Activating an Xfinity Wireless Gateway
This article guides you through the steps to install and activate your Xfinity Gateway. If you are replacing a device that is currently installed in your home, be sure to disconnect that device before following the steps below.
Place Your Gateway
Find the cable and power outlets most centrally located in your home.
Place your Gateway off of the floor and in an open area away from exterior walls, metal surfaces, microwaves, and windows. Avoid cramped spaces and anything that can block the device from broadcasting freely.
Plug in Your Gateway
Plug the power cord into your Gateway and then into an electrical outlet.
Screw one end of the coaxial cable into the Cable In/RF In port on your Gateway and the other end into the cable wall outlet. Make sure the connections are finger tight.
If you subscribe to Xfinity Voice service, connect your telephone to the Tel 1 connection on your Gateway using a telephone cord.
Wait for Your Gateway to be Ready
Your Gateway may reboot, and it could take up to 20 minutes for it to be ready to activate. Make sure the lights appear as described below before moving on to the next step. Do not unplug your Gateway during this process.
If your Gateway has multiple lights on the front, the Power, US/DS, and Online lights should remain solid for at least one minute and the WiFi light(s) should start blinking.
If your Gateway has only one light, it should remain solid white for at least a minute.
Establish a Temporary Internet Connection to Activate
If you prefer to use a smartphone, tablet, or laptop with WiFi connection:
Look for the Network Name (SSID) and Password printed on the side, back, or bottom of your Gateway (the name should look like Home-XXXX or XFSETUP-XXXX).
Select the name from the list of available networks on your WiFi-enabled device and enter the password when prompted. If you're prompted to enter a PIN instead of a password, click the Connect Using a Security Key link to enter the password found on the Gateway.
If you prefer to use an Ethernet connection:
Plug the Ethernet cable into one of the open ports on your Gateway until it clicks. Plug the other end into the Ethernet port of your computer. The Ethernet port will light up when successfully connected.
Activate Your Gateway
Once you've established a temporary Internet connection, if you're not automatically presented with a welcome message to begin setup, open a web browser and navigate to xfinity.com/activate. Follow the on-screen prompts to verify your Xfinity account and complete the activation process.
When you've finished activation, your Gateway may reboot. It may take up to 10 minutes after activation before you can connect to your home network.
Connect to Your Home Network
After the Gateway has been activated and after a possible reboot, you may need to connect your devices to your home network if you changed the network name and password.
Go to the WiFi settings on your WiFi-enabled devices (e.g., smartphone, smart TV, laptop).
Select your home network WiFi name and connect with the password. If you changed this during or after activation, be sure to use the new one you set up. Note: The Xfinity WiFi home hotspot may take up to 24 hours to broadcast. For more information, please see Questions about the Xfinity WiFi Home Hotspot.
If you're activating an Xfinity xFi Gateway (models Arris 1682G, Cisco 3941T, Technicolor CGM4140COM, or Arris TG3482G), you can use the steps below or download the Xfinity xFi app on the Apple App Store or on Google Play for an easy, guided setup process. To determine the type of Gateway you have, check the make and model information located on the bottom of your device. You can also check this information in My Account .
Activating an XFINITY xFi Gateway with the XFINITY xFi App
Launch the XFINITY xFi app and sign in using your XFINITY username and password. (You must be the primary or an unrestricted secondary user to access.)
Select I'm setting up my Wireless Gateway. After activation you can continue to use the XFINITY xFi app to manage your home network.
Select Get Started to begin the process of setting up your Gateway. The entire process should not take longer than 20 minutes.
First, we'll need to identify your Gateway. Select Use Camera to scan the QR code on the side or back of the device. The QR code should contain all of the information needed to begin activation. You may also be prompted to grant the XFINITY xFi app permission to access your smartphone's camera.
Note: If your device does not have a QR code to scan, you will need to enter the 12-digit CM MAC number found on the side or back of the Gateway. Select Enter Code Manually and follow the on-screen prompts. You may also be prompted to enter the CM MAC number even if your device has a QR code if we need additional information.
