How not to set up an XFi Gateway
As I showed in my previous blog, it is neigh onto impossible to contact Xfinity online, or on the phone. Their local offices basically only deal in equipment. Using Twitter is the only way to get support. @XfinitySupport.
I upgraded to a 1.2 Mbps plan and the new XFi Gateway. But getting it to work required two days. Comcast has neutered the Gateway interface (10.0.0.1) by removing the crucial ability to do port forwarding. You can only use the Xfinity Home App.
It is impossible to configure this gateway unless you have a cell phone!
This is much less secure than a hard-wired connection to the gateway. Every other router I own (5 or 6) block WiFi connection by default.
Because I could not set up port forwarding (essential if you wish to access devices on your LAN from outside your house/office), I put the XFi gateway into Bridged mode, and used my Linksys Gigabit router. In the following, I am in green, my comments are in parentheses, and red is for important points.
| "Okay. Have you done any troubleshooting steps on your end to try to resolve the issue? No sorry, I'm not able to open the link. I would like to troubleshoot, while I do you will lose connection for 10-15 minutes. Is now a good time to troubleshoot? -Crystal", |
| "go for it" |
| "Note that I am in bridged mode because port forwarding does not work as explained on my web site. Try opening my page on your phone." |
| "Okay, thank you. I have sent a signal to your modem, please let me know when it is back online. -Crystal" |
| "it is back. still at 330 Mbps" |
| "Okay. What device are you using to test your speed? Are testing it hardwired or wirelessly? -Crystal" |
| "Speedtest app on Mac Studio. Hard wired. Fing app on mac gives same results, as does the speedtest web page." |
| "If you can set up port forwarding so I can take Xfi out of bridged mode,, here is what I need https://t.co/yLgreUr6wT", |
| "Thank you. Yes, I did find some information about port forwarding. It looks like we are not able to do it, it would be something you would need to set up. I can send the instructions on how to do so to your phone or email that you provide me with. How would you like to receive this information? -Omar" |
|
"I did it using my router, but the xfinity app does not work as they say. See the above (several) image of what is wrong. And what about my speed?"
|
| "I show on the account you have the XB6 (black) modem and a XB8 (white) modem. Which modem do you currently have connected? I also see you said you are in bridge mode and using an old router, what is the make and model of the router you are using? In the instructions on the part where you are supposed to select your network, what comes up since you say that is not there? -Omar" |
| "No, I upgraded to the XFi gateway (white). I returned the other one. Maybe you do not have it set up for my new 1.2 GB plan? And maybe that is why the Xfinity app won't let me do anything but activate the gateway (which gives me a white screen)". "The router is a linksys AC5400, which is rated at 1 Gpbs." |
| And when you log in to the Xfinity app across the bottom do you see where is says Connect? -Christine" |
| "Yes, I get the connect. But the next step does not say Network and I think you put me out of bridged mode" |
|
"None of the modem settings have been changed. In the Xfinity app, click on Connect at the bottom, then on the next screen you should see a picture of the modem at the top. What is the first option under that? -Christine" (They did take me out of Bridged mode, so I tried the no router mode again) |
| "Can you please send me a screenshot of what you are seeing? -Christine" |
| "If I click the ssid, I do get a gateway, and there I can indeed set the port forwarding. Why aren't the instructions on your website correct?" |
| "But it as yet is not seeing all my devices" |
| "What steps are you following? From what you just explained to me is sounds like Open the Xfinity app Select the Connect tab. Select your SSID. Select Port Forwarding from the menu. Select Add Port Forward. -Christine" |
|
(I rebooted the gateway) "I need to be sure network is reconfigured" "Why does it take 11 minutes to restart the gateway?" |
| "The official help page says to click on network. Network is not there". (SSID is not the same as Network on Ethernet) |
| "The SSID that you said you clicked on is your network. SSID and network are one and the same. And what do you mean by it take 11 minutes to reset? -Christine" |
|
"The step from our Port Forwarding article online are as follows "The select your network step is what I misinterpreted, especially since I turned off wifi", |
|
Catch 22: "Help. The Xfinity app is only seeing my wireless devices, not those on the ethernet so I can't select them in port forward" |
| "my speed is better now though" (I went from 330 Mbps to 960 Mbps by not using bridge mode and my router) |
| "How do I get wired devices to show up on the Xfinity app, which is on wifi?" |
| "The Xfinity app should be showing you all devices on the network. Are you able to get online from the devices that aren't showing on the app? -Andre" |
|
"I am. but here are my device choices for port forward"
"They are ALL on wifi" "My Mac and Dell linux boxes show up on the connected list. But a windows machine does not" |
| "Are you still currently on bridge or did you stop the bridge mode? -Omar" |
| "Not in bridge mode now. I set up port forwarding with difficulty, but it does not seem to work yet. I will investigate more." |
|
(still not working) "I am happy to read you were able to get it set up, and we appreciate all your help. Furthermore, your continued business means the world to us. Please, let us know if we can help with anything further. -Brandon" |
| "So, my problem is that my linux box is on 192.168.1.5, as it says in the device info. But the port forwards go to 192.168.1.200. How do I change the port forward device to match the connected device ip?" |
| "Okay, thank you for letting me know. In the Xfinity app, navigate to Connect >; your network >; Advanced Settings > Port Forward. Locate the port forward that you are trying to use. If the port forward settings that are in use are associated with a device, select Edit to adjust these settings or delete the port forward. If the port forward settings are in use but not associated with a device, select Delete. Using those steps, were you able to correct the settings? -Brandon" |
| "The ip address is not editable. It says reserved ip address. How do I unreserve it? (I screwed up and set the wrong one earlier)" "The device details has it at 200. I disconnected it from ethernet. How do I forget it?" |
