Ubiquiti ERLite 3 and Comcast with the new Cisco box they use

[Markverhyden]

Anybody with experience? I've setup up several of these ERLite 3 with fixed IP's and never had any problems. But today was a first using the new Comcast/Cisco modem with a fixed IP address. Can't seem to get it to work. I did a Cisco RV last week with the same model modem and had no problems.

Did the initial setup and it did not work. So I setup my laptop with the same info and no luck. Called support. Turns out they have to do something on their end to enable true bridge mode even though I have selected Bridge Mode on the router. Once that was done my laptop worked fine. So I went back, defaulted the device and started over. Still no love. On the device dashboard I'm seeing plenty of Rx traffic but no Tx traffic on the WAN port. The site is one usable IP, subnet mask is .252, so it's 1.2.3.4/30.

For grins I decided to set the WAN to DHCP since these usually provide a public address for DHCP. Get a public IP and everything works fine. So I'm stumped on the one. Just hoping I have not had a massive ID ten T moment.

 

[silvano]

MAC address lock on your laptop? I've had this derail a few deployments before I learned to do an ipconfig /release before pulling old/working/test equipment out.

 

[YeOldeStonecat]

What make/model is the new gateway you encountered Mark?

 

[Markverhyden]

Thanks for the input. But /release only applies to DHCP and I never had that se

What make/model is the new gateway you encountered Mark?

Pretty certain it is this one. Forgot to grab a photo. Of course it is loaded with their firmware which we have limited access.

http://www.compsource.com/pn/DPC3941TMC14K9/Cisco-91/?src=F

 

[Markverhyden]

So, the plot thickens with Comcr@p. After arguing and escalation I'm finally able to get T2 involved. They are claiming all kinds of stuff. So meet them today and yet another T2 tech claims to have fixed everything. But this is the rub. I have always put the ISP's modem in bridge mode for my customers as well as when I'm doing work for others. It's the only way to get past any undocumented mangling they do on the router. In fact I have another customer not 1 mile from this site with the identical Comcr@p modem and ERL 3. It is in bridge mode and works fine. But they are now claiming that it cannot go into bridge mode, just turn off LAN dhcp and assign the static to the router.

 

[YeOldeStonecat]

But they are now claiming that it cannot go into bridge mode, just turn off LAN dhcp and assign the static to the router.

I'd keep dialing until I got a tech with a clue. No need to turn off DHCP on the Comcast supplied gateways....I always leave that on, comes in handy. Still assign my edge device(s) static pub IPs and plug in and they work. There is the switch you do have to throw, to enable public IP passthrough.

 

[Markverhyden]

That's the switch I toggled. Now they claim you do not toggle it. For security reasons I prefer to change the modem LAN IP scheme and turn off DHCP.

 

[YeOldeStonecat]

The link you posted for the make/model gateway is broken for me....so I can't tell what model you're dealing with.
That 10.1.10.xxx range of the gateway, with DHPC, I've used that for a poor mans VLAN setup for guest wireless. Or utilized that for on prem equipment that needs remote access, but is not production network related. Such as an IP interface for the phone system, or HVAC system...for remote access by their support.

Looking forward to a new Comcast deployment to see what this new gateway is about.

 

[Frick]

I believe the gateway in question is the one they are using for both business and residential. The business one has a slightly different firmware version.

It is basically a rectangle that stands on its side with wifi and phone capabilities and has 4 ports. They started using it a year or so ago for the purpose of providing their secondary "public" wifi Hotspots.

If that is the model, it should have the setting to bypass it's firewall for static IPs enabled by default. (assuming you have a comcast provided static ip).

One thing to keep in mind, if you do a factory reset on a comcast business modem, it loses its static ip info and you have to call support and have them provision the modem again.

 

[YeOldeStonecat]

I believe the gateway in question is the one they are using for both business and residential. The business one has a slightly different firmware version.

It is basically a rectangle that stands on its side with wifi and phone capabilities and has 4 ports. They started using it a year or so ago for the purpose of providing their secondary "public" wifi Hotspots..

The XFinity one?
I've mostly seen those for residential, I think one or two business...but not one we've managed and had our routers in.
We see the SMC 8014 for example, or Netgear CG3000...both with basically same firmeware/web admin.

 

[Markverhyden]

Here is the link - http://www.cisco.com/web/consumer/pdf/cisco_model_dpc3939_docsis_3.0_16x4_wireless_residential.pdf

The business one looks exactly the same, but the model is 3939B. I've never seen a residential one but I think that the firmware is the same.

 

[Frick]

That is the one I am talking about. It's their standard xfinity (residential) and business router now. You can get an smc or Netgear but have to explicitly request it.

Mark, I would factory reset it and call support to get the ip provisioned to the router again. Then try the edgerouter prior to editing any settings on the Comcast router. It sounds like some settings are bad, and they may be ones you don't have access to. A reset may fix it.

 

[Markverhyden]

@Frick, thanks for the suggestion but I've already done that 3 times. The problem is their T1 business support people can be really flaky. I've done tons of installs with all kinds of ISP's. One thing I have learned, for static IP's and third party routers, is that you really want the connection to be bridged to bypass any undocumented packet mangling that goes on in ISP modems.

In the case of FIOS this means dumping the Actiontec and using the RJ45 connection on the ONT. With Comcast you used to have to have them put it in bridge mode. On the SMC's and Netgear's, due to the firmware, all you could do was turn the firewall off for true static IP's and they had to do something on their end for the bridge part. These new ones actually have a firmware option to toggle it in and out of bridgemode. Apparently they are still having problems with that firmware.

But this is a real problem for customers. They are paying me to make Comcast "fix" Comcast's problems. It's over 5 hours for this customer. While I would like it to be setup properly it's currently working with the fixed IP and bridgemode off. So I'm leaving it alone.

 

[PaulTech]

I believe that is the last one I saw at a residence. They had the router tied to the .1 address so if you change the LAN the GW was always set to .1 without an option to change it. They were using a new pwd with it too.

 

[mbrooks67]

I work for Comcast and if you bridge the GW its just a dumb modem, it passes everything through. I'm not sure what you're trying to do but at this point its all done in the router. Which should be set for DHCP or you wont get an IP address. If you plug your laptop to the modem and are online, the rest is up to the router. Which is the best way to go, the built in wifi is right there on the modem getting interference so the wifi is pretty weak and I don't recommend, even though they sell it like its the best thing going, just because the public thinks WF is great and they all want it, cause WF is everywhere...nothing could be farther from the truth. I compare it to the Extends Male Growth pills. Its bigger...if you believe it is.