Your smartphone's camera will open within the XFINITY xFi app. Find the QR code and focus the camera on it. Once the QR code has been successfully scanned, you will see a green check mark.
Note: Keep your smartphone as steady as possible. If the camera has trouble focusing on the QR code, try slowly moving your smartphone away from and towards the QR code.
The app will then take you through the necessary steps to set up your Gateway and activate your XFINITY Internet/XFINITY Voice service. For the best WiFi coverage, set up the device in the most centrally located place in your home where there is also a cable outlet. Also, avoid placing the device in your basement or attic as this can interfere with your WiFi signal. Keep it out of cabinets or closets, and make sure it is off of the floor. Select Next to proceed through these tips.
Once you've found the best spot for your Gateway, follow the instructions to connect the coaxial cable and power cord. The lights on the front of your Gateway will flash and blink as the device prepares for activation. Select Ready to Go! to continue.
Now that your Gateway is connected, it's time to personalize your home WiFi network name and password. Enter a WiFi name and password that is easy to remember and secure. Select Next.
Confirm the WiFi name and password you entered are correct. If you need to make changes, simply select the back arrow in the top left-hand corner of the screen. If you are also activating XFINITY Voice, you will see your phone number on this screen. Select Confirm and Finish Up. Note: For customers swapping an existing xFi Gateway with a new one, you may be presented with the WiFi name and password associated with your previous device. You can choose to keep them the same, or create a new WiFi name and password. If you change the name/password, you'll need to reconnect all your devices using the new information.
Your home network setup will now begin. This part of the process can take up to 10 minutes to complete, during which time you will see status updates at the top of the screen. You will also be prompted to enable push notifications to be alerted when activation is complete.
Once your Gateway is activated and your WiFi is ready to go, you'll be presented with instructions on how to connect to your new WiFi network. Two shortcuts are provided to make this process even easier. Simply copy your WiFi password to your clipboard by selecting Copy and then Go to Settings. From there, go to the WiFi settings on your device, wait for your new WiFi name to show in the list of available networks, join the network and then paste your password to connect.
**NOTE**: Remember, you'll need to connect all of your WiFi-enabled devices using the WiFi name and password you created.
We see many questions in the forums regarding port forwarding, so I have put together a primer to try to help those who are new to the concept.
WARNING: Port Forwarding exposes devices on your LAN to the Internet. If you DO NOT NEED to port forward, DON'T. This guide tells you how to and why you might need to port forward. The reader assumes any and all responsibility for any damage of, or intrusions into their network caused by port forwarding. What is Port Forwarding?
Port forwarding is a mechanism used in IPv4 to allow a computer, smartphone, or other device (the SOURCE) outside your Comcast HSI connection to connect to a device on your LAN (the DESTINATION). A typical Comcast residential user network might look something like this:
In this diagram, a Cable subscriber (you) has a webcam, NAS, or media server on the internal LAN behind his router/gateway. It is configured to listen on TCP port 8080, in this case. Other devices or game servers that you have may be configured to listen on a different (or many different) ports, but the principle is the same.
Let's say that the subscriber (you) want to make that server available to a family member in a different location, so they can see your webcam, or look at pictures on your media server or NAS. In order to do that, your family member needs to be able to connect, often using a web browser, or a smartphone app. The problem is that your web server is on your LAN, protected by the firewall in your router, AND it has a private address, which cannot be used on the internet. The private subnets you will see most commonly are the 192.168.0.0 and 10.0.0.0 subnets. Subnetting is beyond the scope of this discussion, as most home routers are set up out-of-the-box to use one of these submets. Under normal circumstances, you will probably never have to change this. The problem lies in the fact that these subnets cannot be routed over the internet. Port Forwarding is intended to solve that problem.
