Brighthouse Orlando Port blocking ISAKMP
Eric C. Miller
eric at ericheather.com
Wed Aug 3 03:38:39 UTC 2016
All is well, now.
It appears that it may have been on XO's network. My crypto tunnel between AT&T and BH crossed XO, and asymmetric routing from my office network had Cogent and XO outgoing, and Level3 on the return. If I forced my office connection to use Level3 for the outbound, the tunnel established immediately.
Brighthouse's phone support was a grade F, by the way. Their phone support had me yanked around for an hour, before they finally consulted with Tier3. After relaying the response, which was simply, "BH doesn't filter customer traffic - It must be on your side," I asked to speak with them directly. The person I was speaking to proceeded to tell me that Tier-3 had just closed, and that they would have to call me back. It was 48 hours before I received a call back.
Eric Miller, CCNP
Network Engineering Consultant
From: NANOG [mailto:nanog-bounces at nanog.org] On Behalf Of Mallette, Edwin J
Sent: Monday, August 1, 2016 9:54 AM
To: NANOG <nanog at nanog.org>
Subject: Re: Brighthouse Orlando Port blocking ISAKMP
We definitely do not filter UDP500 across our network. I¹m going to reach out to you directly to see if I can help figure out what¹s going on.
On 7/30/16, 11:38 PM, "NANOG on behalf of Eric C. Miller"
<nanog-bounces at nanog.org on behalf of eric at ericheather.com> wrote:
>Subject says it all!!! I cannot open any IPSec tunnels, because UDP 500
>is not making it through to my Brighthouse connection. I've tried from
>Level3, Cogent, and AT&T. Are there any Brighthouse engineers on that
>would help me shed some light on this?
More information about the NANOG