Frequent Visitor
•
9 Messages
Port Forwarding not working for ssh, http, and smtp
I have a server behind my router that's hosting a website and receiving email. For the last two weeks I'm unable to access the server from the outside (accessing from inside is no problem). My Internet connection (outgoing) is working OK but incoming traffic is blocked.
Comcast already replaced the router and I've created new forwarding rules but the email traffic still does not go through. However, if I reboot the router and manually push the emails (waiting in a queue to be delivered) within the first 60 seconds or so after the router finished its reboot, I am able to receive those mail messages. So I know the DNS entries and routes are setup properly.
In my opinion something in the router (or the Comcast network) will block those ports after the router finished the reboot. So far nobody at Comcast was able to help with this and I'm hoping someone here might have an idea of how to trouble shoot or fix the issue.
Accepted Solution
EG
Expert
•
107.1K Messages
5 years ago
Are you using Xfi Advanced Security ? If so, try disabling it. We've been seeing posts here lately indicating that it can cause problems along these lines.
https://www.xfinity.com/support/articles/using-xfinity-xfi-advanced-security
Also, if your server is not being used for public / commercial / for profit purposes, there is no problem with it.
0
jweaver0312
Expert
•
2.1K Messages
5 years ago
“use or run dedicated, stand-alone equipment or servers from the Premises that provide network content or any other services to anyone outside of your Premises local area network (“Premises LAN”), also commonly referred to as public services or servers. Examples of prohibited equipment and servers include, but are not limited to, email, web hosting, file sharing, and proxy services and servers;”
The only part referring to non-commercial or private use is:
“use or run programs from the Premises that provide network content or any other services to anyone outside of your Premises LAN, except for personal and non-commercial residential use;”
Note it’s saying programs and not actually server style services. Since it’s not causing spam, or anything malicious, or massive traffic, you’ll be likely be able to slide.
Regardless, I would look into the app for Advanced Security. What’s possibly happening, after it boots up and Advanced Security is launching, it’s seeing those connections and outright blocking them out after 60 seconds.
0
venglisch
Frequent Visitor
•
9 Messages
5 years ago
Yes, this is an xFi gateway and I have to setup port forwarding using the app now. Originally, port forwarding had been setup using the router's admin web interface.
As for the server, the last time I read Comcast's policies it was explicitely allowed to use a server for private use. This is a reason why I've never switched to Verizon in the past 20 years or so.
0
0
jweaver0312
Expert
•
2.1K Messages
5 years ago
Also keep in mind, as far as I was aware of, hosting a server like that is against policy for residential customers.
0
0
EG
Expert
•
107.1K Messages
5 years ago
0
venglisch
Frequent Visitor
•
9 Messages
5 years ago
Thank you, @EG , for the link. I have disabled advanced security. I bet this is responsible to sending me notifications several times a day about "Bocked threats" with the request to adjust my port forwarding rules.
Yes, I'm using the server to receive my families email and provide a website for my family abroad to see pictures of the kids. 🙂
Very limited traffic.
... and wouldn't you know it?!? As I sit here typing this email I see email messages getting delivered to my server again!!! SSH traffic and web traffic has been restored as well.
Thank you soooo much! I've been dealing with with issue for almost 2 weeks.
0