Airtel blocking Outbound connection on port 445.

[mayankfawkes]

@imdarkray unfortunately in my case cloudflare tunnels don't work and the main problem is latency it 3x with wrap and with high number of data transmission making it more slow also cloudflare have some limits in data transmission for free users. I am using 445 for continue ingress and egress and if the latency is slow then it can even crash few things for me.

I am thinking to get a static ip but i am not sure if they will unblock 445 for me since its already unblocked for most of the airtel users.

If this doesn't get fixed then i have to spend around 50k to get my own network equipment to make things work for me I am hoping airtel would reply on email with some good news.

 

[cwaluv]

50K? What networking equipment's are you planning to buy?

 

[wapenshaw]

@mayankfawkes interesting I Never noticed this before, but I have the same issue lol only 445 doesn't work, here is the PowerShell script I tried and it fails only for 445 lol, I wonder why? were you able to find out from airtel?

$i = 440
$range = $i + 20

for (; $i -lt $range; $i++) {
    Test-NetConnection -InformationLevel Quiet -ComputerName portquiz.net -Port $i
}

And the results, all port respond except 445

Edit, interesting, I looked it up and its a common practice among ISPs

https://social.technet.microsoft.com/wiki/contents/articles/32346.azure-summary-of-isps-that-allow-disallow-access-from-port-445.aspx

https://old.reddit.com/r/AZURE/comments/7slcui/any_work_arounds_to_isps_blocking_port_445_have_a/

https://old.reddit.com/r/sysadmin/comments/taiogg/opening_port_445_for_azure_files/

https://old.reddit.com/r/sysadmin/comments/951cib/comcast_blocking_azure_cloud_storageport_445/

I assume you have Comcast residental service, so yes this is pretty common. They block ports such as 25 and 80 as well to prevent someone from running a "business service" from their home. They are probably blocking 445 for the same reason and potentially to mitigate against the SMBv1 vulnerability.

 

[albonycal]

Yea I was about to comment that, I think that's a POOR attempt to prevent exploitation of the SMB Eternal Blue vulnerability, maybe it was a temporary "fix" and that became permanent now It doesn't make sense

 

[mayankfawkes]

@wapenshaw unfortunately the customer support doesn't understand what outbound connection means even after they connected me to senior he was keep rotating all convo on port forwarding. i raised around 5 companied email on several emails, no body understand the problem, i even said i understand u might be blocking it to protect users but i don't need your protection i even asked them that I can pay more for static ip and unblock that port for me since its already unblocked for a lot of people, you can check the other ports as well 135, 137, 139, 445, 1022, 1023, 1026, 1485, 1568, 2037, 2410, 2588, 3334, 3426, 3456, 4257, 4424, 4645, 7547, 9410, 9995, 9996 all are blocked for me.

@albonycal yeah I understand but i am ready to take all responsibility with static ip xD

btw its unblocked on airtel 4G, bsnl broadband or ftth and bsnl 3G and many more i cant check on all

 

[kakashi]

I’ve Airtel static IP but it 445 is blocked. I’m using default Airtel Nokia router. Try using other device as firewall

 

[mayankfawkes]

Yeah idk but nvm i think i should setup a VPN to access those services.