Sassicaia's profile

Frequent Visitor

 • 

5 Messages

Wednesday, February 10th, 2021 11:00 AM

Closed

How to set up a VPN server with Xfinity Gateway?

I'd like to be able to VPN to my home and use my Internet securely instead of using public Wifi. Where can I find step-by-step instructions on how I can set up a VPN server in my home with Xfinity Gateway.

Official Employee

 • 

1.2K Messages

3 years ago

Comcast supports VPN access using any security setting you choose. If you're using your own WiFi router connected to your wireless gateway, make sure that bridge mode is enabled on your wireless gateway. Your VPN provider (likely your employer) may require specific security or firewall settings in order to connect successfully. Contact your VPN provider and work with their IT if needed. 

Problem Solver

 • 

1.3K Messages

3 years ago

OpenVPN is here: https://openvpn.net/download-open-vpn/

Wireguard is here: https://www.wireguard.com/

 

The default install instructions on either are a good start.

 

Wireguard is a bit faster due to less packet overhead, but much harder to defend against intrusion bot traffic (no connection logs to parse for easy utilities like fail2ban).  OpenVPN has failed connection attempt delay built into the configuration file.

 

The only thing your gateway has to do with it, is a single port forward to the device running the VPN server.  You can buy a 3rd party gateway with a built in VPN server, but I wouldn't trust that as far as I could throw it.  A gateway isn't a security appliance, nor should it try to be.

Frequent Visitor

 • 

5 Messages

3 years ago

@ComcastThomasF As my post indicates I'm using the Xfinity Gateway so there's no 'personal' router. Secondly the question asks how to set up a personal VPN not trying to VPN to an employer. 😒

Problem Solver

 • 

1.3K Messages

3 years ago

I could also add to the previous post, there are easy ways to construct a personal VPN server too if you are getting bogged down with configuration files and certificates.

 

You need to run the software on 'something'.  How about a raspberry pi?  Then it's really easy with pivpn  https://pivpn.io/  That sets up the server, and you can make client certificates and backup the setup with a simple comand.

 

If you are doing it in the first place,  check out opnSense or pfSense for a firewall solution.  They they have a VPN server built in, and both have a package-addon for client config generation.  Local web server based configuration.  Requires a dedicated host computer (x64).  Put your clients/devices/gear  including your wifi access on the inside network, don't use WiFi on the gateway, and you'll be able to see every packet that comes in and goes out.

 

You're right though.  Public WiFi?  Yep, flip on your VPN connection.  Its how I do it too.

Official Employee

 • 

3.3K Messages

3 years ago

@Sassicaia, thanks for the clarification and we apologize for any confusion there. We don’t provide technical support for VPN setup/connections, so in order to connect successfully, we strongly suggest contacting your VPN provider for further configuration details.

 

I can send you some helpful information in regard to making changes to your firewall settings for your wireless gateway model, or a user guide for your wireless gateway model. If you would like me to do so, please send me a Private Message including your first and last name as it appears on the account. To send me a Private Message, please click my name “ComcastAmira” and click “Send a message".

Frequent Visitor

 • 

5 Messages

3 years ago

 

@flatlander3 Thanks for the info. This seems more complicated than I expected and it's not free. I was hoping for something more pedestrian with step-by-step instructions. I envisioned downloading some VPN server software  which installs easily with minimal configuration and runs on my dedicated MACBookpro . Then punch a hole in my firewall and allow me to login from anywhere.

Frequent Visitor

 • 

5 Messages

3 years ago

@ComcastAmira Thanks for the reply but I think you're still missing the point here. There's no outside VPN provider. I would like to set up my home Internet with a VPN server. 

Official Employee

 • 

507 Messages

3 years ago

We don't currently offer a VPN connection directly though us, so you would need to look into using a third party service for a VPN. Once you have found a VPN provider that you'd like to use, they should be able to help get you set up with the VPN in no time. While we don’t provide technical support for VPN connections, here is a link with some more information that includes links to other support pages you may need: https://comca.st/373cZdA.

Problem Solver

 • 

1.3K Messages

3 years ago

Not free?

 

Both Wireguard and OpenVpn are free and open source.  What they sell are services as companies and consulting to pay the bills.  Their websites may be a bit confusing but stuff is there, along with the install instructions.  Lots of HowTo's out on the web too, but start with the official documentation.  Learning curve?  Sure.....why not, right?

 

For Wireguard Linux, its in the regular repository for your distribution like any other program.  If you want a windows server to be your VPN server, it's here, but I wouldn't set up windows to be a server of any kind. https://www.wireguard.com/install/  For MAC, use homebrew "brew install wireguard-tools".  It's command line, and a config file on mac..

 

For OpenVPN, to run the server (OpenVPN Access Server), you'll need a linux box of some kind.  There are virtual appliances too, so you can run them on ESXi.  Perhaps even a windows box with VMware will work.  Haven't tried VirtualBox and their ova image, but perhaps you can get it to work. The client software is free too and in the app stores.

 

By far, the easiest way is to just get a raspberry pi B+ (even the pi Zero will work), and use the pivpn install script.  That does everything for you.  Pi Zero hardware won't be very fast, but it works well enough for surfing and actually reasonably secure enough (provided you only expose the VPN port to the internet)  that I wouldn't worry about it..

Expert

 • 

101.6K Messages

3 years ago

@ComcastKatieMS 

 

Please check your link, it's broken.

Official Employee

 • 

507 Messages

3 years ago

@Sassicaia, my apologies for any issues with the link I sent in the previous reply. You should be able to access the site by copy and pasting it into your web browser if it doesn't automatically bring you to the site. However, here is a new one to try that should work for you: https://comca.st/2ZlvTs9 Please let us know what else we can do to help!

Problem Solver

 • 

574 Messages

3 years ago

That is correct, our modems include the router in one. Just to confirm you're attempting to set up your home network as a private VPN service when you're outside your home?

Frequent Visitor

 • 

5 Messages

3 years ago

@ComcastKatieMS  Thanks but that link is just a brief, high level definition of a VPN. And as stated previously the router is built into your Xfinity Gateway. 🙄

Expert

 • 

101.6K Messages

3 years ago

Your welcome.......
forum icon

New to the Community?

Start Here