Ideally being your own customer owned cable modem that meets specs (Comcast does allow this in some regions) that will function as a layer 2 bridge.
On Fri, Sep 10, 2021, 1:46 PM Owen DeLong <[email protected]> wrote: > First thing I do with any cable modem is convert it to bridge mode. > > The fewer “smarts” in the cable modem doing odd things to my traffic, the > better. > > Owen > > > On Sep 10, 2021, at 10:40 , Eric Kuhnke <[email protected]> wrote: > > I know this is not a solution to your problem, but I have found myself > more often running the public interface of openvpn systems on port 443. Any > sufficiently advanced DPI setup will be able to tell that it's not quite > normal https traffic. > > But 99% of the time it seems to serve the purpose of defeating > heavily-restricted "free" wifi in airports, hotels, random guest/amenity > wifi stuff, which obviously can't block https/443 to the world these days. > > On Fri, Sep 10, 2021 at 11:08 AM Jason Kuehl <[email protected]> > wrote: > >> This is an SSL VPN that is being blocked. This is what failure looks >> like. Curl is the same. >> >> Once we disable the Xfi Advanced Security everyone can connect. >> >> [image: image.png] >> >> On Fri, Sep 10, 2021 at 11:01 AM Jim Popovitch via NANOG <[email protected]> >> wrote: >> >>> On Fri, 2021-09-10 at 10:31 -0400, Jason Kuehl wrote: >>> > For whatever reason Comcast Xfinity is blocking my VPN URL. >>> >>> Not certain that this applies, but Concast Advanced Security (setup in >>> your Comcast gateway) only allows outbound VPN connections to UDP ports >>> 500, 4500, and 62515 and TCP port 1723. >>> >>> -Jim P. >>> >>> >> >> -- >> Sincerely, >> >> Jason W Kuehl >> Cell 920-419-8983 >> [email protected] >> > >
