Xfinity Forum Archive...
This is an archived section of the community.
Content in this area has been identified as outdated or irrelevant.
This change was done in an effort to make the forum easier to use and to keep only the most helpful and recent content active.
Post your questions in the Xfinity Community
Pardon my ignorance, but what exactly is a VPN? I reserached it online and I still dont get what an ordinary person would use this for...It seems liek soething taht enables you to use the internet without people "tracing" your activities? It sounds more like 007 stuff than anything
Kenyo, Are you sure you didn't have your computer accidentally in the DMZ??
My port fowarding works instantly. When I make changes, I use zenmap for windows to port scan and the port changes are reflected accordingly.
HOWEVER, I'm having the same problem with built in windows 7 PPTP. I have 1723 port forwarding on, but it just WON'T connect and I'm wondering if this router even does protocol 47 GRE
I do not think the router is the issue. I think the settings are being managed upstream.
I was trying to set up VPN with the Arris TG1682G. These are the final steps that got me to the above conclusion:
1. I set up DuckDNS.
2. I enabled Remote Management on the TG1682G router, mainly just to see it ANY port might open.
3. Was able to see the login screen by going to <mydomainname>.duckdns.org.
4. Disabled Remote Management; Saved. Could still get to login screen through DuckDNS.
A. Closed/reopened browser.
B. Tried different browser.
C. Reset TG1682G router from portal (10.0.0.1). Verified that Remote Management was disabled.
D. Unplugged/Waited 30 seconds/Plugged router back in. Verified that Remote Management was disabled.
E. Did a factory reset from portal. Had to enter SSID and key info. Verified that Remote Management was disabled.
F. Installled browser that I had not used before.
G. HTTP'd directly to the IP address supplied by wtfismyip.com, bypassing DuckDNS.
H. HTTP'd to the IP address using my phone WITHOUT Wifi, bypassing DuckDNS.
5. At every step, I was able to open the login screen at the dynamic IP assigned to my router by Comcast. The connected devices shown on the page were correct. Whatever setting was still allowing this to continue to happen was NOT, IMHO, on the router.
6. At every step, PortForward's Port Checker reported that the port was "NOT OPEN or not reachable!". So did a couple of others.
And I'm pretty sure I avoided any caching that may have messed with reality.
It is my considered opinion that port management for the TG1682G router is handled elsewhere--not by the router--and it is therefore pointless to try to do VPN through it.
Since we use telephony, I'm setting the router to "Bridge" mode and will do VPN through another router over which I do have control.
Lastly, if anyone can show me that I'm full of beans about this, in all sincerity, no one would love hear about it more than me. I hate under-handed BS like this in a service I'm paying for.
Keep your firewall as custom and disable.
enable your parental control and add the machine or cellphone where you want to use the VPN as trusted.
It will work this way.
If you enable the parental control and add the cellphone or any computer as trusted the VPN using pptp it will work. If you disable it will not help.
Good news is that it is working now... when I checked I had the same firmware version but it is likely that it updated sometime over the past week and that fixed the issue. So don't know for sure why it works but it seems to be working perfectly now.
I had comcast come back and swap the modem. The new one passed the IP Address just fine. I didn't notice the firmware revision but for some reason that particular modem wasn't working properly.
Worth trying again with the new firmware update, it has fixed one or two things:
If you don't have it yet, try a quick 2 sec press of the recessed reset button. It took longer than normal to reset for me, it reset itself twice.
I was wondering if a solution was found for the issue of not getting a public IP address when in bridge mode on a TG1682G. I just installed a TG1682G last week and when set to bridge mode I do not get a public IP address on my router (an Apple Time Capsule), instead the router will just self assign an internal IP.
Thanks in advance.
I have this device and after 4 other devices I can't stand it. When plugged in to my Time Capsule the link light was red. It didn't matter in bridge mode I can not get an assigned IP address ot my router. Right now I am in double Nat but can't access things from the outside.
When in double nat you can not reach back to yourself. As the OP discovered.
I don't know why this TG1682G will not pass the public IP in bridge mode but with 100% certainy it will not. I've tried with a hardwired desktop, the original Apple Time Capsule and now at netgear
I am requesting a replacement router. There was a huge slow down in performance when using the Time Capsule. At this point I am done with it - but the netgear isn't having any better luck with the Netgear - but its the fault of the Arris TG1682G
I wanted to reply to my own comments just to let you guys know that I never had issues. I was actually attempting to reach my eternal IP and port from whithin my own network (LAN). I tried from a different IP location and it worked.
I'm having the same issue with Arris TG1682G. I'm trying to enable port 80 and followed the instructions properly but after an nmap check, all port still seem to be filtered.
I even checked my Firewall > Custom Security > Disable Entire Firewall and still doesnt work. I have also set the Parental Control to allow all services and devices, and trust the machine the port it's been forwarded to, but no luck.
