Qtel block ports?
I have recently had ADSL installed and have the supplied modem/router (Speedtouch 536V6). This is a good modem/router and the same one I have used overseas with no problems. I am also using the same computer I had o/s.
I run a variety of apps that require certain incoming ports to be forwarded on to my PC (eg. bittorrent, MSN remote desktop etc, MS media player streaming). Now I know how to do this with this router. This is what I have done.
1) turn off computer firewalls (just temporarily to get it working)
2) set up applications on the router to forward the relevant ports to my PC.
3) turn off router firewalling (or set to standard).
But no matter what I try I just cant get incoming ports to work. My bittorrent client (Azureus) tells me the NAT is not working. I have accessed some websites to test my incoming port setup (eg. http://www.auditmypc.com/security-scan.asp). The only incoming ports that seem to be open are common ports like 22,23,80 etc.
I rang QTel who denied they blocked ports. They said they'd call me back in 10 mins but never did.
So has anyone else with ADSL had the same problem? Maybe you think you are forwarding ports but it is pointless because Qtel are blocking them?
Most of you probably think I dont know what I am doing ... I am pretty experienced at this sort of thing and am pretty sure I have set it up correctly.
If you think you are forwarding ports correctly, try one of the online port scanners. I'd really appreciate some feedback with this to see if others have the same problem. Maybe you have a solution on how to fix this? Please tell if so!
Q-Tel can and do block some ports, firewall others. Hence people have problems with VoIP and that's how Q-Tel can monitor and censor your website requests.
You dont say what modem you are using?
If it is the same as me as supplied by Qtel (Speedtouch 536) it already has a NAT router built in. Just turn on the Firewall to standard in the setup for it.
In your browser, go to
http://speedtouch.lan
then
Toolbox > Firewall > Configure > Standard > Apply
If not, just use a software firewall on your PC. Not worth buying one. Windows XP has one under control panel, windows firewall.
PS. Qtel rang me back and said they did not block any ports. I'm not sure I believe them. I could not get 6881 working at all.
PPS. Sorry about the pure geek of my last post everyone.
Now that is some seriously technical info. I think I actually understood about 10% of what you said. LOL! I'm not an IT type of person, but I can handle most of what's thrown at me about my PC.
I had a good look at that Audit site you mentioned. I passed most of the tests, but apparantly my IP address (the internal one) is exposed, and changing proxies is not an option (at least for me, don't really how to do it properly.........my PC crashed twice when I tried).
Well what I'm getting at is.........maybe you can give some advice (seeing as you know what you're talking about) on how to secure a PC properly here in Qatar.
I have no interest in viewing 'questionable' material on the net, but I do not like the idea that people can peer or check into my pc. Any advice?
"The greatness of a nation and its moral progress can be judged by the way its animals are treated." Mahatma Gandhi
OK I think I sorted it out.
Qtel block common bittorrent ports like 6881.
Don't use that one. See
http://www.azureuswiki.com/index.php?title=Why_ports_like_6881_are_no_good_choice
But Qtel do not have a policy of blocking all ports.
The reason my online port scan failed was due to a different reason entirely. You may know about Qatar having one IP address to the outside world. When I used these online port scanners they were scanning Qtel's gateway, not my own computer. And Qtel's machine blocks almost all incoming ports.
When I looked in my modem's setup page I noticed the connected IP address was different to the one being scanned. When I scanned the IP address given by my modem voila! I found my ports were open and working as set up.
My Azureus client NAT/firewall test does not work behind my router and modem. But the green light for NAT OK is on.
I was also using dynamic DNS (www.dyndns.org) so my computer has a URL. But I was using some PC software to update my ip address (DYNDNS updater). This was reading the Qtel IP address, not that of my own machine. So when I tried to log onto my PC using my URL (actually Qtel's) it was rejected. This can be fixed by getting the modem to do dynamic DNS updates since it detects the correct IP address.
Once I fixed all those issues, I could log on to my PC using remote desktop.
This is all technical, sorry guys. But it is for the record for people doing future searches on the topic.
In short,
- if using bittorrent, choose unique listening ports. You may need to change these from time to time.
- ignore the bittorrent NAT test command.
- do not use PC software dynamic DNS updaters... use the one in the modem.
- Qtel block some common (naughty) ports, but not all of them!!!
Tsardoz, you should post this up on the Tech group, they might be able to help.
Actually, it's very intersting that you've posted this. I'd like to see what answers are given.