Hoping that someone can put a second set of eyes on a new configuration for us.
Our current setup has the Cisco DPC3941B in standard default configuration. We have a block of 13 static IPs. Our public addresses are passed through the DPC3941B to a link controller. This link controller NATs the public IPs to private IPs (10.10.5.x for example). Next hop is our firewall which performs a second NAT from the private IPs to several LAN devices (web server, 172.16.x.x for example). This current configuration has worked perfectly.
The link controller is going end of life so we tried moving the first set of NATs to the DPC3941B by doing the following:
1.) Changed the Local IP Gateway Address to 10.10.5.x.
2.) LAN DHCP is disabled.
3.) Firewall is set to Minimum Security (Low).
4.) Disable Firewall for True Static IP Subnet Only and Disable Gateway Smart Packet Detection are both checked.
5.) Under True Static IP Port Management, Disable all rules and allow all inbound traffic through is checked.
6.) Entered a couple test NATs (public IPs to 10.10.5.x).
7.) Powered off the link controller device.
Once this new configuration is saved, we cannot access any of our LAN devices like our web server from the outside. In addition, no traffic going outbound to the Internet is passing either. What are we missing? Thanks.
Thanks for your question in regard to 1-1 Network Address Translation. I would like to assist in any way I can. Since you are using the gateway's interface rather than the previous link controller's for NAT, you may want to re-enable the LAN DHCP to see if this will improve your situation. If this doesn't, I apologize but NAT within the gateway's interface is not actually a supported feature by Comcast Business and would be beyond or demarcation policy. An alternate solution may be to acquire a different link controller to handle NAT within your network.