I also tried to use Bridge Mode as a last resource, but it ended up without internet connection wired. At this point I think the best solution would be requesting a different device from Comcast.
Please, I need help. Did you guys came up with a solution already?
I am having the exact same issue with this modem. My IPSEC VPN connection was working fine on my Verizon FIOS Internet link but it stopped working as soon as I switched over to Comcast Xfinity with this modem/router model. I can switch over to the WIFI on my Verizon iPhone and it will connect immediately.
I ran a few packet traces to compare what is happening when it works and when it does not and it appears that there is a packet getting dropped somewhere in the Comcast network that is being passed elseware. This dropped packet is causing the VPN setup to fail.
Failed again just now.
By the way, it does connect about 1 out of about 20 attempts. Even when it connects though, if I disconnect and then immediately try to re-connect, it fails. Very strange.
Perhaps a Private Message to ComcastFransic might help?
It is a new device, could be a firmware problem, or something less complicated. Either way it's worth a try, the wireless does work pretty well on this.
Parental Controls are disabled. I'll assume you don't think I should enable them and then set the laptop as trusted.
Gave up on the bridging since I've come to the realization that it will not let me use the wifi strengths of the gateway. Maybe there will be a firmware update soon.
You could also check Parental Controls for blocked sites/services/devices and devices have to be selected as Trusted if you have any of those controls enabled, to allow them through.
The WAN port from the router connects to the LAN 1 port on the gateway. You must power cycle the gateway when you change devices like connecting the router. You will not be able to ping the 10.0.0.1 since the gateway's router is disabled. The router should be picking up a public IP address on the WAN side, if it's really bridged.
When it's in bridge mode, it should just pass everything through port 1 to the router, so you wouldn't be able to use the wireless in the gateway. They tend to cripple gateways with Comcast firmware. Don't have the answer but I would have thought that VPN would be possible in the gateway somehow......
Well, i still can't ping the 10.0.0.1 address even when I make my router give out addresses in that range. still no internet. I guess I'll give up for now and put it back the way it was. Looks like there is no way to still use the wireless anyhow while in bridge mode .
Anyone have a gateway model that works with VPN and has decent wireless speeds? Maybe I can request a different model.
Yes, port one is connected. Interesting to note that the light on the gateway is orange when connected to the router but green when connected to my laptop. I noticed that the gateway did switch back to its default IP address which is 10.0.0.1. When looking through the settings from my laptop, I see that the wireless is automatically disabled in bridge mode with no way to enable it that I can tell. I also can't see any way to set a static IP for the gateway in the settings to match my IP range choice from my other router. Maybe I'll change the range to get with the 10.0.0.x program that my gateway wants to be.
I tried lowering security and tried setting up port forwarding for every port that my VPN provider says we use without luck.
I'm trying to set up this bridge mode but now I get no internet no matter what I connect to. I can't even ping the gateway anymore even if directly connected to it, maybe it's IP changed somehow when I put it into bridge mode.
Not using a VPN, but just a thought, have you tried lowering the firewall security in the gateway to minimum.(It is supposed to work with Max security for VPN), also there is a firewall for IPv6 with typical and custom settings
Doubt that will help, but worth a tinkering with. I do agree about the wireless on the 2.4Ghz network range.
Thanks for the reply. I was thinking that this might be the way to go, myself but I had a few questions about how to connect/configure the other router. It has a Wan port on the old router, do I connect to that? Will the gateway still retain its good wifi signal and same speeds despite the older router being slower/older? Which router will be giving out the DHCP addresses? Can I just disable the wifi on the older modem? Does the machine that needs the VPN have to be connected to the old router or can it get the wifi signal from the gateway?
Sorry for the barrage but whataver you could answer might be helpful.
Connect your old router to LAN port1 and follow the directions to place the gateway in bridge mode. I'm suprised your wi-fi comment, as up to now wi-fi on the gateways is not always the best. Your right, certain other models have issues with VPN.
The TG1682 is brand new, very few reports on the forum about this gateway, postive or negative.
I have the Arris TG1682G and it seems impossible to get my IP-Sec or SSL based VPN's to work at all. Also, doesn't work with the xfinitywifi connection that is offered for customers without access to their router. It does work fine with the neighbor's Netgear router. It also worked fine with my previous ISP which was Verizon DSL.
I see no one else complaining about this model of gateway. I only see people complaining a couple of years ago about a similar device.
Comcast hasn't been helpful with a few phone calls. I don't think they understand what is going on. Maybe the equipment is too new. Is there another model that I should ask for instead of this one that will work?
I do have Triple play so the phone goes through the box too.
I have an old cable modem and cheapo router that I used to use but this gateway is giving me the best wifi signal I have ever gotten. I am hoping to be able to keep this thing.