Hello!
I have a new Xfinity installation with an MX68. Using an Arris S33 cable modem. Im being rejected using Client VPN. My other install is on AT&T biz fiber and it has no issues.
Im reading around and have seen the suggestion that Ill need to add the MX's IP (the external IP) to the DMZ in the modem. Does that make sense? Any other ideas of why the VPN would be getting rejected? It doesnt even seem to be able to connect at all so it does point to something occurring before the MX. But its odd because the S33 doenst even have a DMZ as far as I know. Its just a dumb (awesome) modem.
Solved! Go to solution.
I removed it and saved and then re-entered it and then deleted again and try to whole bunch of weird delete re-add save combinations and then all of a sudden VPN started working 🙈
You'll need to forward ports udp/500 and udp/4500 to the MX WAN interface to get Client VPN working.
@PhilipDAth come again? I do that in the modem? But the modem doesnt do a firewall. Or do you mean on the MX? Could you say a little more?
On the ISP router - that is where the port forwarding needs to be done.
The way this cable works is the coax comes into the house, goes into a dumb modem that gives my MX68 an external IP address right on the net.
https://approvedmodems.com/wp-content/uploads/2020/12/ARRIS-SURFboard-S33-User-Manual.pdf
Pages 18 and 19 detail the features of the modem and there is nothing about opening ports.
So are you saying Comcast themselves needs to open ports for me on their end? That nothing within the walls of my house can be modified to accomplish this. Is that correct?
I mis-understood. I thought the MX was sitting behind an ISP router.
OK just this once I will forgive you. 😉
Any ideas?
It seems to be an authentication issue looking at this log. But my Meraki cloud password is correct and the shared secret is too. So not sure whats going on...
Try using my client VPN wizard to configure client VPN on the machine.
On a Mac. My other MX works fine. Just this one having trouble.
I've found sometimes that "complex" shared secrets tend to be the issue. I'm not sure why or how, but reconfiguring a shared secret to something less complex works sometimes.
Other times simply just reconfiguring ClientVPN also does the trick. But that might just be due to local error. 😉
Not sure if the complexity thing here applies to your case.
Nah it’s simple like redtruck but I’ll try removing it
I removed it and saved and then re-entered it and then deleted again and try to whole bunch of weird delete re-add save combinations and then all of a sudden VPN started working 🙈