it looks from reading the manual (I don't have one to try).
I just got one of these modems/routers and am trying to setup port forwarding. I have enabled port forwarding and set it up to forward to a device with a static internal IP address. I have the firewall completely turned off from the settings, but the packets still do not get routed through.
Has anyone been able to get this to work?
I am going to try switching back to a standard cable modem without a built in router if Comcast still has them. Otherwise I'm going to have to switch services as I need port forwarding enabled.
Did you remember to open the software firewall on the target system? many people forget this step and wonder why their port forwarding setup doesn't work.
That said, it should work fine. But if all else fails, get your own wireless router and simply have Comcast place the gateway in bridge mode which effectively turns it into a cable modem with telephony support (ie. an EMTA). Just call them at 800-363-2416 to have that done.
I am at the gateway config but I can't even get through the username and password screen...I have been using the comcast username and pass word but nothing! I know this is kind of a silly problem and question but what am I doing wrong?
The default user is "admin" and the default password is "password". If they don't work, then they have been changed and you have to reset the device to factory defaults or call the support folks at 800-363-2416 and have them reset it for you.
Hi, I'm new on this forum, but this may be the only help I can get. I am trying to make a minecraft server which requires port forwarding. Minecraft uses port 25565 and I need that forwarded. I can get through the sign in, and then go to port forwarding, but where it says external port and internal port (something like that), it will NOT let me change it! It shows a faded number, but I can't even click in the field! Can anyone help? Please! SOS! Thanks!=)
The Comcast gateways are notorious for having firmware loads that are problematic and are crippled of user adjustable features. Perhaps it would be best to have it put in to bridge mode so that it is just a straight cable modem and then you would use your own high quality router that has all the available consumer desired features with it.
If you decide to go this route, use this number to reach the gateway support team; 1-800-363-2416.
How did you change the firewall settings on the Arris TG852G/CT? I am having the same (or similar) issue. I have a remote, wireless camera I'm trying to set up. My wireless router has port 81 open (I pinged it to be certain), but my external IP address (from Comcast) shows the port as being closed? How do I open the port on my external IP?
Reading this thread has EVERYTHING you need to get it done. That said, many folks have trouble with these Xfinity Wireless Gateways, so take the advice given, get it bridged and get your own router and port forward there.
I've read through the thread and I'm not quite following. For starters, I have an Arris TG852G/CT as my modem (I'm not a technical expert, but I believe that's what it is), which is connected to my Airport Extreme wireless router. The AE has port 81 open - I performed a port check in the Apple Network Utility - but the external IP address (Comcast) has the port as being closed. I was hoping that someone may be able to help me open the port on the Arris, but if not, then I'll continue looking at other options. I will contact them again regarding the idea of making my modem a "bridge" and hope that solves the problem.
The TG852 is NOT a modem, it's a wireless gateway, a combination modem, EMTA, router, and wireless access point all rolled into one.
Your problem is that you have two routers connected in series, so you have a double NAT layer, one in the gateway, one in the AE. Double NAT is not a good idea, although is works in some setups. As has been pointed out already, I highly recommend you call the gateway support team at 800-363-2416, tell them to place the gateway in bridge mode (ie. only the modem and EMTA will function) and use your AE as the primary router. THEN your port forwarding setup in the AE will work as expected.
If you keep using the gateway as is, you have to port forward in the gateway to the AE, then forward in the AE to the target system. As you can see, not an ideal setup, and will absolutely not work with some protocols.
First, my mistake, I typed in the wrong model. I have an Arris TM722G. Second, the issue remains the same. My Arris modem is connected to an Airport Express wireless router and I have configured everything so that the wireless camera works within the wi-fi enviornment. Here are the steps I have followed:
1. I have configured the camera with a static IP address using HTTP port 81.
2. I have configured the Airport Express with the same static IP address, port 81 and have created a DHCP Reservation using the same static IP address and the MAC address.
3. On my Airport Express I have Enabled NAT Port Mapping Protocol.
Once again, the camera works perfectly within my wi-fi environment, so I know it's (camera) going through the static IP at port 81. However, the problem is I can't access it from my external IP. Whenever I do a port check on my IP, the report says it's closed.
Not sure what I can do....I've brought the device to the Apple store and they have confirmed I've set everything up on my computer and device properly.
