Skip to main content

    Support

    Offers

imngtech's profile
imngtech
Conversation Starter
Conversationalist
1st Reply

Contributor

 • 

34 Messages

Saturday, June 11th, 2022 2:17 AM

Closed

Best way to setup DMZ

Hello, trying to improve my gaming experience. One thing I heard is to put my gaming console into the DMZ. I tried to add my gaming console into my wi-fi router's DMZ by specifying the internal address, seems like it kind of improved but then a day or two later, my household started losing internet access, had to reboot my cable modem (or gateway I guess the proper term these days) a couple times for it to work again.  Don't know if it was just coincidental but when I removed my console from my router's DMZ, I haven't lost internet since.  Is there something that Xfinity or the gateway doesn't like with setting up a DMZ within the router right behind the gateway?  When I researched this I've seen Xfinity reps or others reply that setting up a device within the DMZ is not considered secure.

So I researched in this forum about DMZs and see several posts about setting up the DMZ within the gateway itself, so I'm tempted to put my gaming console into it using the instructions provided in this article that an Xfinity rep provided: https://www.xfinity.com/support/articles/port-forwarding-xfinity-wireless-gateway?linkId=155308662 .  

Just wondering then, what's the best way to setup a DMZ to get the best possible gaming experience, within my router, at the gateway, or both?  Thanks in advance.

Question

 • 

Updated 

3 years ago

2.6K

2

0

CCAaron1

Problem Solver

 • 

954 Messages

3 years ago

Hello and thanks for taking the time to reach out @imngtech. I see it has been a couple of days. Are you still having issues or where you able to get this resolved? 

4

0

imngtech

Contributor

 • 

34 Messages

@XfinityAaron​ Well I'm just wondering what's the best way to setup a DMZ considering I don't have a XFi gateway or Xfinity gateway, I just have a broadband modem connected to a wireless router. I've been establishing the DMZ at the wireless router but with a couple days I have internet connection issues.  I don't know if it's just due to coincidence with internet issues in general.

3 years ago

0

XfinityWilliam

Official Employee

 • 

1.2K Messages

Just to confirm, you are using your own modem / router @imngtech?

I am an Official Xfinity Employee.
Official Employees are from multiple teams within Xfinity: CARE, Product, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Please, mark a reply as the Accepted Answer.tick

3 years ago

0

imngtech

Contributor

 • 

34 Messages

@XfinityBilly​ yes i'm using my own modem and router.

3 years ago

0

rb653504

New Poster

 • 

4 Messages

@XfinityAaron​ Good afternoon, I just got an XB8 installed, the wifi name has been changed. I need to add an IP address into the DMZ. I logged into the new APP, clicked on enable add the IP address I need and try to apply. It said Enabling DMZ, then comes back with an error We're having Some trouble. How long does it take for the new modem to bond with the system to take these changes?

3 years ago

0

flatlander3

Problem Solver

 • 

1.5K Messages

3 years ago

Best?  Is NOT a DMZ.  What that does is just nakedly expose whatever you put into it to the internet.  You've bypassed whatever firewall protections your router had, so whatever is there is just going to get hammered.  That generally assumes something with it's own protection and firewall, not just a device with perhaps no protection.  Could have been your internet traffic problem.  Might not have been.  Dunno.  You'd have to sniff/log the traffic to see it with something else.  

Better, would be a dedicated firewall with at least 3 network interfaces.  One interface goes to the modem and gets your public accessible Xfinity IP address.  Two others create their own internal subnets.  One for your regular stuff, and one independent subnet for your game console.  Ideally, your game console would be connected via Ethernet (fastest, lowest latency).  Your existing router just turns into a WiFi access point then (no actual routing, no dhcp server, dhcp requests are forwarded to the firewall).  The two internal subnets don't speak to each other.

Now you create port forward rules on the firewall to direct the traffic you want to your game console (and it's subnet)-- IF required, while still maintaining at least 'some' sort of inbound protection.  Bonus round involves active/adaptive firewalls plus limiting who can talk to your external IP address and access exposed open ports, but that's a different subject. 

5

forum icon

New to the Community?

Start Here