XBOX authentication failing plus weirdness in Firewall logs

I upgraded from 175Mb to "gigabit" and received a CGM4140COM to replace the installed DPC3941.


2 Win10 Pro machines and multiple iOS, Android and PS4 all working better (100Mb+) after upgrade. All via wifi.


In days, connecting to a game on my PC via XBox Live failed during authentication with an apparent timeout. Then intermit network disconnects on the PC requiring reconnecting to wifi. Then both PCs stopped working over wifi. Wifi Signal Strength was -60dBm.


Connected both PCs directly to the gateway. One is very slow to connect to a webpage either with Edge or Chrome (>10 sec). Facebook and YouTube would load but any other page would throw up "firewall" security message from either browser. No sw changes on either PC prior to them have issues. Reinstalled device drivers anyway.


I disabled Windows Firewall Defender. No difference. Set gateway security to minimum.


They sent 1 tech out who showed me his Android tablet and said "looks fine. buh-bye". 


I decided it was the gateway so they sent another tech out with a replacement. He said maybe change the DNS and left. However he spent almost an hour in the mechanical room of my 28 unit building reducing the size of the hairball of cable connections. He removed half a shopping bag of 2-8" pieces of cable and it still looks like a mess. Signal about the same.


I change the DNS on the PC side ( and 2001:4860:4860::8888) with no apparent effect. There is no way to edit the DNS on the gateway so I'm not clear if my changes are in effect.


At times a PING resulted in <1. Just did it again and it's ~12ms. is slightly higher.


The firewall log for the gateway today. No idea what the first one means but that is a lot of attempts.


FW.IPv6 FORWARD drop , 5355 Attempts, 2020/5/11 12:14:20 Firewall Blocked
FW.IPv6 INPUT drop , 7 Attempts, 2020/5/11 11:21:11 Firewall Blocked
FW.WANATTACK DROP , 38 Attempts, 2020/5/11 09:58:01 Firewall Blocked


Today's phone call resulted in sending me an even newer gateway that is white not black and it is a "6" not a "5". When I told him there was an "XB6-T" embossed on the black case that did not concern him.


Anybody have ideas for stuff to try before the new one arrives? I'm out of ideas.


When you purchase your own gateway can you edit the DNS in the router or do comcast's activation set that? More control and less issues?




