Welcome to Comcast Help & Support Forums
Find solutions, share knowledge, and get answers from customers and experts

New to the Community? Start here.

5,516,778

members

14

online now

1,717,457

discussions

Back to Top

Motorola SBG900: firewall turned off, but still blocking

Posted by
Regular Visitor
  • Thank you contributor for your first reply to the community!
 Posting replies is the best way to get involved.
  • Congrats on Posting your first topic!

Member Since: ‎06-30-2009
Posts: 2
Message 1 of 6 (1,409 Views)

Motorola SBG900: firewall turned off, but still blocking

My ipsec tunnel is not coming up.  My firewall is off on the SBG900, but I see a bunch of these "NO SESSION DEFENSE" msgs in the SB900 firewall blocking log. It shouldn't be blocking, because the Firewall is off but I continue to get these in the blocking log.  I'm trying to setup an IPSEC tunnel to 128.107.200.68 but its failing.  I suspect its because the SBG900 is blocking.  What can I do to make sure the SBG900 doesn't block anything.  Is there a firmware update?  I've tried rebooting the SBG900 and putting 192.168.0.11 in the DMZ but still the SBG900 is blocking w/ reason "NO SESSION DEFENSE".

 

Initiator IP AddressInitiator PortResponder IP AddressResponder PortTransport ProtocolTimeBlocking Reason

192.168.0.11 0 128.107.200.68 0 UDP 2009-06-29 13:34:54NO SESSION DEFENSE


 

5 REPLIES
Posted by
Email Expert

Member Since: ‎04-27-2004
Posts: 18,247
Message 2 of 6 (1,404 Views)

Re: Motorola SBG900: firewall turned off, but still blocking

"No session defense" means that the router saw a packet that's part of a session, but never saw the packet that initiated the session.

 

However, it's complaining about UDP, which doesn't use sessions. That message should only apply to TCP packets.

 

I tried googling that message, but haven't found anything useful. 

Posted by
Connection Expert

Member Since: ‎12-24-2003
Posts: 52,195
Message 3 of 6 (1,394 Views)

Re: Motorola SBG900: firewall turned off, but still blocking

I'm not familiar with that gateway's config pages/firmware, but take a look somewhere in the config properties for something to the effect of IPSec / VPN Passthrough, and if it exists, make sure that it is enabled.



Community Icon
I am not a Comcast employee, I am a paying customer just like you! I am an XFINITY Forum Expert and I am here to help.To learn more about XFINITY Forum Expert program click here.
Was your question answered? Mark it as an accepted solution!solution Icon
Did this post help? Why not give it a kudo!!!Kudos Icon
Community Icon
I am not a Comcast employee, I am a paying customer just like you! I am an XFINITY Forum Expert and I am here to help.To learn more about XFINITY Forum Expert program click here.
Community Icon
I am an XFINITY Forum Expert and I am here to help. Expert Program
Posted by
Regular Visitor
  • Thank you contributor for your first reply to the community!
 Posting replies is the best way to get involved.
  • Congrats on Posting your first topic!

Member Since: ‎06-30-2009
Posts: 2
Message 4 of 6 (1,382 Views)

Re: Motorola SBG900: firewall turned off, but still blocking

I checked all the gateway config pages, and there is no option for IPSEC/VPN Passthrough.
Posted by
Networking Expert

Member Since: ‎07-28-2003
Posts: 24,240
Message 5 of 6 (1,379 Views)

Re: Motorola SBG900: firewall turned off, but still blocking

SBG900 = Not a good thing

 

Any of these combo cable modem/wireless routers are usually a very bad idea.  They hae all kinds of problems from crippled or below standard firmwares, very inflexible, etc.

 

My advice, ditch it, get a Comcast cable modem (or buy your own), and then get your own wireless router.  any decent router will have VPN passthrough options.  Now that's not to say it will fix your problem, VPN's are touchy and sometimes require some tuning on the VPN server side of things by your IT department.




Community Icon
I am not a Comcast employee, I am a paying customer just like you! I am an XFINITY Forum Expert and I am here to help.To learn more about XFINITY Forum Expert program click here.
Was your question answered? Mark it as an accepted solution!solution Icon
Did this post help? Why not give it a kudo!!!Kudos Icon
Community Icon
I am not a Comcast employee, I am a paying customer just like you! I am an XFINITY Forum Expert and I am here to help.To learn more about XFINITY Forum Expert program click here.
Community Icon
I am an XFINITY Forum Expert and I am here to help. Expert Program
Posted by
Security Expert

Member Since: ‎10-07-2003
Posts: 20,976
Message 6 of 6 (1,357 Views)

Re: Motorola SBG900: firewall turned off, but still blocking


Baric wrote:

SBG900 = Not a good thing A perfectly horrible concept!!! Smiley Wink

 

Any of these combo cable modem/wireless routers are usually a very bad idea.  They hae all kinds of problems from crippled or below standard firmwares, very inflexible, etc.

 

My advice, ditch it, get a Comcast cable modem (or buy your own), and then get your own wireless router.  any decent router will have VPN passthrough options.  Now that's not to say it will fix your problem, VPN's are touchy and sometimes require some tuning on the VPN server side of things by your IT department.


There... I fixed it for ya.

TANSTAAFL!!








Community Icon
I am not a Comcast employee, I am a paying customer just like you! I am an XFINITY Forum Expert and I am here to help.To learn more about XFINITY Forum Expert program click here.
Was your question answered? Mark it as an accepted solution!solution Icon
Did this post help? Why not give it a kudo!!!Kudos Icon
Community Icon
I am not a Comcast employee, I am a paying customer just like you! I am an XFINITY Forum Expert and I am here to help.To learn more about XFINITY Forum Expert program click here.
Community Icon
I am an XFINITY Forum Expert and I am here to help. Expert Program