[CLUE-Tech] Access to ATT Cable systems? (more)
Jeffrey Brown
JABrown at co.jefferson.co.us
Tue Oct 22 10:19:25 MDT 2002
I am using AT&T's cable modem service and have successfully set up
access to services behind my firewall w/ NAT and port redirection.
1) AT&T's DHCP service occasionally offers different IP addresses, you
might verify the IP address hasn't changed.
2) Check and see if the router/firewall is blocking ICMP traffic, if
this is the case ping and traceroute will not work, although the host
may be active on the network. Try NMAP to scan the host:
$ nmap -v -sS -O -P0 <host> # Scans TCP ports, must be run as root,
-P0 option doesn't employ ICMP to check whether the host is "alive"
$ nmap -v -sU -P0 <host> # Scans UDP ports
3) What obtains the IP address? The router or the host? How is NAT
setup?
4) Beyond that I'd start troubleshooting from the 12.254.89.67 host.
>>> davep at kinaole.org 10/22/02 09:21AM >>>
On Tue, Oct 22, 2002 at 07:56:48AM -0600, David Anselmi wrote:
> Dave Price wrote:
> > Hi,
> >
> > I am trying to set up remote access into an att broadband system.
> >
> > The system appears to have ip address of: 12.254.89.67
>
> Curious that you aren't sure...
>
> [...]
I base my address info on examining the IP address info of the router,
and my syslog traces - there are no contradictions, only the fact that
the address seems 'unroutable'.
> >
> > However, I cannnot traceroute or ping to this address - nor can I
use
> > PC-Anywhere (the desired application) to connect to a host at
this
> > address.
>
> If those tools fail, you might try netcat:
>
> (http://www.atstake.com/research/tools/#network_utilities)
>
Perhaps I will ...
>
> Here's a hypothesis. This 12.254... machine is behind a box that
does
> NAT. As I understand it, this would be a firewall or one of these
> "cable/dsl routers" that combine a switch and a router and plug into
the
> cable modem. In that case (typical for a SOHO network) the machine
can
> see the outside, but the outside can't see in unless you set up DNAT
(as
> Rusty calls it, also called port forwarding or PAT or somesuch).
There is a linksys router doing NAT involved, but I have already set
up
port forwarding - When PCAW failed to connect, I fell back to ping /
traceroute to the router interface ... and this fails too.
I also tried accessing the PCAW 'remote' site (another attbi.com
system)
this is at 12.254.88.143, and connected directly to the cable modem
(no
router or NAT on the client side. IP address again confirmed by
winipcfg and syslog entries on my own host.
<snip-apache access log>
12.254.88.143 - - [21/Oct/2002:19:47:35 -0600] "GET
/cgi-bin/neomail.pl
HTTP/1.1" 200 2367
</snip-apache access log>
No go here either - the 2 ATT systems cannot even ping one another!
Any other ideas? Has anyone here gotten remote access into an
attbi.com
system to fly?
I suspect that att is doing some NAT or filtereing of their own at the
head-end ....
aloha,
dave
_______________________________________________
CLUE-Tech mailing list
CLUE-Tech at clue.denver.co.us
http://clue.denver.co.us/mailman/listinfo/clue-tech
More information about the clue-tech
mailing list