Palerider0098
@stsn.net
| Comcast blocking port 21
My port 21 seems to have been blocked and I suspect its comcast, my isp. I have set a test pc up on a dmz, still blocked in both directions. I have also turned off my firewall etc... still blocked. I then installed firezilla ftp server and set it to use port 5901 and received wicked good xfer speeds, and yet nothing on port 21.
Has anyone experienced this, if so kindly drop me a line at acrpos@gmail.com
Thanks |
|
Cabal
Premium
join:2007-01-21
Boston, MA | Nope, gets through fine here (more specifically, hits my firewall and is logged when I ask it to). |
|
JahsDisciple
Living my life like it's golden
Premium
join:2007-07-07
Baltimore, MD | reply to Palerider0098
»Comcast High Speed Internet FAQ »What ports does Comcast block? |
|
76352653
join:2008-07-06
Newark, DE | reply to Palerider0098
No. |
|
Palerider0098
@stsn.net | reply to Palerider0098
I ended up using SSH/FTP on port 2222 instead, so far so good, if they block this too I will have to switch to another ISP. |
|
Michael2
Premium,VIP
join:2003-04-01
Owings Mills, MD
| said by Palerider0098 :
I ended up using SSH/FTP on port 2222 instead, so far so good, if they block this too I will have to switch to another ISP.
Palerider,
Comcast does not block Port 21 in any of our areas. If you were having problems connecting on this port, something else was likely the cause. Regardless, I am glad to hear that you found a solution that works for you.
--
Comcast.net Help Forum Administrator. |
|
CajunTek
Insane Cajun
Premium,MVM
join:2003-08-08
Arlington, TX
 ·RoadRunner Cable
| said by Michael2  :said by Palerider0098 :
I ended up using SSH/FTP on port 2222 instead, so far so good, if they block this too I will have to switch to another ISP.
Palerider, Comcast does not block Port 21 in any of our areas. If you were having problems connecting on this port, something else was likely the cause. Regardless, I am glad to hear that you found a solution that works for you. And that settles it!!! Straight from the horse's mouth.. 
How ya doin Michael? 
--
da Cajun Darn I hate Malware |
|
Michael2
Premium,VIP
join:2003-04-01
Owings Mills, MD
| said by CajunTek :...And that settles it!!! Straight from the horse's mouth.. How ya doin Michael? Quite well. How are things down south?
--
Comcast.net Help Forum Administrator. |
|
CajunTek
Insane Cajun
Premium,MVM
join:2003-08-08
Arlington, TX | HOT!!! |
|
ports blocked
@mcleodusa.net
| reply to Palerider0098
I just opened and read through a standard comcast config file. And the ports that comcast is telling modems to block should be:
135,139,68,445,520,1080
I don't see 21 on there, so either something on your computer is blocking it, or your not set up correctly. |
|
EG
The wings of love
Premium
join:2006-11-18
Union, NJ
| said by ports blocked :
I just opened and read through a standard comcast config file. And the ports that comcast is telling modems to block should be:
135,139,68,445,520,1080
I don't see 21 on there, so either something on your computer is blocking it, or your not set up correctly.
Could this config be area specific, or is it used network wide ? |
|
FifthE1ement
Tech Nut
join:2005-03-16
Fort Lauderdale, FL
| reply to CajunTek
said by CajunTek :said by Michael2 :said by Palerider0098 :
I ended up using SSH/FTP on port 2222 instead, so far so good, if they block this too I will have to switch to another ISP.
Palerider, Comcast does not block Port 21 in any of our areas. If you were having problems connecting on this port, something else was likely the cause. Regardless, I am glad to hear that you found a solution that works for you. And that settles it!!! Straight from the horse's mouth.. How ya doin Michael? Lol, yeah that says it all! I'm not saying he is wrong but just because you do not block the port in your area doesn't mean they don't in other areas. I am also a Comcast employee and each area blocks certain ports based on experiences within that network. And we also don't throttle right? |
|
CajunTek
Insane Cajun
Premium,MVM
join:2003-08-08
Arlington, TX
·RoadRunner Cable
| said by FifthE1ement :Lol, yeah that says it all! I'm not saying he is wrong but just because you do not block the port in your area doesn't mean they don't in other areas. I am also a Comcast employee and each area blocks certain ports based on experiences within that network. And we also don't throttle right? I believe Michael about this.. Generally he will not post if he's not sure..
