Comcast supports VPN access using any security setting you choose. If you're using your own WiFi router connected to your wireless gateway, make sure that bridge mode is enabled on your wireless gateway. Your VPN provider (likely your employer) may require specific security or firewall settings in order to connect successfully. Contact your VPN provider and work with their IT if needed.
OpenVPN is here: https://openvpn.net/download-open-vpn/
Wireguard is here: https://www.wireguard.com/
The default install instructions on either are a good start.
Wireguard is a bit faster due to less packet overhead, but much harder to defend against intrusion bot traffic (no connection logs to parse for easy utilities like fail2ban). OpenVPN has failed connection attempt delay built into the configuration file.
The only thing your gateway has to do with it, is a single port forward to the device running the VPN server. You can buy a 3rd party gateway with a built in VPN server, but I wouldn't trust that as far as I could throw it. A gateway isn't a security appliance, nor should it try to be.
I could also add to the previous post, there are easy ways to construct a personal VPN server too if you are getting bogged down with configuration files and certificates.
You need to run the software on 'something'. How about a raspberry pi? Then it's really easy with pivpn https://pivpn.io/ That sets up the server, and you can make client certificates and backup the setup with a simple comand.
If you are doing it in the first place, check out opnSense or pfSense for a firewall solution. They they have a VPN server built in, and both have a package-addon for client config generation. Local web server based configuration. Requires a dedicated host computer (x64). Put your clients/devices/gear including your wifi access on the inside network, don't use WiFi on the gateway, and you'll be able to see every packet that comes in and goes out.
You're right though. Public WiFi? Yep, flip on your VPN connection. Its how I do it too.
@Sassicaia, thanks for the clarification and we apologize for any confusion there. We don’t provide technical support for VPN setup/connections, so in order to connect successfully, we strongly suggest contacting your VPN provider for further configuration details.
I can send you some helpful information in regard to making changes to your firewall settings for your wireless gateway model, or a user guide for your wireless gateway model. If you would like me to do so, please send me a Private Message including your first and last name as it appears on the account. To send me a Private Message, please click my name “ComcastAmira” and click “Send a message".
We don't currently offer a VPN connection directly though us, so you would need to look into using a third party service for a VPN. Once you have found a VPN provider that you'd like to use, they should be able to help get you set up with the VPN in no time. While we don’t provide technical support for VPN connections, here is a link with some more information that includes links to other support pages you may need: https://comca.st/373cZdA.
Both Wireguard and OpenVpn are free and open source. What they sell are services as companies and consulting to pay the bills. Their websites may be a bit confusing but stuff is there, along with the install instructions. Lots of HowTo's out on the web too, but start with the official documentation. Learning curve? Sure.....why not, right?
For Wireguard Linux, its in the regular repository for your distribution like any other program. If you want a windows server to be your VPN server, it's here, but I wouldn't set up windows to be a server of any kind. https://www.wireguard.com/install/ For MAC, use homebrew "brew install wireguard-tools". It's command line, and a config file on mac..
For OpenVPN, to run the server (OpenVPN Access Server), you'll need a linux box of some kind. There are virtual appliances too, so you can run them on ESXi. Perhaps even a windows box with VMware will work. Haven't tried VirtualBox and their ova image, but perhaps you can get it to work. The client software is free too and in the app stores.
By far, the easiest way is to just get a raspberry pi B+ (even the pi Zero will work), and use the pivpn install script. That does everything for you. Pi Zero hardware won't be very fast, but it works well enough for surfing and actually reasonably secure enough (provided you only expose the VPN port to the internet) that I wouldn't worry about it..
Please check your link, it's broken.
@Sassicaia, my apologies for any issues with the link I sent in the previous reply. You should be able to access the site by copy and pasting it into your web browser if it doesn't automatically bring you to the site. However, here is a new one to try that should work for you: https://comca.st/2ZlvTs9 Please let us know what else we can do to help!
That is correct, our modems include the router in one. Just to confirm you're attempting to set up your home network as a private VPN service when you're outside your home?