Starting this morning, I am having trouble accessing the ports on the XB6 modem rented from the Xfinity store. This involved both SSH ports and another 3389 port for Windows RDP connection. The conncetions start to be intermetent, with lags in graphics over RDP and lags in keystrokes in SSH ocnnection. Then, an hour later, I completely lose the ability to remote into home computers through either RDP or SSH.
After debugging for a few hours up to now, I finally arrived at a surprising fact: that I cannot ping the public IP address of the Modem when I use devices that are out side of the home network. With my public IP as XX.XX.XXX.XX, I simply run ping XX.XX.XXX.XX command to check the connection. It won't show anything when I am in my office, using the work-WiFI or using my phone's celleluar network. The only two expections where pinging the public IP may work, is either I am directly hooked up to my WiFi network at home, or connected through the XFINITY wifi that is "publically available" (I guess the two wireless networks are actually behind the same gateway or so)
Please confirm if you are able to ping your home router's public IP address from anywhere other than your home. This is very helpful debugging info for me. (Mainly, I want to avoid misunderstanding about the routing at the ISP level.)
If you have a public IP assigned which is accessible from the internet, then your router logs should show if the PING's are reaching it, but not being responded to. Generally, ICMP responses have to be allowed/activated or they are ignored.
Thank you for clarifying that I am not supposed to ping the home router from any other IP addresses.
My problem with the connection to a home server under port 3389 (default for RDP) may have to do with the "xFi Advanced Security" tool on xFi ==> while its logging tool is not 100% capturing all log-in attempts into the home servers, it is a viable spot to approve IP addresses from which remote accesses were initiated.
Once granting access from a certain source to a certain home server, it shall white-list the source IP for 30 days.
Only IPs that have been whitelisted can ping the home router.
Hello, llinfeng. Welcome to the Xfinity Forums!
Remote connecting to your network when you have the xFi Advanced Security can be a tricky thing to do as the security system, as you have found, will block new IP's that you haven't already designated as being safe. Unfortunately, if you are using mobile devices to connect with, especially when using mobile data, it will be given a new IP every new data session, or periodically refresh the IP address assigned if your device is continuously connected.
At that point you would need to look into acquiring a static IP for your device.