All Ports Blocked?

Need Help?

That's what we're here for! The goal of the Rogers Community is to help you find answers on everything Rogers. Can't find what you're looking for? Just ask!
cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Highlighted
Resident Expert
Resident Expert
Posts: 14,169

Re: All Ports Blocked?

Most of the pages on the CGN3 which have the issues... are all ones which load the whole DHCP/clients table... or need to access that information.

SOMEONE at hitron (cant really blame rogers per say for this one, as its hitron who makes the interface, modem, etc), in their infinate wisdom..  made it so the page loads all the info when you go to it... and wont let you load the NEXT page/tab you want, till after that information is loaded.

MOST routers, if you want to access that info, there is a button/link you press, which then brings up another page, which laods it.

 

 

But all in all... bridge mode is usually the best route to go 🙂



Highlighted
I'm Here A Lot
Posts: 7

Re: All Ports Blocked?

Well... asked for feedback/experience on RV320...

 

I had been using PPTP with SoftLayer for some time to access production servers and just setup PPTP VPN with extreme ease on the RV320... simply:
- Enabled SSL VPN

- PPTP was already setup (server, passthru and port range)

- Created a SSL VPN Group

- Created an account/password to use the above group

 

And on my mac simply opened Network Preferences:

- Created a PPTP Service

- Entered the dyndns address

- Entered the account and password 

 

Clicked "Connect" and voila I can:

- Directly manage/SSH to any system on the network including the RV320 (simply point browser to its IP)

- Access SVN over SSH (our code repository)

- Can even remotely backup my Mac to the Time Capsule (runnning on our Linux server)

 

I should also mention that I turned off SSH Port Forwarding and now the SSH port is not exposed to potential hackers.

 

All in all super easy and something I have been meaning to do for a long time.  Cisco like Apple just works!

 

ASIDE:  RV320 supports up to 10 PPTP connections

Highlighted
I've Been Here Awhile
Posts: 4

Re: All Ports Blocked?

I am far from an expert, but by what I have read it is pitiful that Rogers has decided to tweak the Hitron modem/ router to disallow certain ports.  We recently came back to Rogers from Bell, and while the transfer has been quite seamless, I am not impressed that I can no longer SSH onto my server located in my DMZ, because port 22 is blocked.  Funny though, I can connect through VNC on port 590X no problem, so I can access the GUI of my server.

 

A question for the experts:  Can I allow another port for SSH on the DMZ server (ex. 123) and then connect through this port, or are all ports truly blocked, which does not seem the case since I can still use VNC via port 590X? 

Highlighted
I'm a Reliable Contributor
Posts: 146

Re: All Ports Blocked?


@probstc wrote:

I am far from an expert, but by what I have read it is pitiful that Rogers has decided to tweak the Hitron modem/ router to disallow certain ports.  We recently came back to Rogers from Bell, and while the transfer has been quite seamless, I am not impressed that I can no longer SSH onto my server located in my DMZ, because port 22 is blocked.  Funny though, I can connect through VNC on port 590X no problem, so I can access the GUI of my server.

 

A question for the experts:  Can I allow another port for SSH on the DMZ server (ex. 123) and then connect through this port, or are all ports truly blocked, which does not seem the case since I can still use VNC via port 590X? 


I assume you are using the Hitron Gateway as your network Firewall.  I'm not sure why you would want to put your server in a DMZ, particularly with SSH access, but I'm assuming you want it that way.  I'm also assuming that you've done packet capture on the server interface to confirm that packets destined for port 22 are not coming into the interface from the Internet (if packets are coming in, the Hitron Gateway isn't blocking them, and the issue is server-side).  I'm also assuming that the server firewall is allowing port 22 through.

EDIT: I'm also assuming you are trying to connect from the public Internet, and not from your home network.

 

A way to find out is to configure SSH on your server to run on port 122 (or any other port below 1024 that you don't use on your network).  Ensure that your server allows port 122 through its firewall.

Then, in your remote client (assuming it's Putty), set your port to 122 on your home IP address.  If it works, then you know port 22 is blocked by the Hitron Gateway.

 

I would recommend though, that if you are capable of running your own server, you should run your own firewall/router, and put the Hitron in bridge (ie. modem) mode. That way, you control the firewall config into your network.