Adventures in ComcastLand – DMZ on a new Comcast modem

Lately my internet connection (a 30Mbps Teleworker account) has been “acting up” with a ping rate that varied from 11ms to 1000+ms a download of 30Mbps – .6Mbps and an upload of 4Mbps-.4Mbps (using speedtest.net pointed at their nearest server – which is hosted by Comcast).

I upgraded my router from an old Netgear WNDR3700 v2 (running DD-WRT) to an Asus RT-U66R (that I also flashed to DD-WRT) but the problem persisted so I called Comcast.

The next day a technician arrived and pointed out I was given a residential-grade docsis v2 modem instead of a Teleworker-grade docsis v3 and then went through all of my cabling before replacing the modem and calling it a day.  My bandwidth immediately jumped to 30-90Mbps down and 20-45Mbps up.  Which is actually some pretty wild swings, but much better performance than I’d ever seen before.

Just one problem, my port-forwarding no longer worked.  I wasn’t sure when it had stopped during the day and wasted time with DD-WRT and then setting the Asus back to a factory firmware before looking outside the box (well, outside my box) and at the new Comcast modem.

The Comcast modem I received is a NetGear Residential Gateway.  Pulling the IP address from the Asus (the modem is the default gateway for the WAN connection of the wireless router) I connected to it with http, only to be prompted for a login.  Google found “cusadmin” with a password of “highspeed” which worked just fine.

Poking around the interface, the “modem” has many of the tricks of a typical home firewall, with NAT, port forwarding and DMZ among its settings.  First step was to make sure my IP didn’t change, I set the DHCP timeout to “forever”

comcastdhcp

 

I then went into the Firewall/DMZ settings and enabled the IP address given to my Asus router as the DMZ device.  This directs all traffic hitting the NetGear gateway directly to my Asus.

comcastDMZ

 

Poof per Shield’s UP! and my rapidly filling email box, my port forwarding is working again.

 

 

This entry was posted in Network, Security, Vendor rant and tagged , , , . Bookmark the permalink.

Leave a Reply