Xfi Advances Security (comcast)

• Previous message (by thread): Xfi Advances Security (comcast)
• Next message (by thread): Xfi Advances Security (comcast)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I know this is not a solution to your problem, but I have found myself more
often running the public interface of openvpn systems on port 443. Any
sufficiently advanced DPI setup will be able to tell that it's not quite
normal https traffic.

But 99% of the time it seems to serve the purpose of defeating
heavily-restricted "free" wifi in airports, hotels, random guest/amenity
wifi stuff, which obviously can't block https/443 to the world these days.

On Fri, Sep 10, 2021 at 11:08 AM Jason Kuehl <jason.w.kuehl at gmail.com>
wrote:

> This is an SSL VPN that is being blocked. This is what failure looks like.
> Curl is the same.
>
> Once we disable the Xfi  Advanced Security everyone can connect.
>
> [image: image.png]
>
> On Fri, Sep 10, 2021 at 11:01 AM Jim Popovitch via NANOG <nanog at nanog.org>
> wrote:
>
>> On Fri, 2021-09-10 at 10:31 -0400, Jason Kuehl wrote:
>> > For whatever reason Comcast Xfinity is blocking my VPN URL.
>>
>> Not certain that this applies, but Concast Advanced Security (setup in
>> your Comcast gateway) only allows outbound VPN connections to UDP ports
>> 500, 4500, and 62515 and TCP port 1723.
>>
>> -Jim P.
>>
>>
>
> --
> Sincerely,
>
> Jason W Kuehl
> Cell 920-419-8983
> jason.w.kuehl at gmail.com
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20210910/df989a0b/attachment.html>

• Previous message (by thread): Xfi Advances Security (comcast)
• Next message (by thread): Xfi Advances Security (comcast)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]