[AusNOG] IPsec VPN over 4G telstra issue

Beeson, Ayden abeeson at csu.edu.au
Wed Sep 19 17:08:40 EST 2018 

Hmmm, I hope that isn’t the case….

We haven’t had any noticed issues yet on our few services, but we might not have come up to re-key timers yet.

Fingers crossed It’s a misconfiguration or accident and it gets fixed up soon, rather than a deliberate block.

Cheers,
Ayden


From: AusNOG <ausnog-bounces at lists.ausnog.net> on behalf of Peter Tiggerdine <ptiggerdine at gmail.com>
Date: Wednesday, 19 September 2018 at 4:59 pm
To: "boblobsta at gmail.com" <boblobsta at gmail.com>
Cc: "ausnog at lists.ausnog.net" <ausnog at lists.ausnog.net>
Subject: Re: [AusNOG] IPsec VPN over 4G telstra issue

Wouldn't surprise me if Telstra decided to block all ports below 1024.

Does IKE over NAT-T (4500) work?

Regards,

Peter Tiggerdine

GPG Fingerprint: 2A3F EA19 F6C2 93C1 411D 5AB2 D5A8 E8A8 0E74 6127


On Wed, Sep 19, 2018 at 4:44 PM Boblobsta . <boblobsta at gmail.com<mailto:boblobsta at gmail.com>> wrote:
Hi,

+1
I've also been troubleshooting UDP reachability problems that started just after midday on Telstra mobile network

- Bob W


On Wed, 19 Sep 2018 at 16:37, Craig Askings <craig at askings.com.au<mailto:craig at askings.com.au>> wrote:

Yup I'm seeing the same issue for a couple of connections.

UDP gets through fine but IKE on UDP/500 never makes it through their network. I did look at using ike over tcp by my equipment only supports that for roaming users, not site to site ipsec.


On 19 Sep 2018, at 4:33 pm, Dino Sosic <Dino.Sosic at datacom.com.au<mailto:Dino.Sosic at datacom.com.au>> wrote:

Hi,

Apparently Telstra confirmed today that there are issues with forming VPN IPsecs over 4G SIMs on telstra.internet APN. Anyone experiencing the same or knows anything about it? I have multiple sites down. IKE packets simply not making it to the other side.

Russel any insight mate?

Cheers
Dino





Confidentiality and Privilege Notice

This document is intended solely for the named addressee. The information contained in the pages is confidential and contains legally privileged information. If you are not the addressee indicated in this message or responsible for delivery of the message to such person, you may not copy or deliver this message to anyone, and you should destroy this message and kindly notify the sender by reply email. Confidentiality and legal privilege are not waived or lost by reason of mistaken delivery to you.
_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog<http://antispam.csu.edu.au:32224/?dmVyPTEuMDAxJiZkMzkyMzIwYjNiMTVjMWIyZj01QkExRjNEMF84NjMyM18xMjQzXzYmJjM5NDI3ZDkwM2NkNWJiNz0xMzMzJiZ1cmw9aHR0cCUzQSUyRiUyRmxpc3RzJTJFYXVzbm9nJTJFbmV0JTJGbWFpbG1hbiUyRmxpc3RpbmZvJTJGYXVzbm9n>

_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog<http://antispam.csu.edu.au:32224/?dmVyPTEuMDAxJiZkMzkyMzIwYjNiMTVjMWIyZj01QkExRjNEMF84NjMyM18xMjQzXzYmJjM5NDI3ZDkwM2NkNWJiNz0xMzMzJiZ1cmw9aHR0cCUzQSUyRiUyRmxpc3RzJTJFYXVzbm9nJTJFbmV0JTJGbWFpbG1hbiUyRmxpc3RpbmZvJTJGYXVzbm9n>
_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog<http://antispam.csu.edu.au:32224/?dmVyPTEuMDAxJiZkMzkyMzIwYjNiMTVjMWIyZj01QkExRjNEMF84NjMyM18xMjQzXzYmJjM5NDI3ZDkwM2NkNWJiNz0xMzMzJiZ1cmw9aHR0cCUzQSUyRiUyRmxpc3RzJTJFYXVzbm9nJTJFbmV0JTJGbWFpbG1hbiUyRmxpc3RpbmZvJTJGYXVzbm9n>

More information about the AusNOG mailing list