Lynwood et al;
On Wed, 2016-08-17 at 18:13 -0400, lleachii--- via 44Net wrote:
In my previous configuration I had a border device NATing to a downstream device running as my AMPRNet Gateway. When I first set it up, I had THE EXACT SAME ISSUE YOU ARE EXPERIENCING. I could only receive packets after first initiating them. When asking for advice, I continued to receive information that the iptables rules were correct...
The CPE devices Comcast deploys now does this by default, coupled with a very aggressive 5-minute watchdog timer on ALL IP sockets. This was confirmed to me by Cisco themselves. Your only option then is to put their device in bridge mode and hope you can find a device to put behind it as your internal gateway that can handle the traffic. Swapping their device out (if you have their phone service) is futile as they won't touch your device to configure it for their phone service so you're SOL there.
Their new menuing system is so plain, you have no control over any of this either. It's bridge mode or nothing. One tech insisted this is their way of preventing VPN traffic on non-business circuits.