A link to "Comcast Business IP Gateway and Static IP overview" will be sent via email.
We hate spam. The information you've entered will not be shared or sold.
Comcast's IP Gateway (Comcast's firewall, switch and static IP-capable modem) is all you need to take advantage of a static IP and built-in firewall features. Find out what you can do with a static IP, along with the additional features available on the IP Gateway device.
A static IP address is manually configured. This manual configuration prevents the IP address from changing as dynamic addresses do. A static IP will allow you to run an email, web or VPN server, from a device behind the Comcast modem (Gateway), with a static routable (publicly accessible) IP address.
A dynamic IP address has the potential to change at any given interval. Normally, a lease time is assigned to the IP address and, once it has expired, there is a chance a different IP address will be assigned to the device.
Static IPs can be ordered in blocks of 1, 5 and (in select areas) 13 for an additional monthly charge. Once ordered, a custom configuration containing the static IP range is remotely configured to the Comcast IP Gateway with no additional hardware required for you to connect it to your equipment (server, firewall, etc.).
Your server or firewall (connected to the modem) should be configured with the following settings:
IP address: The IP addresses which can be assigned to equipment connected to the Comcast IP Gateway will be given to you once it is built.
A CIDR /30 (or 1 static IP) - 255.255.255.252
A /29 (or 5 static IPs) - 255.255.255.248
A /28 (or 13 static IPs) - 255.255.255.240
Gateway IP: This is a static IP address, in addition to the number of ordered IPs, which is assigned to the Comcast modem (IP Gateway). By default, it is the last IP in the range loaded on the Comcast Gateway.
Primary DNS: 18.104.22.168
Secondary DNS: 22.214.171.124
If your specific needs do not require a static IP you may have the option to provide your own standalone cable modem. However, by utilizing the Comcast-provided Gateway you have the option to attach a separate router or hardware firewall, or utilize the built-in firewall functionality provided by the Comcast IP Gateway.
The Comcast IP Gateway's firewall offers:
Stateful packet inspection (SPI)
Port forwarding (up to 35 forwards)
Port triggering (up to 50)
Keyword blocking (up to 50)
The Comcast firewall will not provide DQOS control or bandwidth usage data. For those functions we recommend that you add your own router with firewall capabilities.
Comcast can configure the Gateway according to customer specifications. However, we will only disable a customer's firewall and DHCP service on the Gateway upon request.
With port forwarding, internet traffic sent to a specified public IP address on the specified port is redirected to a local private IP address. Port forwarding rules can be set up that will allow you to run servers from your private LAN IP subnet.
Note:Port forwarding is not applicable to static public IPs outside of local devices configured for 1-to-1 NAT (forwards all traffic destined to the specified public IP to a private IP).
Port forwarding allows you to use the static IP address that is configured to the Comcast IP Gateway (gateway IP) effectively giving you an additional IP address beyond the number of addresses paid for.
You can attach your computers to the IP Gateway using it as your DHCP server. It has 4 available ports and can support up to 256 (by default, this is set to 189) networked devices, however bandwidth needs may necessitate limiting the number of simultaneous connections.
Customers who are onsite can make changes by following the instructions in the Comcast IP Gateway User's Guide. (See the "Ports blocked by Comcast Business Internet" article for additional information.)
Comcast does not provide remote access to the Gateway. Customers who are offsite will need to call Comcast Business Customer Support at 1-800-391-3000 to make changes for them.
Use a Static IP to configure a Local Area Network for your business.
A firewall is designed to prevent unauthorized access to or from a private network
If your equipment is out of date, upgrade now.
Symantec, the Symantec Logo, the Checkmark Logo, and Norton, Norton 360 and Norton by Symantec are registered trademarks of Symantec Corporation ©2014 Symantec Corporation. All rights reserved. Microsoft product names and logos are trademarks or registered trademarks of Microsoft Corporation. All other trademarks are the property of their respective owners.