Battling with ISP over ports

[t1337duder]

Hey guys - I moved out of the city a few months back and I'm stuck with some shitty rural satellite internet because I live in the middle of nowhere. The worst part? All of the ports are always closed and I can't open them. I suspect it has something to do with the router they provided. I'm not a networking expert but I know a bit. Typically with an ISP-provided router, I would have to turn on "Bridge mode" to properly connect it to my WiFi router, or forward the ports of the most front-facing router to the main gateway in the network (and then forward the ports on that Gateway to where I need them). I've set up port forwarding hundreds of times (even for service calls at my old IT job). I'm confident that I know how to properly do it (it's easy, and yes, I have a static IP).

But I feel like my ISP is gaslighting me. I've called them and talked to them, and a representative said that the ports are closed as a precaution to the customers. They had me write an email to another employee to have them opened. That employee replies and tells me that they haven't closed the ports. Not just that, but they begin lecturing me on the Acceptable Use. "I'm pasting a link to our acceptable use policy in regards to creating/running servers which we do not allow." - I go to the link, and it's an acceptable use policy that is copied from someone's elses website and describes someone else's business. The name of the ISP is nowhere to be found in this acceptable use policy. Completely nuts. And the section in regards to running servers? "Not allowed: Create or maintain a software download or distribution server or site created for the purpose of distribution of software products, music, movies or other content."

So now I'm given the impression that this person who works at the ISP and is in charge of helping me with my ports, seems to think servers are exclusively used for distributing software and media. We're talking personal music streaming services. So not only do I feel like I'm being "finger wagged" by my ISP, they didn't even attempt to help me figure out what's going on with the ports. I've heard of horror stories before in regards to ISPs and ports, but never found myself caught in one. They seem less concerned about helping me figure out why my ports aren't open, and more concerned with lecturing me over distributing content online. I've written back to that employee, explaining that distribution servers and personal streaming servers are completely different things, and that my need of having these ports opened extends beyond the usage of servers. No reply yet though. Has anyone handled a situation like this in the past and has advice for me? I'm on the wait for Starlink and I have no other options.

 

[slavie]

Don't get all worked up here. If it's a large company, call again tomorrow and speak to a different rep. You may have to do that a few times before you reach the person that will be willing and able to help you.

Cable companies' L1 tech support is fairly pathetic. L2 isn't always a whole lot better. I've had cases where I called Verizon to do something I had done with Verizon before and was told it's not possible. Called the next day and made the impossible possible with a rep that was clearly more knowledgeable. I have more similar stories as well, but the process and outcome are all the same.

So, whenever they tell you something that doesn't make sense, choose to trust yourself, make piece with yourself, and try again later. Arguing with an entry level, minimum wage CSR is futile. Some wise man once said: never argue with an idiot, onlookers may not be able to tell the difference.

 

[t1337duder]

Don't get all worked up here. If it's a large company, call again tomorrow and speak to a different rep. You may have to do that a few times before you reach the person that will be willing and able to help you.

Cable companies' L1 tech support is fairly pathetic. L2 isn't always a whole lot better. I've had cases where I called Verizon to do something I had done with Verizon before and was told it's not possible. Called the next day and made the impossible possible with a rep that was clearly more knowledgeable. I have more similar stories as well, but the process and outcome are all the same.

So, whenever they tell you something that doesn't make sense, choose to trust yourself, make piece with yourself, and try again later. Arguing with an entry level, minimum wage CSR is futile. Some wise man once said: never argue with an idiot, onlookers may not be able to tell the difference.

Thanks for the advice, particularly about the part about not getting worked up. I appreciate it. I feel worked up about it because it's something that's important to me. Comcast are absolute charmers compared to the people I'm dealing with. And Comcast never blocked my ports. But as the saying goes, you catch more flies with honey than vinegar.

I think I'm dealing with the opposite of a large company. If anything, this is a small company. The 2nd person I talked to, the person who told me that I'm not allowed to run servers, seems to be "the person in charge" of dealing with these matters. Anyone I call or ask to at that company is going to point me towards that person (already happened twice). I'm not under the impression I can solve my problem by "getting the right person". Which is why I'm already worked up about this.

I'm not a tech genius, but common sense tells me their ISP provided router has a built-in firewall, like every other router out there. Their policy is that I'm not allowed to make changes to that router, so I'm not given access and I can't confirm my theory. But if this were the case, why wouldn't they simply tell me that? It feels like by suggesting they aren't blocking my ports, that are really just trying to suggest I'm incompetent and that I don't know what I'm doing.

 

[Vengance_01]

Starlink in your area?

 

[t1337duder]

Starlink in your area?

I've been on the wait list. The website says there should be more availability in 2023. I'm sure everyone living here is trying to sign up for that. We are getting absolutely ripped here. I pay $80/mo for 10 Mbps down, incompetent support, and an ancient 2.4GHz router stuck in front of my network. There are no options where I live.

 

[slavie]

Ouch. I imagine you have already explored the option of getting your own router, or have you? ISP provided routers have been getting more and more restrictive over the years. The more they limit the router, the less they have to deal with people mis-configuring them, or such is their reasoning.

My example of where I was fighting with Verizon was about the router - the ISP had to flip a switch on their end to enable me to do that.

Also, try to avoid fancy words like "server", as that often triggers the response that you're dabbing into commercial activity and must have a commercial account at 5x the price. I was once told that in order to have a network printer I must have a dedicated server, Xeon CPU's and all...

