Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Xfinity, pfsense, SB8200

    Scheduled Pinned Locked Moved DHCP and DNS
    1 Posts 1 Posters 328 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      genbean
      last edited by

      Re: Not able to get WAN from xfinity

      I just wanted to chime in here in case it helps anyone else having this issue. Mind you, I’m just a hobbyist with no IT education.

      I’ve been having an issue with not being leased an ip from Xfinity to my pfsense box. My pfsense box has been in service for years, previously with fiber and an ONT, then with a 5g cellular modem.

      Just moved to a place with cable internet and picked up a used modem. Modem is an arris sb8200. My other router (asus rt-ac86u) gets wan ip just fine using the same modem.

      There’s lots of posts out there about power cycling in the right order, disconnecting power from the modem overnight, calling Comcast to renew the MAC address of your router, disabling gateway monitoring, and even that the modem locks itself to one router MAC address.

      I know how to power cycle network equipment, that’s not the issue. A factory reset on the modem will clear any learned MAC addresses, that wasn’t it. And i seriously doubt Comcast can see the router mac behind the modem, but they certainly link your service to the mac of the modem, so that shouldn’t be a problem.

      All the posts i found about this issue had one thing in common, and that was the sb8200. So i bought an mb8600 to replace it, registered it’s mac with Comcast, and was still unable to get a wan ip.

      Fine, I’ll do a fresh install of pfsense. Was using 2.5.2 which it said was up to date, even though i knew 2.7.0 was out and i was on its release train. Since pfsense refused to realize there was an update available, this was as good a time as any. Booted up a fresh install from usb stick, assigned my interfaces the same as they were before (wan em0, lan igb0), and was still unable to get a wan ip. System hangs for several minutes while configuring wan before failing and assigning a 192 168 number to the wan.

      There was only one thing left i could think of before throwing in the towel; swapping Ethernet cables between wan and lan and changing the interface assignments. So now i have wan igb0, lan em0. Voila. Within 5 seconds i was issued an ip. However, once the system is fully up and running, gateway monitoring does indicate the wan gateway is down. As others suspect, Comcast is blocking icmp packets which prevents monitoring. I changed the monitoring ip to their dns address 75.75.75.75 and it works just fine.

      So it seems one of the Ethernet ports in my motherboard does not play nice with Xfinity. In all my googling, no one with this problem has ever mentioned which motherboard they are using. In my case, it’s an asrock z390m-itx. It has an i211 and an i219-v intel adapter onboard. I believe the one causing the problem was the i219-v. Once the i211 was assigned to wan, problem was solved.

      And to my enjoyment, i noticed load balancing is finally fixed on 2.7.0. I’m running a segmented network consisting of 5 vlans, and one of them is connected to 4 openvpn clients, configured to equally share the load. They had always acted in a round Robin fashion previously, now they are behaving correctly.

      Hope this helps someone out there! Please let me know if it does.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.