VegasManLiving the Vegas life. Premium Member join:2002-11-17 Las Vegas, NV |
VegasMan
Premium Member
2015-Feb-18 8:47 pm
Port 443 block?Is port 443 blocked or not by ATT on Uverse? I have Googled it and found both yes and no. I know on regular DSL it wasn't. |
|
|
Milwaukee PT
Anon
2015-Feb-18 9:31 pm
Port 443 is used by the Uverse WAP to provide signal to wireless receivers. So in essence if have wireless receivers for Uverse IPTV then port is not accessible to other devices. If have internet only or all hardwired receivers then port 443 should be available to my knowledge. |
|
VegasManLiving the Vegas life. Premium Member join:2002-11-17 Las Vegas, NV ·CenturyLink
|
VegasMan
Premium Member
2015-Feb-18 10:50 pm
Internet and Phone only is what I have. But for some reason I am unable to get to my server even though I can still get to my security system which obviously uses a different port but is forwarded just the same. I have a 5031 modem. I just upgraded my server software today and it allows me to change default ports so I guess I'll do that.
Thanks |
|
4 edits |
We have problems with remotely accessing devices via port 443 behind U-Verse modems on accounts that use TV service also. We do not have issues accessing these same devices when there is no U-Verse TV servcie in use. I don't think that port 443 is actually blocked more likely traffic to port 443 is being used by or rather redirected by the modem to the U-Verse Set top boxes. I found a link on the AT&T forums that kinda says this in a roundabout way but cant find it at the moment. If I do I will post it here. Edit: This was it » forums.att.com/t5/Featur ··· /3365983You have to read pretty far into the replies to get real info if I remember correctly. We have found that ordering static IP's eliminates the problem (or at least our problems) |
|
|
|
to VegasMan
As soon as you connect their WAP for the wireless gateways it seems to make a automatic rule in the firewall to forward all 443 traffic to that device. So you might check in your firewall to make sure that the modem didn't enable that rule on its own for some reason.
Other than that A set of static IP's would solve your issue like Mojorhino said. |
|
VegasManLiving the Vegas life. Premium Member join:2002-11-17 Las Vegas, NV |
VegasMan
Premium Member
2015-Feb-20 8:47 pm
How does a set of IP's fix my problem? wouldn't port 443 still be blocked on the modem? How much does a block cost? |
|
ILpt4U Premium Member join:2006-11-12 Saint Louis, MO ARRIS TM822 Asus RT-N66
|
ILpt4U
Premium Member
2015-Feb-20 10:00 pm
You get 8 more public IPs/5 of which you can use, all with their own sets of ports, in addition to the modem's current one dynamic public IP address
If port 443 is being blocked/redirected going to/from (fictional and not possible) IP address 321.32.45.215, then its not getting to the NAT'd device you want it to get to
One solution to this problem: Have more than one Public IP address, and then that first IP is getting the port 443 traffic for that IP, but now you have 5 more public IPs: 321.32.45.217-221, and each one of those has a full slate of open ports. So port 443 on ip ending in .218 is different than port 443 on ip ending in .215
I believe a block of 8 additional Static Public IPs is an additional $15/month more. Blocks up to 256 addresses are available, at increasing prices. In a block of 8, 5 of the Public addresses are publicly useable for your devices |
|
VegasManLiving the Vegas life. Premium Member join:2002-11-17 Las Vegas, NV |
VegasMan
Premium Member
2015-Feb-20 10:33 pm
OK got it. Makes sense now. Now explain why I get 8 and can only use 5. |
|
dave006 join:1999-12-26 Boca Raton, FL |
dave006
Member
2015-Feb-20 10:42 pm
Three ports in each block are assigned roles for the subnet:
Network block start Network router gateway Network broadcast address for the subnet
Leaving 5 available for you to assign to your devices
Dave |
|
NetFixerFrom My Cold Dead Hands Premium Member join:2004-06-24 The Boro Netgear CM500 Pace 5268AC TRENDnet TEW-829DRU
1 edit |
to VegasMan
said by VegasMan:OK got it. Makes sense now.
Now explain why I get 8 and can only use 5. The 8/5 IP block is a /29 CIDR block. Here is a sample breakdown of how the 8 IP addresses are typically used: XX.YY.ZZ.A0 = Network address (not directly useable by the customer) XX.YY.ZZ.A1 = Host address 1 (useable by the customer) XX.YY.ZZ.A2 = Host address 2 (useable by the customer) XX.YY.ZZ.A3 = Host address 3 (useable by the customer) XX.YY.ZZ.A4 = Host address 4 (useable by the customer) XX.YY.ZZ.A5 = Host address 5 (useable by the customer) XX.YY.ZZ.A6 = Gateway address (used by the ISP's router) XX.YY.ZZ.A7 = Broadcast address (not directly useable by the customer) The devices using the available "Host n" static IP addresses would typically have that IP address statically assigned, use a subnet mask of 255.255.255.248, and use the XX.YY.ZZ.A6 address as the default gateway. And technically you can actually use six of the eight IP addresses if you also use private IP addresses and NAT behind the ISP's router. |
|
VegasManLiving the Vegas life. Premium Member join:2002-11-17 Las Vegas, NV |
VegasMan
Premium Member
2015-Feb-20 11:11 pm
OK. I'll end it at that can of worms. Thanks guys |
|
VegasMan |
VegasMan
Premium Member
2015-Feb-22 1:31 am
Well I found a very easy fix for my problem. I am running Server 2012 r2 behind a Pace 5031 and a TP-Link archer C9.
I was trying to open port 443 using my own rule on the Pace and then have the C9 route that to my server but it kept failing saying 443 was blocked when I ran Anywhere Access on 2012.
If I had just paid attention I would have noticed on the Pace there was an option for HTTPS Server. After I selected that and added it to the forwards and pinholes now 2012 sets up just fine and works. The server set up my router and everything using upnp. |
|
NetFixerFrom My Cold Dead Hands Premium Member join:2004-06-24 The Boro Netgear CM500 Pace 5268AC TRENDnet TEW-829DRU
1 edit |
NetFixer
Premium Member
2015-Feb-22 2:11 am
said by VegasMan:Well I found a very easy fix for my problem. I am running Server 2012 r2 behind a Pace 5031 and a TP-Link archer C9.
I was trying to open port 443 using my own rule on the Pace and then have the C9 route that to my server but it kept failing saying 443 was blocked when I ran Anywhere Access on 2012.
If I had just paid attention I would have noticed on the Pace there was an option for HTTPS Server. After I selected that and added it to the forwards and pinholes now 2012 sets up just fine and works. The server set up my router and everything using upnp. I can remember running into a similar problem with an FTP server when doing cascaded NAT through a Motorola/Netopia 2210 DSL router and a Cisco RV082 router. I was manually forwarding the needed ports in the 2210 modem/router to the RV082 (and I also tried putting the RV082's WAN into the 2210's DMZ), but it didn't work properly until I selected the FTP server from the applications menu instead of doing the manual forwarding/DMZ. Had I known that you were doing cascaded NAT, I might have remembered that. Glad you figured it out before you wasted the money on an otherwise unneeded static IP block. |
|