Cable & Wireless, Verio and/or Level 3 port blocking?
Can anyone from these three carriers tell me if you're doing port blocking on the Windows file/print ports (135-139, 445 & 593) ? A client of ours (in the US), against our recommendation, still wants to connect to their Exchange server in the UK without a VPN. We're not blocking their IP#'s from anything but somewhere in between it's getting blocked. We use C&W directly and Verio/Level3 through a peer. Thanks! william
NTT/Verio is performing no network-wide port blocking of such services. You might want to point out to this client that without a VPN client, one can not be assured of home-office workers, or traveling people not having issues with the ports involved. - jared On Mon, Sep 08, 2003 at 01:56:10PM -0500, William Devine, II wrote:
Can anyone from these three carriers tell me if you're doing port blocking on the Windows file/print ports (135-139, 445 & 593) ? A client of ours (in the US), against our recommendation, still wants to connect to their Exchange server in the UK without a VPN. We're not blocking their IP#'s from anything but somewhere in between it's getting blocked. We use C&W directly and Verio/Level3 through a peer.
Thanks! william
-- Jared Mauch | pgp key available via finger from jared@puck.nether.net clue++; | http://puck.nether.net/~jared/ My statements are only mine.
I dont have a url for such an app (assuming one has been written) but you should be able to run a traceroute using the tcp ports and see where it stops? Steve On Mon, 8 Sep 2003, William Devine, II wrote:
Can anyone from these three carriers tell me if you're doing port blocking on the Windows file/print ports (135-139, 445 & 593) ? A client of ours (in the US), against our recommendation, still wants to connect to their Exchange server in the UK without a VPN. We're not blocking their IP#'s from anything but somewhere in between it's getting blocked. We use C&W directly and Verio/Level3 through a peer.
Thanks! william
On 9/8/2003 at 3:58 PM, "Stephen J. Wilcox" <steve@telecomplete.co.uk> wrote:
I dont have a url for such an app (assuming one has been written) but you should be able to run a traceroute using the tcp ports and see where it stops?
Steve
On Mon, 8 Sep 2003, William Devine, II wrote:
Can anyone from these three carriers tell me if you're doing port blocking on the Windows file/print ports (135-139, 445 & 593) ? A client of ours (in the US), against our recommendation, still wants to connect to their Exchange server in the UK without a VPN. We're not blocking their IP#'s from anything but somewhere in between it's getting blocked. We use C&W directly and Verio/Level3 through a peer.
Thanks! william
That'd be http://michael.toren.net/code/tcptraceroute/ bye,Kai
Transit, mis-spoke. william ----- Original Message ----- From: "Randy Bush" <randy@psg.com> To: "William Devine II" <william@smartguys.net> Cc: <nanog@merit.edu> Sent: Monday, September 08, 2003 3:15 PM Subject: Re: Cable & Wireless, Verio and/or Level 3 port blocking?
We use C&W directly and Verio/Level3 through a peer.
a peer gives you their peer or transit routes?
randy
At 21:15 08/09/2003, Randy Bush wrote:
We use C&W directly and Verio/Level3 through a peer.
a peer gives you their peer or transit routes? randy
I've given peers other peer routes before now, but not transit (except in emergencies). I've done it for several reasons:- 1) You can have transit to peers (X, Y and Z) at LINX if I can have transit to peers (A, B, and C) at MAE-East. 2) My bandwidth/routes/whatever don't meet your peering policy but I can bribe you with access to a certain set of routes. [At one time I had a small customer base and a single /19 but very wide spread peering, often with big ASs. In fact I'm pretty sure I had more peers than customers at some points. ;-)] 3) You're a mate, and the marginal cost to me is small. Ian
Cable & Wireless is not doing any port filtering, with the possible exception of specific customer requests. Regards, Mark William Devine, II wrote:
Can anyone from these three carriers tell me if you're doing port blocking on the Windows file/print ports (135-139, 445 & 593) ? A client of ours (in the US), against our recommendation, still wants to connect to their Exchange server in the UK without a VPN. We're not blocking their IP#'s from anything but somewhere in between it's getting blocked. We use C&W directly and Verio/Level3 through a peer.
Thanks! william
On Mon, 2003-09-08 at 14:56, William Devine, II wrote:
Can anyone from these three carriers tell me if you're doing port blocking on the Windows file/print ports (135-139, 445 & 593) ? A client of ours (in the US), against our recommendation, still wants to connect to their Exchange server in the UK without a VPN. We're not blocking their IP#'s from anything but somewhere in between it's getting blocked. We use C&W directly and Verio/Level3 through a peer.
Can they set up a gre tunnel? I did this for a site to site active directory setup and it worked out great... :)
Thanks! william --
Jason H. Frisvold Backbone Engineering Supervisor Penteledata Engineering friz@corp.ptd.net RedHat Engineer - RHCE # 807302349405893 Cisco Certified - CCNA # CSCO10151622 MySQL Core Certified - ID# 205982910 --------------------------- "Imagination is more important than knowledge. Knowledge is limited. Imagination encircles the world." -- Albert Einstein [1879-1955]
participants (8)
-
Ian Mason
-
Jared Mauch
-
Jason Frisvold
-
Kai Schlichting
-
Mark Kasten
-
Randy Bush
-
Stephen J. Wilcox
-
William Devine, II