Try different approaches. Sometimes playing dumb works - stroking the ego of the CSR rep in asking them to use their god-level knowledge and tech skills to help you out.

Being at the mercy of a single company blows, I've been there. Once time it took me 4 months of back and forth to hook up Fiber internet where the company was denying it was possible, even though the optical cable had been run to a pole by the house and was clearly visible. Another time Optimum Online took me to collections for a modem I had never owned; took me something like 15 phone calls (and a complaint city's regulatory agenciy) to knock reason into their heads.

 

[rhkcommander959]

Make and model of the modem? You can usually get rudimentary access to it at least, and then hopefully have options.

You might be able to provide your own too

 

[Nicklebon]

I'm confident that I know how to properly do it (it's easy, and yes, I have a static IP).

Is this a satellite ISP or a WISP? Are you certain you have a static publicly routable IP? Also, Starlink will not be a solution for this as they use CGNAT so no inbound traffic you. There is a possibility that will change later but as of today ... sorry Charlie.

 

[t1337duder]

Is this a satellite ISP or a WISP? Are you certain you have a static publicly routable IP? Also, Starlink will not be a solution for this as they use CGNAT so no inbound traffic you. There is a possibility that will change later but as of today ... sorry Charlie.

I really appreciate that info. I was under the impression it was a satellite ISP, but to be honest, I wasn't aware there were other wireless solutions other than satellite. There's a small satellite outside of my home that points towards my ISP's tower. I can't find any other specifics about it on their website.

I also wasn't aware that there are entire ISP networks with zero capability for inbound traffic. I could see that for a mesh internet service provided in an apartment or similarly circumstances. But the entire ISP? It's hard for me to imagine paying ~$100 for an internet service where your internet ability is so incredibly limited. Essentially, all I can use Starlink for is browsing websites, and downloading/streaming content? That really stings. Now I wonder if my ISP has similar limitations. If that were the case, it would be nice if they at least told me that directly so I'm not fumbling about trying to do something the wrong way.

Traditionally, I've used virtual private networks and network tunneling to bypass port issues in the past. Is that an option here? In the past, I've setup Zerotier on client PC's so I'm able to give remote support via Teamviewer. Or am I forced to move just to have what I thought were the most basic internet capabilities?

EDIT: I've received a follow-up reply from my ISP,

"Distribution, by our definition is sending content, be it software,
music, movies, and game streams. We see no difference between a
distribution server and a personal streaming server when both traverse
the WAN interface of the router. Lots of customers have personal
streaming servers on our network, but they are generally streaming
within their LAN."

Absolutely bonkers. In response to my need to have ports open so I can provide remote support to my client via Teamviewer:

"Considering what you are saying here, we might not be the best network
on which to operate your IT business. There are plenty of 3rd party
server options like Godaddy, reasonably priced and better set up to
accommodate your needs. And you are correct: many large ISPs will
allow you to set up your own router behind a bridge. We’re not one of
those. CenturyLink and StarLink offer service in your area and might be
able to accommodate this type of connection. While we hate to lose
customers, we don’t want to see a customer unhappy when they might be
better served elsewhere."

If there are limitations with their network, why not just be upfront about it? Why give me round-about answers and repeatedly tell me "No" and refer me to some "Acceptable Use" crap? Oh well. I'll look into network tunneling. From my research it has worked for some Starlink customers - maybe it will work for me.

 

[rhkcommander959]

I know what you mean...

A lot of ISPs will give you legalese jargon because they don't want you torrenting or hosting services as you're finding out, you can argue with them if you want to but I'd just say you're trying to play some game and it won't work because the port is blocked. Saying anything outside of that will get the hamster wheel moving towards their ToS crap. Gaming is probably supported under their ToS, and won't likely trigger them unless you slip up and say you want to HOST a game SERVER or something, don't do that!

Dumb question, but did you actually test that the ports are blocked by the modem? The few ISPs I've dealt with I didn't even have to bridge or open ports on their modem, just my gear behind it.

 

[t1337duder]

I know what you mean...

A lot of ISPs will give you legalese jargon because they don't want you torrenting or hosting services as you're finding out, you can argue with them if you want to but I'd just say you're trying to play some game and it won't work because the port is blocked. Saying anything outside of that will get the hamster wheel moving towards their ToS crap. Gaming is probably supported under their ToS, and won't likely trigger them unless you slip up and say you want to HOST a game SERVER or something, don't do that!

Dumb question, but did you actually test that the ports are blocked by the modem? The few ISPs I've dealt with I didn't even have to bridge or open ports on their modem, just my gear behind it.

Yes, I hooked up a laptop directly to their router via ethernet with all software firewalls disabled. Long story short: their device has a firewall that can't be conventionally bypassed.

Thankfully, there's a happy ending to my story. I installed Zero Tier VPN and had my media servers accessible in minutes. It's not the most convenient solution in the world to my problem (e.g. installing ZeroTier on every client who wants TeamViewer support) but it will suffice until I've found an ISP that doesn't suck!

 

[SamirD]

I've been on the wait list. The website says there should be more availability in 2023. I'm sure everyone living here is trying to sign up for that. We are getting absolutely ripped here. I pay $80/mo for 10 Mbps down, incompetent support, and an ancient 2.4GHz router stuck in front of my network. There are no options where I live.

Someone was selling a unit on another forum and last I checked it was still available. PM me and I'll send you the link.

 

[SamirD]

If a vpn works, then I would simply spin up a cloud desktop and set up a site to site to that cloud desktop that has complete access to the Internet.