Skip to main content

    Support

    Offers

U
user_a86670
1st Topic

Visitor

 • 

2 Messages

Wednesday, April 5th, 2023 6:00 PM

Closed

Open Port Scan Forwarding

I am unable to access my home Windows 10 PC using Microsoft Remote Desktop from OUTSIDE my home network. No problem from inside. (Remote Desktop is enabled in Windows) I used the Xfinity App to open Port 3389. I used several port scanning apps and web based tools to scan for open ports on my Public IP address and none appeared open, not even 80 or 3389. Ports 53, 80, and 443 are open on my Gateway but not 3389. Port 3389 is open on my PC.

Does Xfinity (Comcast) block Port Scanning? Other than the Port Forward appearing correct in the Xfinity App how can I troubleshoot the connection?

Are there other default Ports I can test for and how?

I have the XB8 Gateway

Question

 • 

Updated 

2 years ago

371

1

0

flatlander3

Problem Solver

 • 

1.5K Messages

2 years ago

It's not one of the blocked ports, but if it doesn't work, that isn't a bad thing.  RDP is pretty notorious for security problems, and when it's hijacked, it's game over for your box and all the data on it.

VPN servers are free.  Wireshark Wireguard.org (sorry, working on something else) is easy to setup.  Less packet overhead than OpenVPN (also free).  Either one will run on windows, and you can expose any port you want.  Well, maybe not with Xfinity gear.  Clients for either are free and available on just about every device/platform/OS.  When you are remote, switch on VPN, and you connect securely to your network.  Then launch your RDP app.  It can save you much trouble, rather than exposing ports to every hacker on the planet.

That said, is this an Ethernet connected PC, and is it getting it's IP address via DHCP?  Static IP and port forwarding is also reported to just not work by many here -- also no clear answer from Xfinity on that, other than if you can't see the device in the phone app, you can't port forward to it.  Ethernet connected devices are also problematic with Xfinity port forwarding too, and no clear answer as ever been given other than "swap out the gateway".  

Listening to the hard services up sell may be in your future to replace your gateway, or a trip to the Xfinity store to swap it out, but try to install a VPN server and try port forwarding on another port.  Wireshark wireguard.org runs on a higher udp port by default.  Usually works a bit better for things like cams, streaming and data intensive applications.  

(edited)

2

0

user_a86670

Visitor

 • 

2 Messages

@flatlander3​  thank you for your comments. I am using an ASUS USB modem on my home PC to connect to the Gateway. It is worth a try to set up the VPN to see if that solves my remote access problem.

2 years ago

0

flatlander3

Problem Solver

 • 

1.5K Messages

@user_a86670​ The other reason why it's better?  Sure, you have to open a port up for the VPN server, so it's a potential target.  The difference between a VPN server and a regular service is that to even talk to the port, you need an encryption key (wireguard), or a hardware hmac key(OpenVPN).

Without that, a hacker gets no response at all from the port.  It's undetermined if the port is even open and they won't know what kind of service would even exist there, so they don't bother and move on to the next target. 

(edited)

2 years ago

0

forum icon

New to the Community?

Start Here