| "Okay, thank you for the info, and we will keep working to get this resolved. To be clear, the device is not listed in the device dropdown when trying to set up a port forward rule? -Brandon" |
| "i figured that out. Totally not like the instructions. But how do I get it recognized again? Where are the reserved ip addresses assigned?" |
| "ah. it can't be done in the app. This is why things are awful. As many say, you change the interface so often, it is impossible to do things!", |
| "You may need to renew the IP for the printer. I emailed you, with steps \"Release and Renew Your Internet Protocol Address\" Did this provide the connection for the printer? -Brandon". |
| (The issue is that you can only assign port forwarding to a DHCP device, but you cannot see wired devices unless you assign them a reserved ip address) |
| "In the gateway interface, it lists the MAC addresses. I have to do in. and assign them their ip. Then, for my linux box, I must ping something to get it to be recognized. Alas, I cannot rename them. But then, back in the app, the device is listed in port forwarding, but when I set one up, I get "something wrong" |
| "If the IP address is in the range 192.x.x.x, it indicates that the customer is connected to a router. This is not a bad IP address; connectivity issues may be the result of the customer's network settings.\n\nPossible causes for this are:\n\nCustomer has a third-party router. To accurately troubleshoot, the customer must disconnect their third-party router and directly connect from the outlet to the Comcast Wireless Gateway to the PC with no equipment in between. Comcast does not support customer-owned routers or home networking configurations, as we have no way to test or configure third-party equipment.\nPC/Mac booted up faster than the modem, which was not ready for service by the time the PC/Mac sent out its DHCP request. Customers should not boot up the PC/Mac until after the modem has finished its start-up sequence, or should leave the modem powered on continuously.\nThe customer should attempt to send a DHCP request again either by restarting, or by requesting a new DHCP lease manually by performing a release/renew. Did you release/renew, and find relief? -Brandon" |
| "No. I changed the default Xfi address from 10.0.0.1 to 192.168.1.1 to avoid reconfiguring my 56 devices. I am NOT on a router other than yours" "You always blame things on the dumb customer. I have a ScD in EE and am a network expert" |
|
Once I got the device recognized in the app. In its settings, I could change it to DHCP, it kept the assigned address, and I could Port Forward. NOTE: This cannot be done in the app. Must connect to the Gateway
"The addresses at issue are fixed ones since they need to get forwarded to, and their DHCP is set properly now." |
| "Can you confirm that you did not set a static IP for the device using the Gateway Admin page (10.0.0.1). If you did, the static IP should be removed, the Xfinity app will use the IP address from DHCP to set a static MAC bind and establish the port forward rule.\nCheck Device Details and confirm that the device is using an IPv4 address to connect to the network and not an IPv6 address. The Xfinity app can only support port forwards for devices using IPv4 addresses.\nIf the device is dual stack, you should check with the device manufacture on how to disable the IPv6 or set the IPv4 as “Preferred. |
| (That is exactly what I had to do to get the linux machine seen) |
| "Wow, that is really non standard. Usually one sets the static address outside the DHCP range of assigned ports. That did not work. I did assign static addresses from the gateway interface page. I will try to set my server as DHCP and see what happens" |
| "Now the gateway does not see my Linux machine. I set it to DHCP and ipv4 only and rebooted it. I also did this jarfx:~ # dhclient – r jarfx:~ # dhclient jarfx:~ # ip a 1: lo: <;LOOPBACK,UP,LOWER_UP>; mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00\n inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever\n inet6 ::1/128 scope host valid_lft forever preferred_lft forever\n2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 18:66:da:26:99:0e brd ff:ff:ff:ff:ff:ff\n altname enp0s31f6\n inet 192.168.1.5/24 brd 192.168.1.255 scope global eth0", |
|
"But the gateway does not see this mac address 18:66...." "I need to assign static addresses that I know so that I can access these devices on my network by ip. They are not Windows! I have many switches and mesh devices, printers, etc. I have wasted a whole day on this. It is really easy to do this using a commercial router, and would have been in XFi if you had not removed the capability from the gateway" |
| I can understand. I am looking for an device manual to send you, but have not been able to find one, just the basic information on port forwarding that I provided you earlier. The Linux is the only device you are not able to assign? -Omar" |
|
"It is (for now) the only one I need. I restarted the gateway and still do not see it (mac starts with 18:66:) Now I will assign it, and it will appear"
|
| "but when I try to port forward, I get an error about gathering the list of ports" "I restarted the app, and it is there" "So it appears in the port forward devices, but I get the we are having trouble message' "I tried adding a port forward to my Mac, which has a static address assigned, and it worked. So that advice about NOT assigning static addresses was wrong" |
| "Okay, so it worked for the Mac, but not the Linux, and you are still getting the same error message? I am taking note, so we can open a advance repair ticket for you. -Brandon" |
| "Yes. But the Linux machine should not care or even know about the port forwarding until data hits a port." |
| "Okay, got it! I opened ticket #####, and we will keep watching for an update. I am sure we will find a solution to this. I will check back in the AM for an update on the ticket, as it does take a bit to get assigned. Please reach out if you need anything before then. -Brandon", |
| "so I changed the static address in the XFi Gateway for linux to 192.168.1.6 (checking that it was unoccupied). I released it on linux and got a new one with dhcplient. But it is still 192.168.1.5" |
| "I changed the Linux box back to DHCP, and port forwarding worked. It still has the 192.168.1.5 address i assigned to it." |
It is still totally frustrating. There is no help available in the automated system to help with the XFi app. The instructions online are wrong!
