Setting up a Cisco DPC3827 Router

If you have a Cisco DPC3827 DOCSIS 3.0 Gateway installed by your Internet Service Provider (ISP) as a router for your home, you may wish to make configuration changes to it, e.g., to provide firewall rules to allow certain types of connections from outside your home into systems at your home. To access the router from a system connected from an inside interface to the router (the Internet side is the "outside"), open a web browser and use as the address for the router. You will see a screen that provides some information for the router, but you will need to put a userid and password in the "User Name" and "Password" fields to make any configuration changes. The Cisco Model DPC3827 and EPC3827 DOCSIS 3.0 8x4 Wireless Residential Gateway User Guide stated that a blank userid and password would allow one to log into the router, however, I found that the user name to be used is user with a blank password. Once you've logged in, you will see the screen below:

Cisco DPC3827 change password screen

You should change the user name and password and make a note of the new ones you wish to use. You can also choose at this screen whether you wish to allow remote management of the router, i.e., whether you want to be able to configure the router or connect to it to troubleshoot from outside the router, e.g., when you might be on travel. If so, select Enable for Remote Management. Note: you should always use "strong passwords", but especially in the case where you are allowing remote management. Otherwise someone else could remotely connect to your router and make changes to it. You will need to enter the password in the "Re-Enter New Password" field as well to confirm you haven't made a typo.

It doesn't appear to me that the router software will accept special characters in passwords, such as punctuation marks, so if you receive an error message when attempting to change the password, try one without any special characters. Numbers work as do, of course, letters.

Don't think no one would ever be interested in your system; attackers may scan the Internet looking for vulnerable systems they can use for nefarious purposes. They can use automated attacks where a computer script tests for vulnerabilities and it is easy for them to probe thousands of systems in a short period of time. Never pick a password that can be found in the dictionary of any language or in a name dictionary such as someone might use for picking a baby name. Never use a sports team name or car model for a password. Attackers often use dictionary attacks trying every entry in a dictionary as a password and may also try sports team names, etc. I've observed attacks on systems while they were in progress where attackers would pair a name dictionary with an English language dictionary for their attacks. They would use the name dictionary for user names and then for each name in that dictionary run through all the words in an English language dictionary as possible passwords. E.g., they might start by trying "aaron" as a user name and then try every word in the dictionary as a password then move on to "abe" as a user name and again try every word in the dictionary as a possible password, etc.

You may also want to change the management port from its default of 8080. If you wish to change it, I'd recommend not using one of the "well-known ports", i.e., I'd recommend not using one that is commonly associated with a particular application or service, such as email. The range of available ports goes from 1 to 65,535. Ports up to 1023 are referred to as "system ports", whereas those from 1,024 through 49,151 are "user ports" and those from 49152 to 65,535 are called "dynamic" or "private" ports. 1 I'd suggest picking something above 1,024.

When you've made changes at this screen, click on the Save button. If you changed the user name, you will be taken to a screen where you may need to enter the new password again in the "Change Password to" and "Re-Enter New Password" fields. You can also change the "Wireless Network Name (SSID)", which is what people will see when they are searching for wireless networks in your vicinity. If you make any changes at this screen, click on Save Settings before leaving the page.

If you wish to permit outside connections in to a system behind the router, e.g., a website behind it, click on Applications & Gaming. If one system only needs to be accessible from the outside, you can have it be part of a Demilitarized Zone (DMZ). To set up a DMZ, you can click on the DMZ tab beneath Applications & Gaming. Put the IP address it gets from the DPC3827 router in DMZ Host IP Address field or, if it has a static IP address, put that there, instead.

Cisco DPC3827 DMZ

If you wish to have the DMZ host always be assigned a particular IP address from the router by DHCP, you will need to click on Setup in the top row of options, then LAN Setup. While you are at this screen, you should adjust the time zone to the one appropriate for your location by picking it from the Time Zone field and also check the box next to "Automatically adjust clock for daylight saving time". Then click on the Save Settings button.

Cisco DPC3827 LAN Setup

Then, to assign a particular IP address from the DHCP pool of addresses to a particular system, e.g., you would want the DMZ system to always get the same IP address, click on the Pre-assigned DHCP IP Addresses button.

Cisco DPC3827 Pre-assigned DHCP Address

Put the media access control (MAC) address of the device's network interface in the MAC Address field and the IP address you wish the router to assign to it in the Assign to IP field, then click on the Assign to IP button. Note: for a Microsoft Windows system, you can get the MAC address via a command prompt by issuing the command ipconfig /all. A MAC address will appear in the Physical Address field with the numbers separated by dashes instead of the colons used in the field in the router. You can have a Microsoft Windows system request a new IP address from a DHCP server, such as the router, by issuing the command ipconfig /renew. You can then type the command ipconfig to see the new address assigned to the system.

Once you have reserved an IP address to be handed out to only a system with a particular MAC address, you should see that IP address and MAC address combination appear in the table on the Pre-assigned DHCP IP Addresses window with a status of "Reserved" rather than "Active".

If you wish to have email alerts sent to you from the router in the event of issues pertaining to the router, click on Administration and then select Reporting.

Cisco DPC3827 email reporting

Select the Enable radio buttun and put the IP address or fully qualified domain name (FQDN) of the email server that will handle email sent from the router, e.g., you could use your ISP's email server, which might be something like You will need to specify the email address to which the logs should be sent in the E-Mail Address for Alert Logs and specify the username and password combination for the email server in the SMTP Username and SMTP Password fields; the Cisco DPC3827 will not allow you to leave the username and password fields blank.


  1. Cisco Model DPC3827 and EPC3827 DOCSIS 3.0 8x4 Wireless Residential Gateway User Guide
    4025083 Rev A
  2. Service Name and Transport Protocol Port Number Registry
    Internet Assigned Numbers Authority
    Date: January 9, 2014


TechRabbit ad 300x250

Justdeals Daily Electronics Deals1x1 px

Valid HTML 4.01 Transitional

Created: January 14, 2014