nanog mailing list archives
Re: Xfi Advances Security (comcast)
From: Owen DeLong via NANOG <nanog () nanog org>
Date: Fri, 10 Sep 2021 10:46:18 -0700
First thing I do with any cable modem is convert it to bridge mode. The fewer “smarts” in the cable modem doing odd things to my traffic, the better. Owen
On Sep 10, 2021, at 10:40 , Eric Kuhnke <eric.kuhnke () gmail com> wrote: I know this is not a solution to your problem, but I have found myself more often running the public interface of openvpn systems on port 443. Any sufficiently advanced DPI setup will be able to tell that it's not quite normal https traffic. But 99% of the time it seems to serve the purpose of defeating heavily-restricted "free" wifi in airports, hotels, random guest/amenity wifi stuff, which obviously can't block https/443 to the world these days. On Fri, Sep 10, 2021 at 11:08 AM Jason Kuehl <jason.w.kuehl () gmail com <mailto:jason.w.kuehl () gmail com>> wrote: This is an SSL VPN that is being blocked. This is what failure looks like. Curl is the same. Once we disable the Xfi Advanced Security everyone can connect. On Fri, Sep 10, 2021 at 11:01 AM Jim Popovitch via NANOG <nanog () nanog org <mailto:nanog () nanog org>> wrote: On Fri, 2021-09-10 at 10:31 -0400, Jason Kuehl wrote:For whatever reason Comcast Xfinity is blocking my VPN URL.Not certain that this applies, but Concast Advanced Security (setup in your Comcast gateway) only allows outbound VPN connections to UDP ports 500, 4500, and 62515 and TCP port 1723. -Jim P. -- Sincerely, Jason W Kuehl Cell 920-419-8983 jason.w.kuehl () gmail com <mailto:jason.w.kuehl () gmail com>
Current thread:
- Re: Xfi Advances Security (comcast), (continued)
- Re: Xfi Advances Security (comcast) Jason Kuehl (Sep 10)
- Re: Xfi Advances Security (comcast) Dovid Bender (Sep 10)
- Re: Xfi Advances Security (comcast) Livingood, Jason via NANOG (Sep 13)
- Re: Xfi Advances Security (comcast) Owen DeLong via NANOG (Sep 13)
- Re: [EXTERNAL] Re: Xfi Advances Security (comcast) Livingood, Jason via NANOG (Sep 13)
- Comcast Customer Owned Modem Firmware : WAS : Xfi Advances Security (comcast) Tom Beecher (Sep 16)
- Re: Comcast Customer Owned Modem Firmware : WAS : Xfi Advances Security (comcast) Jay Hennigan (Sep 16)
- Re: Xfi Advances Security (comcast) Jason Kuehl (Sep 10)
- Re: Xfi Advances Security (comcast) Eric Kuhnke (Sep 10)
- Re: Xfi Advances Security (comcast) Owen DeLong via NANOG (Sep 10)
- Re: Xfi Advances Security (comcast) Eric Kuhnke (Sep 10)
- Re: Xfi Advances Security (comcast) Owen DeLong via NANOG (Sep 11)