xFi Users: Set Up Port Forwarding
https://www.xfinity.com/support/articles/port-forwarding-xfinity-wirele…
HOW TO ADD A PORT FORWARD WITH AN XFI GATEWAY
|
xFi Users: Set Up Port Forwarding https://www.xfinity.com/support/articles/port-forwarding-xfinity-wirele…
|
But the reserved ip Addresses on my phone app (for my Mac Studio) are different from the reserved address that the XFi Gateway shows:
|
|
Note that the reserved ip address on phone (left) is different then the one in the XFi Gateway (right). The address is uneditable on the phone. Also, the phone incorrectly identifies my device as my old Mac, but this MAC address is for my new Studio. (Bottom left.)
|
|
|
Unplugging my Mac from ethernet and restarting Xfinity app after reconnecting the Ethernet fixed the port issue I thought. The app still says I am running Catalina and the ip address was changed to 192.168.1.25. However, the Port Forwarding setup still said the address of my Mac was 192.168.1.234. I had to use this address to get port forwarding to work. |
Update
My Gateway started dropping packets (I recommend Ping Plotter to diagnose these things).
This was on Christmas day, and the Xfinity app actually diagnosed an issue and suggested a service call. They came before 9 AM the next day (Yeah Xfinity!). The serviceman agreed and replaced the X1 Gateway.
BUT, there is no way of exporting the gateway settings, so I had to configure it all over again.
- The serviceman was not trained on setting up the gateway. Nor did he even know what port-forwarding was.
- After the usual navigation through 800-Xfinity, I finally got a live agent. She claimed to be an expert.
- "It is impossible to change the Modem's ip address of 10.0.0.1." Not true.
- She claimed I had only 7 devices connected. I have more like 20.
So, I went back to the above experiences to redo it.
My first problem was that I could not connect to 10.0.0.1. The agent claimed that she could not do so also, and that the server was dead. This is false; this server is in the Gateway. Rebooting my Mac Studio allowed me to connect, and I was able to change the modem's ip address to 192.168.1.1.
In this Web interface, I had to set my Linux machine to a fixed ip address (I used Fing on my Mac to determine the hardware address for the ethernet card on that machine). I also had to configure the DHCP range from 2–255 because the Xfinity App ONLY can set port forwarding for DCHP de3vices. Then, I had to set the ethernet card on my Linux machine to use DHCP.
However, today my network stopped working. The router address had been changed back to 10.0.0.1! In fact, ALL of yesterday's settings were gone. I did not reset the Gateway.
| IGD[9370]: config.utapi isServiceNeeded:Current Wan interface equal to default Wan Interface | 2023/12/27 15:50:53 | Notice |
| IGD[9370]: config.utapi Utopia_AddDynPortMapping: enabled,none,8920,10.0.0.65,8920,tcp,86400,0,Emby Server | 2023/12/27 15:50:53 | Notice |
| IGD[9370]: config.utapi Utopia_AddDynPortMapping: enabled,none,8098,10.0.0.65,8098,tcp,86400,0,Emby Server | 2023/12/27 15:50:53 | Notice |
| [IGD][13146]: Add Port mapping :55000 to 192.168.1.5:55000 | 2023/12/27 02:37:41 | Notice |
| IGD[13146]: config.utapi s_set_portmapdyn_count: set count 1 | 2023/12/27 02:37:41 | Notice |
| IGD[13146]: config.utapi s_add_portmapdyn: add entry (index 1): add/overwrite entry param portmap_dyn_1 value:enabled,none,55000,192.168.1.5,55000,tcp,86400,1703662661,RoonMobile_broker/ad6388e4-3f00-49fc-b1b1-cd60b7e3c63e |
logging in to the router, I found that my Linux machine was assigned 192.168.1.2, even though I set it to 192.168.1.5.
I tried to change this:
changing the 2 to 5 does not stick. Nor does changing the configuration to DHCP. And there is no way to delete this MAC address!