Port Forwarding stopped working seemingly out of nowhere

Just a few posts down there are two threads on it.

@johnnydrama23found a fix.  You might have run into a firmware update that changed how reserved dhcp address and the firewall works.  https://forums.xfinity.com/t5/Your-Home-Network/Port-Fowarding-with-xFi/td-p/3416100

Most implementations of dhcp are based on opensource isc-dhcp.  I know in the BSD/Linux version, it doesn't specify if a reserved IP address has to be inside or outside the dhcp address pool.  It just pings an address to see if it's in use before passing out an address.  Port forwards are usually done on IP's that are not in the pool with firewall rules, static assigned or reserved, which makes sense because the pool is supposed to change all the time.  Xfinity may have changed the firewall behavior to only allow the port forward to addresses that are WITHIN your dhcp pool.

If you set a client up with a static IP address and it's outside of the dhcp pool, your port forward may no longer work.  You may have to set the client up to use dhcp, and reserve an address for it inside the dhcp pool for the port forwards to work.  Don't use static IP's inside the dhcp pool.  Reserve the address instead.  A static address may work for a while, but if your client is down, the server may pass out the address to something else, and you'll have a conflict and network chaos when your client comes back up.

Release notes if they are going to do a firmware push, or if this is just an app/cloud configuration deployment issue would be helpful, but I don't see them anywhere.  *If this is a bug Xfinity knows about, they may change the function of this at any time.

I had the same problem. After spending 1.5 hours listening to Xfinity tech support level 1 tell me it was a problem with the PC manufacturer and that I needed to address it with them, I asked to be connected with level 2 support. After another hour on hold, I was disconnected. This peed me off enough to figure it out and fix it.

The problem seems to arise when you first attach a machine to your network. Somewhere in Xfinity land resides a database that tracks the MAC of the machine and associates it with the initial IP it is given. Although you can update the machine, the Xfinity Modem/Gateway maintains whatever that initial IP was set to. The fact that Xfinity gimps the modem by requiring you to use their Xfi app to manage the port forwarding and triggering features doesn't help at all.

Here is how I fixed my issue:

Verfied the machine I wanted to forward to had the static IP assigned to it I desired.

Disconnected PC from network. You would think the Modem would recognize it's no longer connected, but after 30 minutes of waiting, I power cycled the modem to get the PC to move from Attached Devices list to Unattached Devices list.

Selected the PC in the Unattached Devices list and deleted it.

Power cycled modem.

After the modem was back up, I reattached the PC and set it to a profile.

After verifying the correct IP was showing in the Details of the PC in the Modem, I setup the Port Forwarding with the expected results.

It sucks that with as advanced as technology is, Xfinity can't figure how to allow this stuff to update in real time.

Hope this helps somone.

Z

Got same problem now, before portforwarding was working until I got new kind of modem, now doesn't even work anymore.... nat is usually open, now its moderate awhile i m playing warzone 

Same here.  My family web site, that I host at home, could no longer be reached from the world wide web.

Xfinity appears to change how port forwarding works and no longer uses the IP Address assigned to the device, but uses the MAC address instead.  Additionally, as mentioned by another user here, static IP addresses are no longer supported for port forwarding.  The DHCP Address must be reserved for the device, the device added to the reserved IP list, and port forwarding set to this device. 

Solution: 

1. Change your device's settings to use DHCP instead of Static IP, reboot your device

1. Login to your router at 192.168.0.1 (or whatever your router's IP address is)

2. Click on Connected Devices and locate your device you wish to port forward to and click Edit.

3. Note the Host Name, MAC, and IP Address, click the radio button for Reserved IP under Configuration.

4. Click on the radio button Reserved IP under Configuration.  Enter the IP address that DHCP assigned if not already displayed.  Add any comment you wish.  I entered "Family web server"

4. Save

6. Login to xfinity  xfinity.com/myxfi 

7. Click on Connect - See Network, and Advanced Settings

8. Click on Port Forwarding, delete any entry that may already be there, and create a new entry using the information you noted earlier.

Be patient during this process because I noticed that I needed to wait a minute or so during this process to be successful.

My solution was same as @johnnydrama23 

My port forwarded address were outside the DHCP scope. My scope ended at .200 and static LAN addresses were above that. So I could not edit or add port forwards beyond 200 and I could not add reservations for them either.

I simply extended the DHCP range to cover the addresses (which forced a reboot) and bang 7 year old port forwarding started working again.