--
da Cajun Darn I hate Malware |
|
Michael2
Premium,VIP
join:2003-04-01
Owings Mills, MD
| reply to FifthE1ement
said by FifthE1ement :Lol, yeah that says it all! I'm not saying he is wrong but just because you do not block the port in your area doesn't mean they don't in other areas. I am also a Comcast employee and each area blocks certain ports based on experiences within that network. And we also don't throttle right? I was not talking about "my" area, but speaking to our global policy. We do not block Port 21 anywhere. This information has been verified through National Engineering.
--
Comcast.net Help Forum Administrator. |
|
ports blocked
@mcleodusa.net
| reply to EG
said by EG : Could this config be area specific, or is it used network wide ? Comcast tries to have consistency among the config files nationally so I doubt it would be specific for his area. The OP (or anyone for that matter) could easily check this by downloading his modems config file and seeing what ports comcast is telling his modem to block. |
|
EG
The wings of love
Premium
join:2006-11-18
Union, NJ
| said by ports blocked :
The OP (or anyone for that matter) could easily check this by downloading his modems config file and seeing what ports comcast is telling his modem to block.
Hmmm.. When my modem used to display the config file data within its error logs, the text never indicated which ports were being blocked ??
In posts on these and other fora, I have seen what a port 25 block in the config file text looks like if there is indeed one in place..
You referred to "downloading ones config file". How exactly does an end user go about doing this in order to observe its contents ? |
|
funchords
Hello
Premium,MVM
join:2001-03-11
Washington, DC
 ·Verizon Online DSL
 ·Skype
1 edit | reply to Palerider0098
said by Palerider0098 :
I ended up using SSH/FTP on port 2222 instead, so far so good, if they block this too I will have to switch to another ISP.
If you were operating something other than FTP on port 21, then you kinda got what you deserved (light and well-meaning poke at 'cha). These low numbered ports are registered for particular uses, and when unexpected protocols appear on them, things can break. See »www.iana.org/assignments/port-numbers for the list, but expect problems any time you use port 1024 or less for something other than its proscribed use on this list.
As for port 21 specifically: Many devices and perhaps even your network stack or operating system operate Application-Level Gateway algorithms on port 21. This is because of a special way that FTP uses control and data ports. Your ISP -should- stay out of the way of this, but if you do something unexpected on port 21 when an ALG is involved, you'll leave your router or your software in a confused state.
--
Robb Topolski -= funchords.com =- Hillsboro, Oregon
Comcast: We never did anything wrong, and we'll never do it again...
|
|
EG
The wings of love
Premium
join:2006-11-18
Union, NJ
| said by funchords : you'll leave your router or your software in a confused state. [OFF TOPIC]
Is that what is considered to be *fuzzy logic* funchords ??
Sorry bud but I couldn't resist ! 
My apologies to all !
[/OFF TOPIC] |
|
ports blocked
@comcast.net
 from:
Cabal
| reply to EG
said by EG :Hmmm.. When my modem used to display the config file data within its error logs, the text never indicated which ports were being blocked ?? In posts on these and other fora, I have seen what a port 25 block in the config file text looks like if there is indeed one in place.. You referred to "downloading ones config file". How exactly does an end user go about doing this in order to observe its contents ? Well maybe I should have left the term easily out (it's easy to me) but every geek out there or network guy should try it out. Here is the basic idea.
1. Need to get something that can read docsis config files. There is a docsis program at sourceforge that can do this. It's command line based but works fine.
2. Need to determine the config name and tftp ip address that hosts your config file
(to get the tftp and IP use a program called dhcpforce it will list both)
3. download the cofig file (example):
tftp get 68.87.66.16 d10_m_sb5101_speedtier_c01.cm
4. open it in the docsis program and look at the snmp modem config values. They are a little cryptic but sure enough you can follow along and see the patterns and what ports your modem is being told to block.
Understand that comcast configs are very similar. The only things that are usually unique to any particular config is
1. firmware upgrade. If your modem has an upgraded firmware, the config will list the name and the ip to get it.
2. provisioned speeds
3. max cpe (how many ip addresses you can have at the same time)
4. Port 25 block (some configs block port 25) |
|
anonamouse
@comcast.net
| reply to Palerider0098
I'm pretty sure they block suspected server ports, including port 21. a couple years ago I was running an ftp server on port 21 for a friend to get a bunch of files. After awhile they couldn't connect to my server. I changed the port number and they could connect again, and after awhile same thing, they couldn't connect. I changed it quite a few times to get around it being blocked. So yeah it's not a global block, but I'm pretty sure it's on a case by case basis. |
|
