I have been fighting for weeks now with this 'gateway' trying to get it to work with my perimiter devices. I cannot get ports to NAT through to my servers.
I finally put a wireless access point directly attached to the CG3000 so I could see if its my firewall's NAT/rules or if its the CG3000, and I got right through as I suspected I would. When I try to do the same, hitting my static IP from the internet, no ports get forwarded. I have the CG3000 in true bridged mode. My internet is working correctly, so I believe I have everything configured right - I just can't get back into my network.
I've called and asked to be sent to Tier 2, but no reply yet.
Has anyone else had similar problems with external access, "true brdiged mode", and firewalls?
For grins, I moved my server to be in front of my firewall direclty attached to the CG3000 as well, turned on DHCP, turned off true bridged mode and enabled port forwarding and I can get to the server, but now I have to hit my WAN DHCP address of course. so I know its possible to get ports through, what the hell am I doing wrong or whats wrong with this gateway?
Why can't I just have non gateway device like any other ISP? Only had this a month and seriously considering breaking my contract for something that works.
Solved! Go to Solution.
If you have multiple servers that are NOT plugged into any firewall or other controlling security device, so you try the following when you can log into the Netgear 3000 :
1. Click on FIREWALL link, then click on the check mark next to disable true static IP firewall to enable the fireware
2. then click apply
3. now click on Port Forward Configuration, you will see a link in here - true static IP port management, click this link
4. make sure you select the option from the drop down - block all ports with the following exceptions. This is to maintain your server's security integrity and ONLY open the ports of the application that you want to remotely access into.
5. click the add button, then enter in the port Name, public and private ports which can be the same for ease, then enter the actual static IP routable address(s) that your device(s) are using and these should ONLY correlate to the actual application ports.
If you have servers behind your firewall device thta are using your firewall's DHCP dynamic address, then procede as follows:
1. your firewall NAT rules about your server device ports MUST be enabled as follows:
a.) server(s) IP address(es) and port(s) mapped bidirectionally into firewall static IP port (s)
b.) then you should be able to use the steps 1-5 in the server(s) directly connected Lanports I mentioned above.
Hope this helps you out.
Thanks, but it does not. After waiting a week for a call back from Tier 2 support, the tech was baffled at why it didn't work - but confirmed it didn't work. His only solution? Replace it with the older SMC D3 - essentially the SMC version of the same gateway. My configuration is literally identical now on my SMC D3, and guess what? It works!
Comcast really needs to put Netgear's feet to the fire, because clearly this issue is in their hardware and by the amount of complaining on this forum, I'd say it's pretty widespread.
well actually, i've had multiple CSRs and a field tech tell me that the problems have been mainly in Netgear's firmware, and that the hardware inside the box is actually pretty decent. At the very least, it can bond twice as many downstream channels as the SMC. Hopefully it will get resolved soon, since, assuming a working firmware, the Netgear would be the better choice.