Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
993
Views
6
Helpful
7
Replies

UBR924 not working with comcast cable service

tllevans
Level 1
Level 1

‎03-10-2003 07:15 PM

I picked up a UBR924's hoping to have a killer router/switch/firewall/VOIP/VPN machine on my new Comcast cable service. I couldn't get it to work at all in transparent bridging mode--it won't pass the PC's DHCP request through from the ethernet side to Comcast--so I turned on routing. Turns out Comcast provides a DHCP address to the cable interface, along with a default gateway on 10.0.0.0 address space. That's fine, but they also expect to provide one DHCP address in the 12.0.0.0 address space to the ethernet interface of a PC or external (separate) router.

Any ideas out there on how I can get this UBR924 to work for me (even, failing all else, in bridging mode)?

Labels:
0 Helpful
7 Replies 7

makchitale
Level 6
Level 6

‎03-10-2003 07:38 PM

The ubr924 comes in bridging mode as factory default which can be later changed to routing mode etc. If it's a new install the cable modem's mac address needs to be registered with the provider.

The cable interface will typically get an non routable address but the PC behind will get a public address (unless they are doing NATing at the head end).....are you using the same PC to get an ip address? Usually the "max-cpe" command on the cmts or DOCSIS config file will control how many PCs (thus different mac addresses can connect....the max-cpe defaults to1 if not configured other wise)

http://www.cisco.com/warp/public/109/bridging_cm_sample_config.html

deb ip dhcp server events / deb dhcp detailed will be useful

Thanks, Mak.

tepatel
Cisco Employee
Cisco Employee

‎03-10-2003 08:43 PM

You can use the internet routable ip address which will be allocated to a PC behind the cable modem and perform a NAT on a cable modem. That way you can have more then one PC going to internet using NAT on a public ip address which will be allocated to PC's eth using DHCP.

You need to use "cable-modem dhcp-proxy " command for that. Here is the url explaining that with config.

http://www.cisco.com/warp/customer/109/cable_dhcp_proxy.shtml

tllevans
Level 1
Level 1
In response to tepatel

‎03-11-2003 05:29 PM

Thanks--got closer but still no cigar. Tried both configs--the first one (using dynamic NAT pool) is most promising, but I'm still not getting an IP address on the loopback interface, which is where I expect the "PC" address from Comcast shoud go. Initialization passes all the way to "download config file state", then fails on 'registration state', falls back to 'Wait for MAP state' and continues to loop like that.

Tried the second, even simpler config--DHCP proxy on Cable interface directed to E0. E0 never got a DHCP address.

Still stumped--no help from Comcast :-(

0 Helpful

tllevans
Level 1
Level 1
In response to tllevans

‎03-11-2003 06:11 PM

Oh--btw--part of the problem here may be that Comcast expects to see anor ethernet interface MAC address before sending out a DHCP address for the client; the loopback interface has no MAC, and I haven't found a way to assign one. As to the 2nd config--Comcast's DHCP server IP address seems to change between several different servers, writing access list 'permit 'statements into my config at each change of address.

0 Helpful

rchay
Level 1
Level 1
In response to tllevans

‎03-15-2003 08:15 PM

I talked to Comcast about this router and (from one of the supervisors at a TAC) was that the uBR924 is in testing and is supposed to be put on the list of approved CM's.

They have a db with mac addresses assigned to a specific CM model and that's probably why it doesn't work. I read on some other forums where some were able to successfully connect to Comcast with this router. I'm willing to wait until it gets approved. I'm sure it'll help if you call and ask about it too. They said they started testing it after they received many calls about the CM.

-Bobby

0 Helpful

james
Level 1
Level 1
In response to tllevans

‎12-13-2004 09:12 PM

upgrade to IOS ver "ubr920-k8o3v6y5-mz.122-19c.bin" and use the following config. I had the same issue with Insight communications. Your lo 0 will get the routable address. I have also inclused some configs if you want to port forward to a server located in your backend. Make sure to take out my "YA_right!!!!" comments. enjoy! o ya the 2nd mac they will se will be one higher then your c 0. And when your l 0 gets an address the xx.xx.xx.xx xx.xx.xx.xx will get filled automagically!!!

version 12.2

service nagle

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname ubr

!

boot system flash ubr920-k8o3v6y5-mz.122-19c.bin

!

clock timezone - 6

ip subnet-zero

no ip source-route

ip tcp synwait-time 5

ip telnet source-interface Loopback0

ip name-server 4.2.2.2

ip dhcp excluded-address 192.168.2.1 192.168.2.50

!

ip dhcp pool LOCAL_NET

import all

network 192.168.2.0 255.255.255.0

default-router 192.168.2.1

dns-server 4.2.2.2

domain-name ya_right.com

lease 1 12

!

ip audit attack action drop

ip audit notify log

ip audit po max-events 100

call rsvp-sync

!

!

!

!

!

!

!

!

interface Loopback0

ip address xx.xx.xx.xx 255.255.255.255

!

interface Ethernet0

ip address 192.168.2.1 255.255.255.0

ip nat inside

no ip mroute-cache

no cdp enable

!

interface cable-modem0

ip nat outside

no ip mroute-cache

no cable-modem compliant bridge

cable-modem dhcp-proxy nat PUBLIC

!

ip nat pool PUBLIC xx.xx.xx.xx xx.xx.xx.xx netmask 255.255.254.0

ip nat inside source static tcp 192.168.2.20 80 interface Loopback0 8080

ip nat inside source static tcp 192.168.2.20 22 interface Loopback0 22

ip nat inside source static tcp 192.168.2.15 443 interface Loopback0 443

ip nat inside source static tcp 192.168.2.15 80 interface Loopback0 80

ip nat inside source static tcp 192.168.2.15 25 interface Loopback0 25

ip nat inside source route-map nonat pool PUBLIC overload

ip classless

ip route 0.0.0.0 0.0.0.0 10.12.10.1 254

no ip http server

no ip http cable-monitor

!

logging trap debugging

access-list 99 permit 192.168.2.0 0.0.0.255 log

access-list 99 deny any log

access-list 120 permit ip 192.168.2.0 0.0.0.255 any

no cdp run

route-map nonat permit 10

match ip address 120

!

!

voice-port 0

input gain -2

output attenuation 0

!

voice-port 1

input gain -2

output attenuation 0

!

banner motd ^C

####################################################################

## ##

## Authorized use only! ##

## ##

## All activity is subject to monitoring! ##

## ##

####################################################################

^C

!

line con 0

exec-timeout 30 0

password xxxx

login

line vty 0 4

access-class 99 in

exec-timeout 30 0

password xxxx

login

!

scheduler max-task-time 5000

end

0 Helpful

dbellaze
Level 4
Level 4
In response to james

‎12-14-2004 12:56 PM

I have also been having the same problem with Comcast. I will try this config and IOS to see if it works. From speaking with TAC and Comcast the UBR924 does not support DOCSIS 1.1 and we thought that was the problem.

Daniel

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents