[olug] Cox blocking inbound TCP 2401?

Phil Brutsche phil at brutsche.us
Wed Mar 24 18:48:32 UTC 2004 

Jay Hannah wrote:

> On Mar 19, 2004, at 9:30 AM, Phil Brutsche wrote:
> 
>> Dude, VPN!  It's SOOO easy to get around Cox's filtering when all 
>> they see is IP proto 50...
> 
> 
> VPN for server-server connectivity?

Absolutely.

> The only VPN I've played with is Cisco clients from WinX and Mac.

AKA some Cisco proprietary thingy (The only EZ VPN clients are from
Cisco and the only servers are from guess who).

My VPNs are generic IPsec - one endpoint is FreeSWAN on SuSE 9.0, 
another is Debian running 2.4.25+the 2.6 IPsec backport, another is 
Debian running a 2.6 kernel, and yet another is a Cisco 3620.

> What's the VPNy way to VPN back into my server at home when I don't 
> have root on the remote (Linux) machines?

Not much you can do about that.  You can do some TCP-over-SSH tunnels
with non-standard ports but that's about it.

> I want to throw stuff in cron on the remote boxes too. Wouldn't I 
> need root to set up permanent VPN tunnels / static routes from the 
> remote clients?

Static routes and generic IPsec tunnels don't mix well :)  Ditto with 
dynamic routing protocols like RIP or OSPF.

If you're having trouble getting TCP traffic to flow properly I would 
concentrate on that first - if your basic network infrastructure doesn't 
work right trying to add VPNs to it will just add to your troubles.

In other words, fix or replace the Linksys before you even THINK about 
setting up VPNs :)

> What VPN software are we talking about?

Average, run-of-the-mill, generic IPsec tunnels that will work with 
anything that understands IPsec.

> I called Cox. They say their not blocking inbound to my IP. Yet, I 
> move services around to random ports and can still never get in. 
> Perhaps I'm doing something stupid in my Linksys?

Perhaps the Linksys is just plain flakey?  My experience with their
hardware has been going downhill recently (wireless cards and access 
points that start out just fine but just stop working after a couple 
weeks/months, ethernet card drivers that cause blue screens under 
Windows, etc).

You can always try a firmware upgrade/downgrade.  Or you could make 
notes about how it is set up, restore it to factory defaults, then 
re-configure it - something may have happened to corrupt it's 
configuration settings.

-- 

Phil Brutsche
phil at brutsche.us

More information about the OLUG mailing list