Cannot Ping or SSH to Servers on Static IP's with Servers connected to two routers then the Gateway

Below is session from tech support that indicates you cannot SSH port 22 to to separate harddware servers that  each have their own router connected to the comcast gateway.



Corey: Hello, thank you for using chat through your portal to reach out to us today. My name is Corey and I'll be assisting you. How can I assist you today?

Dennis: Cannot Ping or SSH to Servers on Static IP's with Servers connected to two routers then the Gateway I used to have an old style Comcast Business Modem, was having drop issues so they upgraded to Comcast Gateway with combined Modem Wifi Router. With old set up could SSH to each machine or Use Remina remote session. Now cannot ping, SSh or remote desktop. In terminal on linux if I ping from server one to server two I get no response on global ip. If I am outside my network and ping server one or two I get no response. Same fo SHH

Dennis: I read that with the new Comacst Modem router there are issues with setting up remote access. I desparately have tyo have remote access to the servers on port 22 etc. Can you get just a simple Modem instead

Corey: We do not allow "remote access" unless you assign a computer that is plugged directly into our gateway for backwards access, but remote access is not allowed on any Comcast modem.

[Here Corey is so confused he thinks I am talking about remote control of the Comcast Gateway]

Corey: we're not supplying the standard modems - the wireless gateway is now being installed

Dennis: Need to make sure of what you are saying. on a cheap ISP Hosting I would get secure shell SSH to terminal in to my host.

Corey: You're speaking above my technical knowledge.

[Clearly this is going not so far... but what options do I have I will ask for advnced support later]

Dennis: Are you saying I am blocked from going to Starbucks and secure shell to my server in terminal mode?

Corey: From a remote location, you "cannot" remote into our modem.

[AgainCorey has no clue what running a terminal session is into a Server via SSH.. we ar enot concerned with the  Gateway]

Corey: You need to be ONSITE, connected via CAT5 or on our WIFI.

[Stilll on the Gateway ]

Corey: that is how you gain access to our gateway. Some settings/changes can be made in the portal under MANAGE SERVICE > INTERNET

Dennis: You are talking about manage Comcast Modem Router.... I am talking about managing my Web Servers One and two via a terminal session that uses SSH

Corey: Then you would need to direct that specific question to those who possibly support them? Comcast is here to make sure that your MODEM works as it should. The settings are appropriate, the statics are loaded & pinging. I cannot speak to your accessibility to your own equipment while off site

Dennis: Do you have a more technical support contact I can speak to. This all worked fine with the old Modem not with this unit

Corey: No I do not

[No advanced technical support beyond what Corey knows.. What is Comcast Business Internet?]

Corey: Are you able to go onsite to verify your settings are correct with your equipment after the modem was swapped? Sounds like you need to setup port forwarding to your servers.There are no port forwarding setup which would be my guess as to why you cannot access your servers remotely.

Dennis: Well each server is working fine for HTTP and HTTPS and other ports each of My personal routers is set up the same . Both firewalls are the same.  Right now the Comcast Gateway is recognizing each of My Routers automatically. Should I use the manual Advnaced set up?

[I foolishly keep going hoping ther is a magical answer to somehting that seems so basic]]

Dennis: Can you ask an associate if yoo know of other customers that SHH into their servers remotely with Comcast Gateway: SSH uses port 22 which I havee forwarded on My Linkys and Netgear routers.

Corey: I see a NETGEAR connected to xx.148 a Cisco-Linksys, LLC connected via xx.146 a Hon Hai Precision Ind. Co.,Ltd. connected via ethernet and a Liteon Technology Corporation (connected to 5G wifi). You do NOT have port 22 forwarded - there is no port forwarding enabled on our gateway.....

Dennis: Corey I was under the impression that the Gateway would forward ALL Ports to the NetGear and Linksys Routers where they are forwarded to Server One and Serve Two

Corey: I apologize, that would be an incorrect assumption.

Dennis: You mean I have it right therer is no need for naything on the Comcast Gateway. Port forwarding

Corey: I don't understand your last question?

Dennis: T or F all ports are being passed through the Comcast Gateway to my Linksys and Netgear Routers

Corey: F

Dennis: Ouch... can I set up so all ports pass to my Personal Routers..

[And around we go]

Corey: We can enable BRIDGE MODE which will forward all traffic - but disables static IP's..

[Crazy answers]

Dennis: That does not work cannot run servers without static

Corey: sounds like you will need to visit the site to log into the gateway to properly set up our modem to configure to your specifications. Are you familiar with logging into our modems when onsite?

Dennis: yes I was on a couplle minutes ago So on your Gateway can I configure port 22 twice so one goes to Nwetgear Router and server one and the other to Linksys the server two

Corey: You can only forward 1 port to 1 location you're going to run into issues/headaches/misrouted traffic otherwise

Corey: You may be able to direct the port to your router and have your ROUTER do the work - but our modem/router combo is not capable of doing that kind of request.

Dennis: So while I am paying 25 dollars a month for 5 IP's I really only have one fully functional

Corey: Do you want to downgrade to a single static at $19.95 instead?

Dennis: I have two servers not possible just wining on my part that this so weird.I am a bit puzzled port 80 443 and 25 work fine with pass thru Gateway do you have list of ports that are not passed

Corey: https://business.comcast.com/help-and-support/internet/ports-blocked-on-comcast-network/

[Corey referal shows only 3 to 4 ports are blocked but not SSH port 22 go figure !!!]

Corey: we don't block many ports

[yeah almost none and noe that are relevant to this issue]

Dennis: If port 80 splits to server146 and server 148 fine why not port 22? So my Netgera nad linksys redirect the port to the machine

Corey: I'm not sure how to answer you. As stated, there are no port forwarding rules setup in our modem/router to do any "splits"

Dennis: Do have an link to the advanced Manu static IP set up that has an example setup

Corey: nothing like that we have to provide unfortunately. have you run this by your IT?

Dennis: I am IT

[After that I gave up]

This Link is a bit more informative but still does not resolve the issue:

Comcast Business Static IP and your firewall, port configurations and web site blocking

Things get confusing because instead of straight passthru modem The Gateway is a composit device trying to simplifiy things for none tech customers that want Wifi Router Modem and phone all wrapped up in one.  Great for them but not so good when running a web farm of routers and servers.

I would like to assist with your modem concerns. Can you please provide the name, address and phone number on the business account through private message?