Logging into home remotely - is Verizon blocking incoming connection requests?
Dzoey
Enthusiast - Level 2

I'm trying to set up my computer at home so that I can access it from my in-laws, who are also FIOS customers and from my Android device via Sprint's network.   Both of these use SSH as the protocol, and on the theory that port 22 might be blocked, I set up the Actiontec to map an alternate port  (1977) to port 22 on my server.  My first attempt was to use the port forwarding capability in the router, but I have been unsuccessful in establishing a connection from outside my network.

I've tried configuring  my server as the DMZ for the Actiontec, which makes me nervous, but I was running out of ideas.  I even turned the firewall off on the PPoE connection but that didn't help either.

From outside my network, I can ping the WAN IP address assigned by Verizon to my router, so inbound ICMP packets are OK, at least as far as getting to the Actiontec

I can log onto my server while on my local network, but not from outside the network.

I'm running out of ideas.  Does anyone know of a way to dump packets coming to the Actiontec so that I can tell if the inbound TCP packets make it to my router?

Does Verizon block inbound TCP requests for residential service?  For all ports?

                                  Thanks for any info,

                            Joe H.

{edited for privacy}

0 Likes
1 Solution

Correct answers
Re: Logging into home remotely - is Verizon blocking incoming connection requests?
Dzoey
Enthusiast - Level 2

I don't have it working yet, but I was able to run a test that forwarded the port to my laptop and I see (via wireshark) the inbound connection.  So, while I can log into my server locally, I must have some sort of firewall rule on that server that's preventing connections from the outside.

Verizon, I apologize for implying you were blocking.   This looks like a local issue on my end.

View solution in original post

Re: Logging into home remotely - is Verizon blocking incoming connection requests?
Dzoey
Enthusiast - Level 2

I don't have it working yet, but I was able to run a test that forwarded the port to my laptop and I see (via wireshark) the inbound connection.  So, while I can log into my server locally, I must have some sort of firewall rule on that server that's preventing connections from the outside.

Verizon, I apologize for implying you were blocking.   This looks like a local issue on my end.

Re: Logging into home remotely - is Verizon blocking incoming connection requests?
Dzoey
Enthusiast - Level 2

Following up - the problem was my server has two network connections and the default gateway was on the wrong network.

I've changed the configuration to set the default gateway to the ActionTec if the interface that's on the same network as the ActionTec is available.

What was happening was the incoming packets were being sent to the server on the 192.168.1 network, but the server's original default gateway was behind an internal wireless-N router providing NAT, so it responded to the connection request on the wireless-N network, and that router's NAT rewrote the response source IP address so that the ActionTec NAT couldn't match it to the incoming request.  

Nested NAT networks can be tricky.  I'm seriously considering setting up a bunch of static routes and doing regular IPv4 routing for my internal networks (ACtionTec, Brand X Wireless-N, and a DD-WRT router).

I'm growing to like the ActionTec router.  It doesn't have all the features of DD-WRT, but I appreciate the thought that went into it's UI, making it easy to do routine tasks.

Re: Logging into home remotely - is Verizon blocking incoming connection requests?
dslr595148
Community Leader
Community Leader

There is something that I have quote.

Quick quote from http://forums.verizon.com/t5/FiOS-Internet/Create-incoming-VPN-with-Westell-A90-9100EM15-10/td-p/251...


Now, before I get in trouble with the "Terms of Service" gods, just let me say that running a "server" on a residential connection is not permitted per your terms of service.   So if that's your intent, I would urge you to review your requirements and/or consider a business class of service.

I would urge you to check out LogMeIn's Hamachi product.   They have a free version for non-commercial use which allows you to quickly and easily build a private network of up to 16 devices and a pay version which can do many more.   It's handy for those gaming sessions which require all the computers to be on the same "network" in order to find each other and function.   It's a cloud based VPN service, so there is no "server" component on your end which should keep you clear of any "terms of service" trolls.


0 Likes