I have a new Cisco 5505 behind the Comcast cable modem/router (SMC). I am using this device as a firewall and VPN router. I have no problem making connections to the outside (using various protocols & ports). I am unable to make any externally initiated connections into the internal network though (e.g. VPN via IPSec). I do not have a static IP via Comcast.
I believe the firewall on the SMC router is disabled (I have checked the "Disable Firewall for True Static IP Subnet Only" - which Comcast tech support stated was the way to disable the firewall on this device (even though I don't have a static IP)). I also have disabled "Gateway Smart Packet Detection". Even though the firewall is supposedly disabled, I have also forwarded the necessary ports (500 & 4500) on the SMC.
When I attempt to connect to those ports, they are blocked. When I perfrom an nmap port scan, all ports show as filtered (I can ping the device). A capture on the 5505 external interface to the SMC internal interface shows no traffic during the nmap scan.
I contacted Comcast tech support again, and explained the situation and testing I'd done, and they stated that the device is open and they are not blocking any ports. I asked the support tech to test the SMC device's public IP and he stated he could not do that & that they don't block any ports, so the problem is with my 5505. I'm at a loss. Any ideas or things I've overlooked before I ask for a different modem/router?