As seen in the diagram, your home router (and you must have a router of some type to perform port forwarding) is provided with an address on the public internet by Comcast. Because of a shortage of IPv4 addresses, home routers use Network Address Translation (NAT) to allow you to connect a large number of devices to your router, and give them the ability to connect to other devices on the internet. This is done by assigning each requested connection from your LAN a TCP port, so the router can track the connection. The combination of the IP address and port number is called a socket. So, when you use your computer on your LAN to go to www.google.com, your computer (the source) sends a request using a random port (usually above port 1024) to the destination (www.google.com) on port 80 (the standard http port. Because of NAT, the Google server sees your source address as the WAN IP of your router. How, you may ask. is this related to Port Forwarding? Well, port forwarding is essentially the same process, but in reverse. Think of it as inbound NAT. You router has a public IP address, but by default, it doesn't listen on many ports. This is for security, so that someone on the internet cannot easily get on to your network. Now, you have a media server or an IP Camera that you want Granny to see, so you have to tell your router to listen on a port so that you can give Granny a link to it that she can put in her web browser (how she does that we will discuss later).
How do I set up Port Forwarding
First, you have to set up your router. There is an excellent website at http://portforward.com, which will walk you through the steps of how to forward ports on just about every known router, so I am not going to go into detail on any particular model. Suffice to say that when you set up port forwarding, you tell your router to listen on a particular port (in the case of the diagram, it is port 8080), and you also tell it where to send that traffic, when it sees it. In this case, the router is told to send all traffic it ses incoming on port 8080 to the internal device at 192.168.1.200. Below is an example of the screen for configuring a Custom port forwarding service on a Netgear WNDR3700. Other router screens will look different. This is just one example:
OK, so I have set it up...how does Granny get there... Granny has a computer with a web browser. Lets say you are letting her see your IP Camera. instead of port 80, your IP Camera is designed to listen on port 8080. Under normal circumstances, you would forward the same port externally as the device listens on, so you would set up your port forwarding to listen on the WAN interface on port 8080, and internally, send all port 8080 traffic to the IP address of your IP camera. Now, when Granny browses google.com, she just types inwww.google.com in her browser, and it goes there, right? That is because google.com is listening on a well-known port for http traffic (port 80), and browsers automatically know that you want to go to port 80. What they don't know is that your router is waiting to send traffic to your IP Camera on port 8080, so when you tell Granny how to get to your camera, if you are using any port other that 80, you MUST specify the port, and that you are using the http protocol. So, you would tell granny to put the following in her browser address bar: http://<yourWANIP>:8080
To find the WAN IP of your router, you can either look at the Status page in your router interface, or browse tohttp://whatismyip.com If you don't want to give her an IP address, you would need to use some type of Dynamic DNS service (not within the scope of this discussion) to translate your WAN IP into a hostname, but you still need to specify http and the port number, like this: http://myipcam.somedomain.org:2000 (the actual name will depend on your Dynamic DNS provider) What else can I do with Port Forwarding?
The principles are the same for pretty much any device or server that you want to make available to sources outside your home. You can port forward Windows Remote Desktop Protocol, so you can log into your PC from another device with an RDP client. You can run a web server (although publicly accessible webservers are technically against the Comcast AUP for residential connections), you can access your own media server from your smartphone, so you can listen to your music wherever you are...the possibilities are pretty much endless, BUT make sure that you secure the devices you are allowing access to with strong passwords. While many security experts frown upon the concept of 'Security by Obscurity' I personally don't see that it hurts to change the port you are using for some services, especially the more common ones...Any hacker knows that Windows Remote Desktop Protocol runs on port 3389, so instead of setting your port forwarding up to listen on port 3389 on the WAN IP, use a different port (above 1024 is recommended. The highest you can go is 65535). You can still tell the router to forward the traffic to port 3389, so you don't have to mess around with the registry settings for your RDP setup on your Windows machine. That is basic port forwarding in brief. If you have any questions, please post it in the forums in the Home Networking / Router / & WiFi Gateway Help board and we will try to help. Be aware that as of writing this (April 2013) there appear to be some issues with port forwarding on some of the Comcast supplied gateway devices. Unfortunately, there isn't much we can do to remedy those, if you have set up port forwarding properly. The suggested solution is to have the gateway placed in bridge mode, and buy your own router to do your port forwarding. Also there are some quirks to setting up port forwarding on the SBG6580 gateway. See this post for details: http://forums.comcast.com/t5/Home-Networking-Router-WiFi/Port-Forwarding-for-an-IP-Camera/m-p/152957...