Netgate 4200 Setup: Bridge Mode, DVRs, and COAX for Xfinity
-
Hello everyone,
I'm looking to downgrade my services with Xfinity. I currently have their xFi gateway but would like to handle my own network routing and security with a Netgate 4200. Since I work from home, I want tighter security for my home office. I have done some smaller network configurations before using a Netgate 2100, and my ISP-provided modem was a basic Netgear CM600, which defaults to bridge mode.
However, I’m a bit confused about my DVRs and the COAX connection for cable.
Currently, I have four DVRs: two TiVos with lifetime licenses that use cable cards and two Xfinity-provided DVRs that work seamlessly. How should I manage the COAX connection from my cable provider to each DVR? Would this setup be outside my firewall? Also, will I need a device to manage the bridge mode to my firewall and a separate connection for my cable TV coax?
Thanks for any advice!
-
How should I manage the COAX connection from my cable provider to each DVR? Would this setup be outside my firewall? Also, will I need a device to manage the bridge mode to my firewall and a separate connection for my cable TV coax?
Not sure I get the full picture here...
When you write COAX connection, do you literally mean Coax cable, as in this : https://en.wikipedia.org/wiki/Coaxial_cable
Assuming it is real COAX cable to your TiVo/Xfinity DVR's, then I would say it depends what "cable" is coming into your home to start with...
If that cable is also COAX, you will obviously have to convert to ethernet and that "modem" will sit outside of your firewall. AND my guess is that same unit may have additional connections for your DVR's, also being outside (separated from) your network.
If the incoming cable is Fiber/Ethernet, you can probably choose whether to have the COAX unit outside, or inside, on a VLAN for example. It will depend on the "modem/media converter" what you can or want to do. Having it outside will likely be simples as any VLAN's or other traffic separation is handled by the ISP and you don't need to mess with it at all...
-
My ISP connection is similar to yours. The coax runs through a splitter (5 way in your case) with one coax from the splitter to each DVR and one coax to your modem. The modem will convert from coax to Ethernet and you’ll connect the other end of the Ethernet cable to the WAN port on your 4200.
All the coax connected devices will be outside the firewall.
-
I wanted to be certain. After diagramming the setup, I see that the Xfinity DVRs operate outside my firewall. It seems straightforward.
-
@CatSpecial202 Yes that makes sense, and it's likely that you could simply put the xFi Router back in it's box and replace it with pfsense. Assuming that the cable to xFi is not coax as well?
To increase the likelyhood of that working, you can spoof the MAC on pfsense WAN, and basically make the ISP's routers think that it still is their Router which is connected.
And if it is coax to the xFi router, you can always put it in bridge mode...
-
@Gblenn okay, yeah it is coax to xFi. So, bridge mode it is.
