When I was helping a friend with one of the small networks for which he is responsible, I notice the DPC3939B gateway on one of his networks had bridge mode disabled, had private WiFi (2.4GHz and 5GHz) enabled, and the DHCP service and UPnP were enabled. The private WiFi networks were default configurations as far as I know--this network otherwise uses AirPort and AirPort Extreme for WiFi, with WiFi settings (SSID, etc) different from the gateway's WiFi settings.
Anyway, my friend agreed with my recommendation to disable WiFi on the DPC3939B and disable the DHCP server and UPnP and enable bridge mode. Between the gateway and LAN is a SonicWALL TZ215.
I first disabled WiFi, DHCP and UPnP, then enabled bridge mode. After the gateway applied the settings, we lost Internet access. I tried power cycling first the gateway then the TZ215--this made no difference. I think I need to adjust the WAN configuration on the TZ215, but I'm not entirely certain what needs to change. The TZ215 WAN interface is configured for the correct static public IP address. The default gateway address for the WAN interface is a public IP address which I happened to notice was the public IP address assigned to the Xfinity gateway when it was in router mode. I'm guessing I need to set this default gateway setting differently, but how / to what? Any other suggestions?
Hmmm...I saw this from Comcast_John's post on true bridge mode:
"If you want to use ‘true bridge mode’, please note the following characteristics of devices in bridge mode:
I assume the static IP limitation is referring only to the gateway/device in bridge mode, not to a routing device (TZ215, in this case) on the LAN side of the bridge? In other words, I can still use a fixed static public IP assignment on the WAN interface of the TZ215, correct?
I assume enabling bridge mode on the DPC3939B should configure its WAN IP settings (e.g. dynamic assignment) appropriately for that mode, no?
For testing, I configured the TZ215 WAN interface to acquire its IP configuration via DHCP. After doing this, I was able to ping well-known public IP addresses and browse the web.
I logged on the DPC3939B (in bridge mode) to confirm its settings and noted that it too acquires its WAN IP configuration via DHCP. I may have overlooked it, but I couldn't find a place to set the configuration statically if I'd want to--I expected as much for bridge mode.
Two questions for now:
What does Comcast_John mean in his True Bridge Mode post when he writes Cannot have a fixed Static IP assignment? From the way the post is written, I understand John to mean the Xfinity gateway specifically (DPC3939B in this case) in bridge mode cannot have a statically-assigned public IP address on its WAN interface, but a customer-owned/managed firewall (such as the TZ215 in this case) behind the bridge-mode gateway could have a statically-assigned public IP address on its WAN interface.
Comcast_John writes that customers can request to have their gateway/routers set to true bridge mode by contacting Comcast support. This seems to imply that true bridge mode is different from the bridge mode I enabled via the DPC3939B administrative interface. Is that correct, and if so, how does true bridge mode differ from the bridge mode I enabled?
I guess technically that is three questions... :-)