I picked up a UBR924's hoping to have a killer router/switch/firewall/VOIP/VPN machine on my new Comcast cable service. I couldn't get it to work at all in transparent bridging mode--it won't pass the PC's DHCP request through from the ethernet side to Comcast--so I turned on routing. Turns out Comcast provides a DHCP address to the cable interface, along with a default gateway on 10.0.0.0 address space. That's fine, but they also expect to provide one DHCP address in the 18.104.22.168 address space to the ethernet interface of a PC or external (separate) router.
Any ideas out there on how I can get this UBR924 to work for me (even, failing all else, in bridging mode)?
The ubr924 comes in bridging mode as factory default which can be later changed to routing mode etc. If it's a new install the cable modem's mac address needs to be registered with the provider.
The cable interface will typically get an non routable address but the PC behind will get a public address (unless they are doing NATing at the head end).....are you using the same PC to get an ip address? Usually the "max-cpe" command on the cmts or DOCSIS config file will control how many PCs (thus different mac addresses can connect....the max-cpe defaults to1 if not configured other wise)
You can use the internet routable ip address which will be allocated to a PC behind the cable modem and perform a NAT on a cable modem. That way you can have more then one PC going to internet using NAT on a public ip address which will be allocated to PC's eth using DHCP.
You need to use "cable-modem dhcp-proxy " command for that. Here is the url explaining that with config.
Thanks--got closer but still no cigar. Tried both configs--the first one (using dynamic NAT pool) is most promising, but I'm still not getting an IP address on the loopback interface, which is where I expect the "PC" address from Comcast shoud go. Initialization passes all the way to "download config file state", then fails on 'registration state', falls back to 'Wait for MAP state' and continues to loop like that.
Tried the second, even simpler config--DHCP proxy on Cable interface directed to E0. E0 never got a DHCP address.
Oh--btw--part of the problem here may be that Comcast expects to see anor ethernet interface MAC address before sending out a DHCP address for the client; the loopback interface has no MAC, and I haven't found a way to assign one. As to the 2nd config--Comcast's DHCP server IP address seems to change between several different servers, writing access list 'permit 'statements into my config at each change of address.
I talked to Comcast about this router and (from one of the supervisors at a TAC) was that the uBR924 is in testing and is supposed to be put on the list of approved CM's.
They have a db with mac addresses assigned to a specific CM model and that's probably why it doesn't work. I read on some other forums where some were able to successfully connect to Comcast with this router. I'm willing to wait until it gets approved. I'm sure it'll help if you call and ask about it too. They said they started testing it after they received many calls about the CM.
upgrade to IOS ver "ubr920-k8o3v6y5-mz.122-19c.bin" and use the following config. I had the same issue with Insight communications. Your lo 0 will get the routable address. I have also inclused some configs if you want to port forward to a server located in your backend. Make sure to take out my "YA_right!!!!" comments. enjoy! o ya the 2nd mac they will se will be one higher then your c 0. And when your l 0 gets an address the xx.xx.xx.xx xx.xx.xx.xx will get filled automagically!!!
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
boot system flash ubr920-k8o3v6y5-mz.122-19c.bin
clock timezone - 6
no ip source-route
ip tcp synwait-time 5
ip telnet source-interface Loopback0
ip name-server 22.214.171.124
ip dhcp excluded-address 192.168.2.1 192.168.2.50
ip dhcp pool LOCAL_NET
network 192.168.2.0 255.255.255.0
lease 1 12
ip audit attack action drop
ip audit notify log
ip audit po max-events 100
ip address xx.xx.xx.xx 255.255.255.255
ip address 192.168.2.1 255.255.255.0
ip nat inside
no ip mroute-cache
no cdp enable
ip nat outside
no ip mroute-cache
no cable-modem compliant bridge
cable-modem dhcp-proxy nat PUBLIC
ip nat pool PUBLIC xx.xx.xx.xx xx.xx.xx.xx netmask 255.255.254.0
I have also been having the same problem with Comcast. I will try this config and IOS to see if it works. From speaking with TAC and Comcast the UBR924 does not support DOCSIS 1.1 and we thought that was the problem.
This document gives several answers on frequently asked questions for PFRv3 channel state behavior.
Q1: What are all the channel operational states from a BR (border role) perspective and what are the rules/conditions to be in each st...
The need was to reach an host inside a LAN through a VPN connection managed by the LAN gateway (Cisco 1921).
The LAN gateway performs NAT and there was a dedicate nat rule for the host i wanted to reach through VPN.
I couldn't connect to the hos...
We have 3 identical switches configured by someone else and would like to claim some of the Gigabit ports(G1/G2/G3/G4) for use on servers. When we try to change the wiring and configuration, we run in to connectivity issues. Attached is a des...