Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
24.1 Legacy Series
»
Cannot get out on the internet with Comcast Business service
« previous
next »
Print
Pages: [
1
]
Author
Topic: Cannot get out on the internet with Comcast Business service (Read 1388 times)
WolfpactVI
Newbie
Posts: 21
Karma: 0
Cannot get out on the internet with Comcast Business service
«
on:
May 24, 2024, 04:08:27 pm »
Good morning everyone!
I am trying to set up an Opnsense box at my small office (mainly to overcome various stupidities of Comcast and WSE). I have an Opnsense box set up at home and had no trouble getting an IP on the WAN interface from my Verizon residential dynamic IP service. Working wonderfully. However, at the office we suffer under a Comcast Business plan, and I have thus far been utterly thwarted getting an IP on the WAN interface from the Comcast box.
Specs: Dell Precision T3610 repurposed as the router, Opnsense 22.7 (yes, I know I'm in the wrong forum, but it seems like no one posts in the 22.7 forum any more, and I'm going to update as soon as I can get a WAN connection), Intel 4-port NIC. Comcast box: Technicolor CGA4131COM set in pass-through mode according to Comcast's instructions (true bridge mode not allowed by Comcast if you have a static IP from them, which we have). Opnsense LAN is 192.168.10.2, Comcast box LAN is 192.168.10.1 (which it's always been).
I have checked all of the usual suspects - bad cables, wrong ports, etc. I am going to double check that I didn't mess something up in the configurations, but it's pretty vanilla at this point - I haven't been messing with any custom configs or VLANs or anything. No trouble reaching the UI via the LAN port and IP.
I have followed all of the steps from Comcast about putting their box in pass-through mode, restarted it after changing settings, restarted the Opnsense box, etc. If I leave the WAN in DHCP, all I get is 0.0.0.0 for the IP. Following suggestions elsewhere on the interwebs, I tried manually entering the available static IP from Comcast (XX.XX.XXX.165/32), but could not get out on the internet from any internal device even when setting the default gateway on the device to the Opnsense box at 192.168.10.2 (but no trouble reaching the UI on that address). Next I tried changing the WAN "IPv4 Upstream Gateway" to the static IP assigned to our Comcast box (XX.XX.XXX.166) as per suggestions elsewhere, but kept getting an error message from Opnsense that "The gateway address XX.XX.XXX.166 does not lie within one of the chosen interface's IPv4 subnets". So I'm stuck there for the moment too.
I'm committed to making this work. I'm just not sure what to check or where to look or what to try next at this point. So I decided to post here first before I wipe everything and start over from scratch (which I'm open to if that's likely to help). I would be immensely grateful for any suggestions.
Logged
zz00mm
Newbie
Posts: 40
Karma: 2
Re: Cannot get out on the internet with Comcast Business service
«
Reply #1 on:
May 24, 2024, 08:17:33 pm »
I have comcast business myself with 5 IP's. so the only item I can suggest is have you spoofed the WAN mac address of your current firewall into OPNsense. I know on the residential side they use to remember your WAN mac address and I use to leave the firewall/modem off for about 1 hr to get it to release. using a /32 is like a VPN connection it's the GW.
https://docs.opnsense.org/manual/interfaces.html
Logged
WolfpactVI
Newbie
Posts: 21
Karma: 0
Re: Cannot get out on the internet with Comcast Business service
«
Reply #2 on:
May 24, 2024, 10:21:03 pm »
Thanks for the reply.
I have not tried spoofing the MAC address, as the only firewall was the built-in one in the Comcast box. Not sure if there would be anything
to
spoof. I did not try leaving the Comcast box off for an hour (if that was what you were intimating), but I could try that over the weekend when no one's here. Not sure I understand your last sentence about using the /32. (I used that for the Comcast provided static IP for the WAN because we only have a single static IP).
Logged
allan
Newbie
Posts: 45
Karma: 11
Re: Cannot get out on the internet with Comcast Business service
«
Reply #3 on:
May 25, 2024, 02:06:15 am »
I can confirm that Bridge Mode must be set to "Disable" if you have static IP addresses assigned. But, /32 is not the correct subnet mask. Check the Static IP Information page for your account. Write down the usable IP range, subnet mask and gateway IP listed there. Then, take that gateway IP and confirm it is setup on your modem. It is listed as "WAN Static IP Address (IPv4)" under the Gateway > Connection > Comcast Network page. If you do not see that entry or if the IP address is different, contact Comcast Business Support. They need to provision that static IP on your modem. Those tend to get lost whenever Support reinitializes the modem. They sometimes think that is a quick fix when you call them for support.
Logged
WolfpactVI
Newbie
Posts: 21
Karma: 0
Re: Cannot get out on the internet with Comcast Business service
«
Reply #4 on:
May 31, 2024, 07:50:50 pm »
So a little update. Over the weekend I wiped the Opnsense box, installed the latest version, set everything up again. And thanks for the pointer. I somehow missed on the Comcast account page RIGHT NEXT TO the static IPs that the subnet mask is .252 or /30. Still could not get anything from the Comcast box setting the WAN in DHCP mode, but once I put it in manual it suddenly worked. I also had check "far gateway" as I read in someone else's post, but I unchecked that today with seemingly no ill effect (as yet).
But now I've got a different problem kicking my butt. We have three TP-link wireless routers (two C7 V2 and one A9 V6) that have been happily humming along for years in access point mode (LAN port plugged into the switch for the network, WAN port unplugged, each with a unique static IP, DHCP off, no guest networks, etc etc). Once the Opnsense box was up and running, all three no longer have access to the internet via wifi. They are plugged into an unmanaged switch which the LAN port on the Opnsense box is also plugged into (only switch I have access to in that physical location at the moment). I can access the Web UI for all three from anywhere on the network, even over wifi. I can access the web UI for the Opnsense box from my phone connected to the wifi, but my phone cannot get out ont he internet. Opnsense is the DHCP, my phone is getting an IP in the correct range, and shows the Opnsense LAN IP as the gateway. The A9 has a PC plugged into another of its LAN ports and that PC has internet access. I'm pulling my hair out trying to figure out what I'm missing.
Couple of weird things. Only the A9 had a place to enter a gateway IP on the LAN side, and would not let me leave it empty. The C7's have no place to enter a gateway IP for the LAN. Only the A9 shows up in the Opnsense ARP table. Neither C7 shows up, though I can ping them and they can ping the Opnsense box and each other.
Help!!!!
«
Last Edit: May 31, 2024, 07:54:20 pm by WolfpactVI
»
Logged
WolfpactVI
Newbie
Posts: 21
Karma: 0
Re: Cannot get out on the internet with Comcast Business service
«
Reply #5 on:
May 31, 2024, 08:49:32 pm »
After running ping and trace route from the Opnsense box to the various TP-link access points, and through them to two different cell phones, suddenly all of the TP link AP's show up in the ARP table along with the both cell phones. And now one cell phone can access the internet over wifi and the other cannot (both iphones, both configured identically).
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
24.1 Legacy Series
»
Cannot get out on the internet with Comcast Business service