Re: Is ISP blocking traffic? ADSL bridged modem - Linksys FEFW11s4 - SBS Standard
- From: Joe <joe@xxxxxxxxxxxxxx>
- Date: Thu, 07 Sep 2006 12:26:59 +0100
Damon wrote:
Hello, I'm trying to get RWW and OWA to work over the Internet and I'm starting to think the ISP is blocking traffic. They claim they aren't blocking anything but Ping. But without Ping, how do I verify the static IP they gave me can be reached from the Internet?
<details>
You need to send a variety of packets to this address, and to see
But when I attempt to connect to the server from outside using
https://ipaddress/remote or https://sever.example.com/remote (there is an A record for this pointing to the public IP) I get no response, just a timeout, like the IP doesn't exist. (Cannot find server) Same with attempts to connect with telnet. I also can't connect to the Linksys at http://ipaddress:8080 which should work.
Is there any way to prove the ISP is blocking traffic, or have I screwed something up in the network configuration?
whether they arrive. I don't know this router. It seems to have
logging facilities, but they look a bit primitive. If you can
persuade it to log incoming connections, then this achieves part
two. If it won't, try to beg/borrow another model which can. The
very common Netgear DG834 can do what's necessary here.
The simplest way to manage part one is to go to Steve Gibson's
site at http://grc.com. Follow the links to Shields Up!! (yes, I
know, but it's quick and easy) and ask for the all-service-ports
scan.
The scan itself may show you something useful, but primarily it
will have hammered on all the privileged ports (0-1023) and this
should leave some record in the router logs. Oh, one of the earlier
pages will show your public IP address, have a look and make sure
it's what you think it is. Stranger things have happened.
If you have a friend running Linux on anything, ask him to do an
nmap scan on your IP address, which will give you more details
than Steve Gibson's quick check. It is possible to get nmap for
Windows, but it isn't as capable.
For RWW and OWA to even start to work, the HTTPS port (443)
should be open, which means not only not blocked, but having
something listening on it. While you're on site, connect a PC
in place of the modem and confirm you can get the OWA and RWW
pages that way.
A couple of points: once you have this working, don't forget to
remove the DMZ setting from the router and forward the ports
individually. It doesn't give a huge amount of extra protection,
but every little helps. Also, disable the router configuration
from outside. Even if it has a good password, you don't know for
sure there are no bugs ('undocumented features') in its firmware.
The good old Netgear DG834 has a number of undocumented ports
open by default, not dangerous I think, but better closed than
open.
.
- References:
- Prev by Date: Re: Large documents on CompanyWeb are 0 bytes
- Next by Date: Re: Upgrade Server 2003 to SBS 2003
- Previous by thread: Re: Is ISP blocking traffic? ADSL bridged modem - Linksys FEFW11s4 - SBS Standard
- Next by thread: Re: Is ISP blocking traffic? ADSL bridged modem - Linksys FEFW11s4 - SBS Standard
- Index(es):
Relevant Pages
|