TG852G/TM722G, Airport Extreme or Airport Express... which is it? I hope you were more careful with your port setup than you were in describing it. Without the exact specfic setup (ie. screen shots, exact values, etc) it's hard to help here. As long as the Airport (whichever) is working normally and it's configured properly it should work. Did you try changing the port to something higher like 8080? Make very sure you have properly power cycled both the Airport AND the cable modem/ETMA (press and hold the Reset button until the modem reboots).
How are you doing the port check? Some of these online checks are pretty bad and should not be trusted. While I don't like the verbose nature of http://www.grc.com, that site does a decent job of checking individual ports. It correctly identifies the ports I have open for various purposes.
Transformer2055 wrote: So, we have to "break apart" (bridge) the router because it is 3in1? Is that why the ports were unable to change? Thnx
No, you bridge it because the router and wireless components are real junk and do not work well. Bridging disables them so you can use your own router. There's nothing that says such a combo device can't work well, but the fact is that most gateways are compromised in one fashion or other to save cost, etc. By their very nature they are bottom of the pile performers and when you add the really ugly firmware that Comcast has loaded in their gateways, you get a recipe for disaster.
Those are the userid and password on the Comcast Business class routers, ie the SMCD3G and the older SMC 8014. The userid on the Comcast residential gateways (like the Arris TG852, TG862, and SMCD3GNV) is "admin" and can't be changed (at least not by the firmware Comcast has loaded).
I am also running security cameras via an IP DVR system with an Arris TM722 gateway to a NetGear WNDR3700 router.
I'm able to access IP cameras fine within LAN, and externally WAN via iPhone apps, however issues external via Safari and or IE.
For any external you need to confirm your external IP via IP Chicken or similar and insure using that external IP address and not the internal one assigned by your LAN router as this is internal IP only.
I think I got access using the default port 80, rather than port 87 or any other user selected port, but will need to retest.
Either way, it's very frustrating using these Arris gateways if you want to do anything besides vanilla use.
I suggest that you have been lied to by a clueless tech. While the Xfinity Wireless Gateways are downright junk, they do in fact support port forwarding, just like any other consumer grade router on the market.
Really, the one I have is setup to forward port 80 and 20,21 to my web server and it does not. I can access it from the private side of the router but not the public(Internet side)so no one can access my site from the web. So, tell me, why not? Firewall is set low. Port forwarding works on the private side. Sending connect request to 10.0.0.1:80 forwards just fine to my server, sent from the private network, but not from the Internet. So why won't it forward?
By the way, I'm using the public address the gateway is assigned by Comcast to try to connect to my server from the Internet. If I switch my Internet access back to my, still existing, DSL line using my Cisco and port forwarding I can access my site just fine, so problem is not in my configuration.
Because you're using port 80 and many consumer routers have problems with that and/or explicitly disallow it so that their admin interfaces continue to work. Try another port.
Other than that since you do not provide the details of your config, it's hard to say. Another issue is many routers have trouble routing from behind the firewall out to the public interface and back in again, so if you are hitting your public IP from a system on the local LAN that can cause trouble. I don't know if the Xfinity gateways suffer from this defect, but many routers do.
All in all, I go agree you should stop using the gateway, or have it bridged and use your own decent router, the gateways are know to have many, many problems, but I do know the port forwarding works (mostly), it's been confirmed many times. There many, however, be situations where it doesn't work but a blanket state that port forwarding does not work is completely false.
I went through this port forwarding problem when I switched to Comcast Internet a few months ago. Seems the new residential gateways will not allow port forwarding, period. I spent hours on the phone untill I finally got a tech who told me the news. If you want port forwarding from Comcast you need to switch to business class.
Instead I with with using an outside web host for $11 a month. They supply app and data servers as well and are up 24/7.
I would like to have port forwarding back but I'd probrably would have to buy my own gateway. Just too much hassle.
I have forwarded port 8080 on my Comcast-supplied Arris TG852G/CT. It works for me, but only if I browse to http://<my-ip-addr>:8080 from outside my firewall. For example, if I turn wifi off on my cell phone and browse to that IPort, it works. But if my browser is operating inside the firewall, it does not work. I get connection timed out.
The Firewall Security Level on my account was blocking a program all of a sudden. Couldn't figure out what happened, but then after reading you email I realized that I had just recently modified my security setting to max. resetting it back to low lets the program run again. thanks for the heads up, it was driving me crazy and I couldn't get ANY help.