Brume 2 and Xfinity gateway not working

I’m using a Brume 2 with Wireguard server connected to an Xfinity Xfi gateway. I have done port forwarding through the Xfinity app for port 51820. Both lights on the Brume device are solid white. When I try to access any websites through the wireguard server nothing loads. I’ve read that the Xfinity xfi needs to be in Bridge mode for my wireguard server to work and by doing this the xfi will no longer have wi-fi capabilities. Unfortunately this isn’t an option for me. I’m a beginner when it comes to anything network related so forgive me if I’ve left anything out. Please help!

hey and welcome :slight_smile: ,

Lets first check if the port forwarding is correct :wink:

If you are connected to wireguard is the gl web ui still accessible through wg local ip? (I.e: if your server uses, should be your web ui hosting at from within the tunnel).

And if you disconnect and check in the vpn dashboard do you see the client connected?

Thanks for replying xize11!

To be honest I’m not at all proficient in networking. I don’t understand much of what you wrote. Can you break it down in laymans terms or provide me with instructions on what to do to check my port forwarding. Sorry in advance for being illiterate in these things.

A few more details- my computer is connected to the Brume through the LAN port and the Brume is connected to the Xfinity gateway through the WAN port.

I understand, no worry :slight_smile:

If you login inside the web gui of the brume2 (often default lan ip is, and then click on the left menu on vpn, and then vpn dashboard do you see a client connected under wireguard server ?

Before we are going into this: Are you able to see your “public IP” within your Xfinity gateway?
If yes: Which are the first 3 octets? (like

Yes, WireGuard with Tunnel Address is enabled. There are no Clients and 0.0 B up and down.

How would I check this?

I don’t know, sorry. Should be somewhere inside the modem GUI.

Let me check in the modem UI. Thanks for being patient

I did find the WAN IP Address (IPv4): 73.14.x.x
Is this what we are looking for?

Hmm if you connect to wireguard and type in your browser does it load up the gl web ui or not?

And for the client the endpoint is ip 73.14.*.* ?(wildcards are to protect your ip) If not please edit it so your client and wgserver reflect your current xfinity public ip (im not sure if your isp hands out dynamic ip).

What im interested in is the rx/tx (packets it receives or sents) count from the client, if the client also does not reflect on the gl web ui then we have to check your port forwarding more closely :slight_smile:

Yes, I connect to the GL-MT3000-53b in my available networks, I type in the browser, and the GL web UI loads.

and it does show a client in the vpn dashboard now under wgserver? On

Then i think ive already a clue :wink::+1:

I’ll have to come back to this tomorrow. It’s late. Thanks for your help thus far.

1 Like

Under WireGuard server with Tunnel Address it says No Clients. :arrow_down:0.00 B / :arrow_up:0.00 B

Ah… Can you screenshot how the port forward looks like in xfinity? :slight_smile:

Um, what is this 10.0.0.x address?
Do you use 10.0.0.x as your home network address? This causes trouble because WG uses this network as well.

WG network must be different than your local one.

1 Like

I don’t know. That is the IP address that shows up as the device IP. Like I said, I know nothing about networking. I’m looking for some help in setting up a VPN (either WireGuard or OpenVPN) so I can reach it with a Beryl AX when I travel abroad. Does GL.iNET ever do web support calls so they can see what is configured and can troubleshoot?