Accessing Comcast Modem Remotely through firewall | Reward

  • So you guys are probably familiar, but you can access a Comcast Modem at from your LAN, even when you have a static IP configured.
    I am trying to figure out how to do this remotely. I basically want to port forward via NAT but need the redirect to go to back to the WAN port instead of the LAN.
    Has anyone figured this out? Any ideas?

    This works out of the box with DD-WRT but not with PFSense.
    I tried a simple static route but that didn't seem to make a difference.

    $10 via Paypal for a working solution :)


  • Would by chance is the "Block private networks" enabled on the WAN?

    If so you might try disabling it.

    Block private networks
    When set, this option blocks traffic from IP addresses that are reserved for private networks as per RFC 1918 (10/8, 172.16/12, 192.168/16) as well as loopback addresses (127/8).  You should generally leave this option turned on, unless your WAN network lies in such a private address space, too.

  • Good suggestion but tried that, no dice.

  • For front-end devices like this they are not going to have routes back to places inside your network that you might be coming from. So I put Outbound NAT into hybrid mode and add a rule that has all the source subnets that I ever come from and NATs those out WAN. That way if I come via some site-to-site OpenVPN links, road warrior OpenVPN or… I always get NAT applied out to the WAN. The front-end device sees the connection coming from pfSense WAN IP and can respond to that.
    Screen shot attached from my home system (that has a bunch of rubbish subnets from testing various VLAN crud... over time, I should clean up one day)

Log in to reply