Current setup: Cisco DPC3941B w/5 static IP addresses
Goal: Use the DPC3941B as a bridge in order to use customer-owned firewall behind it and retain static IPs
I've looked through a number of posts regarding how to setup a Cisco DPC3941B as a bridge so you can use your own firewall behind it. Many threads have conflicting information where some state you need to put the device in 'True Bridge Mode' - while others claim you need to contact Comcast directly and have them place it in an actual bridge mode since 'TBM' doesn't give the desired results. Still others have said that you don't want to bridge it at all and should just set the WAN IP on the DPC3941B to the gateway IP address that Comcast provided. In posts, each of those answers were marked as 'Accepted Answer' so I don't know what to think.
Also, I am aware that doing so disables routing, NAT, DHCP, wifi, etc. I was also told that Comcast would lose visibility into the modem itself - I can live with that.
What I'm looking for is the definitive answer: What steps do you need to take (including who to call, and what to ask for) so you can set a Cisco DPC3941B to act as a bridge to allow you to used a customer owned firewall and maintain use of the static IP addresses?
We're facing the same problem. I have just started with Comcast. They provided a Cisco DPC3941B and my plan includes 5 static IPv4 addresses. I too have seen the conflicting forum posts and am lost for how to configure this device. It's frustrating to pay for 5 IP addresses yet be unable to use them.
I have the same problem. I got Cisco DPC3941B with a subscribed Static IP in Dec. 2016 as a new customer. Everything was working fine when I used the DPC3941B with Bridge mode disabled. It's DHCP would assign IP 10.1.10.x to my router and computers. I can use the internet without problem. To use my subscribed Static IP x.x.x.153, CIDR x.x.x.152/30, Gateway IP x.x.x.154 Subnet Mask 255.255.255.252, I follow some posts in this forum to reset DPC3941B to factory default, disable the DPC3941B Wifi, IPV4, IPV6 firewalls, etc. and enable the bridge mode with a computer connected to port 2 of DPC3941B. Connect my router to port 1 then power cycle the DPC3941B. When the power up initialization is over, my computer connected to port 2 is assigned an IP address of 55.x.x.x using gateway 55.xx.xx.1 and this computer can get on the internet without problem. But computers connected to my router (router WAN port is connected to port 1 of DPC3941B) can't access the internet whether I configure my router WAN port to the Static IP x.x.x.153 Gateway x.x.x.154 Subnet Mask 255.255.255.252 or use DHCP from DPC3941B. So, how do I get the bridge mode to work?
I followed another link that says Bridge mode and Static IP won't work together. It suggested a pseudo Bridge Mode by disabling the DHCP on the DPC3941B and set the static IP x.x.x.153 to my router WAN port still connected to port 1. After doing so, my comupter connected to port 2 quit working because with the DPC3941B DHCP disabled, it won't get an IP address assigned. But the computers connected to my router started working with the internet. However, pinging my subscribed static IP x.x.x.153 won't get any response. I need the static IP to be visible in the public domain in order for my VPN to the corporate network to work. How?
With the same configuration in my router except a different static IP, everything was working with a different ISP. What's different in Comcast's network?
Did you find a solution to this problem? I didn't see any follow up posts, just thought I would ask. I chatted with the Comcast Business support person and they had no idea and no documentation for the product, really great support.
Apparently the "built for business" Comcast internet isn't quite built for business. As far as I've been told by multiple Comcast employees, you cannot use bridge mode or a third party modem with static IP's and all of the 100+mbps capable modems are brain dead in the routing department. Your best success is psuedo-bridge mode (i.e. disable all firewalling and filtering on the Comcast modem).
Kind of miffed about this whole situation and even more so at the multiple varying responses from Comcast employees. Note: If you don't know how a carburetor works, don't try and explain its function to a 30-year seasoned mechanic.
Hello Just2old4this and Guitardood.
I can definitely help with your questions regarding bridge mode and statics. You're correct in terms of not being able to use statics with bridge mode. Bridge mode disables all routing which also includes statics routes. We're also not able to configure statics to owned equipment since we're not able to log into them. You may be looking into passthrough mode as an option. Please do let me know if you need anything.
I don't want to hijack this thread, but would appreciate if you could look at and/or comment on this post, regarding trouble with the business gateway obeying Static Routes (different than staitc IPs) that have been added.
Thanks for your question. What the tier 2 rep stated is true but let me elaborate on that. Static routing may be an option available in the gateway interface. However, this feature is not supported by Comcast technical support as this would be past our demarcation if your rules didn't work. If you have any additional questions, feel free to send me a private message.