Cable & Wireless, Verio and/or Level 3 port blocking?

Can anyone from these three carriers tell me if you're doing port blocking
on the Windows file/print ports (135-139, 445 & 593) ?
A client of ours (in the US), against our recommendation, still wants to
connect to their Exchange server in the UK without a VPN. We're not
blocking their IP#'s from anything but somewhere in between it's getting
blocked. We use C&W directly and Verio/Level3 through a peer.

Thanks!
william

NTT/Verio is performing no network-wide port blocking
of such services.

  You might want to point out to this client that
without a VPN client, one can not be assured of
home-office workers, or traveling people not having issues
with the ports involved.

  - jared

I know that there were some filters deployed initally but they
were removed. Any filters that remain are one-off filters on
individual customer connections. If you are a NTT/VERIO customer
(is that better? :wink: ) and are experiencing problems you should
obviously contact your relevant support teams.

  - Jared

I dont have a url for such an app (assuming one has been written) but you should
be able to run a traceroute using the tcp ports and see where it stops?

Steve

That'd be http://michael.toren.net/code/tcptraceroute/

bye,Kai

We use C&W directly and Verio/Level3 through a peer.

a peer gives you their peer or transit routes?

randy

Cable & Wireless is not doing any port filtering, with the possible exception of specific customer requests.

Regards,
    Mark

William Devine, II wrote:

Can anyone from these three carriers tell me if you're doing port blocking
on the Windows file/print ports (135-139, 445 & 593) ?
A client of ours (in the US), against our recommendation, still wants to
connect to their Exchange server in the UK without a VPN. We're not
blocking their IP#'s from anything but somewhere in between it's getting
blocked. We use C&W directly and Verio/Level3 through a peer.

Can they set up a gre tunnel? I did this for a site to site active
directory setup and it worked out great... :slight_smile:

Transit, mis-spoke.

william

I've given peers other peer routes before now, but not transit (except in emergencies). I've done it for several reasons:-

1) You can have transit to peers (X, Y and Z) at LINX if I can have transit to peers (A, B, and C) at MAE-East.
2) My bandwidth/routes/whatever don't meet your peering policy but I can bribe you with access to a certain set of routes. [At one time I had a small customer base and a single /19 but very wide spread peering, often with big ASs. In fact I'm pretty sure I had more peers than customers at some points. ;-)]
3) You're a mate, and the marginal cost to me is small.

Ian

I've given peers other peer routes before now

             ^^^^^ customers