Skip to main content
A
Anonymous_User
Contributor
October 11, 2007
Question

Comcast business service with static IPs

  • October 11, 2007
  • 3 replies
  • 3587 views
Does anyone have a FortiGate working with the Comcast business service? If so, how did you get it working with the FG? The Comcast box they gave me is an SMC 8014 that is a dumb router/firewall but supposedly acts a bridge if an internal device is assigned one of the external static IP addresses. yeah, it' s goofy and unintuitive, but I tested the theory with an XP laptop and it appears to work as advertised. Unfortunately, the Fortigate doesn' t, meaning I can' t get the SMC and Fortigate boxes talking using the assigned static IPs. I gotta run, but I can provide more details later if desired. Hopefully someone has done this before me and has a solution they can share....

    3 replies

    A
    Anonymous_UserAuthor
    Contributor
    October 17, 2007
    I' m a Net Engineer for a different cable company so it' s possible that comcast is doing dhcp reservations but my guess is that the modem you received is running RIP and routing a block of addresses. If so you would assign one of the fortinet wan ports an ip address from the network they assign you and then either turn up RIP to talk to the comcast router or create a default route that points to the gateway address.
    A
    Anonymous_UserAuthor
    Contributor
    October 17, 2007
    Thanks for the insight. I just got it working by pretty much disabling everything on the Comcast box and optimizing the rules/routes on the Fortigate. The confusing part was that pings to the wan port of the Fortinet box didn' t reply, yet I was able to pass traffic out. Pings to the static NATs work fine and that' s all I really need, so I can live with the setup.
    A
    Anonymous_UserAuthor
    Contributor
    October 18, 2007
    You can enable the fortinet to respond to pings under the interface options where it says Administrative options in the web gui.
    A
    Anonymous_UserAuthor
    Contributor
    October 18, 2007
    If only it were that easy. The ping box is checked and I even have a policy in place to allow pings, but no go. https access to that interface works though. Like I said, if the only thing that doesn' t work are the pings, I can live with it. Thanks much.
    Terms & ConditionsAccessibility statement