dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
5086
share rss forum feed

karmstrong3

join:2010-06-02
Colorado Springs, CO

Qwest DSL Q1000 VPN Ports

Hello everyone,

I recently upgraded to what Qwest calls Fiber Optic service 12MB down and 898k up. The upgrade came with a Q1000 Modem.

The problem I am having is since the Q1000 modem upgrade it appears that ports 1723 is closed. I went into the advanced settings and did a port map for 1723 to my VPN server however when running tests the port still seems to be closed.

Is Qwest now closing port 1723?? Dose any one know or is there a special trick to get the Q1000 to open the port. Like I said I did the port forwards and what not and its a no go.

Thanks
Kris



adsldude
Premium,Ex-Mod 2003-9
join:2000-11-10
Colorado
kudos:1

Qwest hasn't close ports to date. The Q1000 port forwarding works on the latest firmware ".34". Have you tried telnet from the WAN side to port 1723 to see if it responds?


karmstrong3

join:2010-06-02
Colorado Springs, CO

I have tried a telnet to port 1723 on the LAN side. I am using firmware *.34.



adsldude
Premium,Ex-Mod 2003-9
join:2000-11-10
Colorado
kudos:1

1 edit
reply to karmstrong3

What sort of VPN are you setting up?

PPTP - forward TCP/1723, and Protocol 47 (GRE)
IPSEC - forward UDP/500 and Protocol 50 (ESP)

The Q1000 doesn't have Protocol 50 (ESP) listed in the Port Forwarding feature.

ALSO, what's the status of the Q1000 firewall?


karmstrong3

join:2010-06-02
Colorado Springs, CO

The Q1000 firewall stat us off. and I am trying to setup an IPSEC VPN.


questionable

join:2005-10-18
Phoenix, AZ
reply to karmstrong3

Most modems with firewalls do not like esp 50 as it needs information that the firewall destroys when SPI is working. but since you are not doing that i will attempt to do mine and see what happens


questionable

join:2005-10-18
Phoenix, AZ
reply to karmstrong3

Sorry for double post... It shows as stealth and mine failed also using grc.com port scanner.



adsldude
Premium,Ex-Mod 2003-9
join:2000-11-10
Colorado
kudos:1
reply to karmstrong3

The alternatives are narrowing quickly. Put the VPN server in the DMZ, try transparent bridging with a router that supports an IPSEC server or even find a replacement for the Q1000.


questionable

join:2005-10-18
Phoenix, AZ
reply to karmstrong3

I'd test it for you with dmz mode on but because i had to hardcode my PC with an ip address it won't allow me. I wish they had a feature that would make the modem assign a specific IP.


questionable

join:2005-10-18
Phoenix, AZ

1 edit
reply to karmstrong3

once again sorry for the double post but got some good info

When set to OFF, the firewall still provides protection in the form of NAT and SPI (Stateful Packet Inspection).

so if the vpn uses esp 50 / 51 then you are not going to get it working

source : »www.qwest.com/internethelp/modem···WALL.pdf


karmstrong3

join:2010-06-02
Colorado Springs, CO

Ah ok I bet that is hole problem. The firewall being off and its still blocking what I need. Thanks I'll take a look.