Comcast XB6 Blocking TFTP

Have any of you seen the Comcast XB6 modem blocking TFTP and some SIP requests?

We put the modem into bridge mode and TFTP requests are successful. Reset it, set security to the lowest setting, disable the firewall… no TFTP requests pass.

Modem\Router - cable - laptop.

Of course we can’t call into support because the customer is out of town and thus we’re unable to authenticate ourselves to support (not that we tried).

You may already be aware, but TFTP - like FTP - is not a NAT friendly protocol and requires a helper or ALG to inspect the control channel in order to open up and translate the connections used by the data channel (which use unrelated high numbered UDP ports). If TFTP is not working when NAT is enabled, it sounds like that modem does not have a TFTP ALG included or enabled. I have no experience with that model personally, but it’s not a unique problem. Workarounds are to not use NAT, purchase a better NAT router, define a DMZ host, or use a NAT friendly protocol like SCP.

Sorry about SIP. That’s also not a NAT friendly protocol, and while some of the same workarounds still apply there are generally not numerous or better alternatives like there are for file transfer protocols that replace FTP/TFTP.