FTTN for business or SOHO? I don't think so...

Internet access discussion, including Fusion, IP Broadband, and Gigabit Fiber!
21 posts Page 2 of 3
by Guest » Wed May 06, 2015 2:34 am
Guest wrote:
Someone who has the FTTN product needs to ask support about the port 25 issue on FTTN and see what happens.

Most people don't care about port 25. If you're concerned about it, ask support.
by dherr » Wed May 06, 2015 8:03 am
Sure but if they are not an FTTN customer then it does not really matter unless support gives a blanket "no". Might be worth trying that but if they say "yes" then we are back to needing an FTTN customer to request it and find out if the block gets removed. I don't want to burn support time/energy for something I don't care about.

Is there no FTTN customer that really wants port 25 enough to call Sonic support and ask for it a block removal?
by kevinmcm » Thu May 07, 2015 11:55 pm
The kind of people who would need all ports open are the kind of people who'd need a static IP address, and that doesn't work on FTTN.
by dherr » Fri May 08, 2015 7:32 am
Yes, a valid point. But there is not a clean "black and white" division there. I used to need an ssh allow into a network where they could only do that via IP, not DNS name, so I clearly needed my static IP. That was years ago and I think I have used static ever since; until Sonic/AT&T FTTN. When the prospect of FTTN showed up I was running sendmail for outbound mail but not hosting my own inbound domain e-mail. I switched over to postfix with its easy setup for secure smart host use. I run a web site but it is mostly just for my wife and I so I experimented with using the sonic web hosting that comes free with the Fusion product. That works fine but I am leaning back toward just using my own domain name hosted by myself. That is due to the very stable nature of the dynamic IP and the fact that Sonic is giving us a dyndns tool for no added cost.

All that is just to say that we can actually do a lot without full static IP. I had not worked with dynamic DNS updating until now, since I have not had to, but the setup was pretty simple and it has allowed me to keep doing what I was doing with static.
by dane » Fri May 08, 2015 4:25 pm
We'll provide static IP to Fusion FTTN customers using VPN, so that'd be a solution. This isn't yet available however, but it's planned.
Dane Jasper
by kevinmcm » Sat May 09, 2015 11:16 pm
Is there a solution for IPv6? All of that protocol wrapping sounds like it's going to make the MTU too small. Can IPv4 use the VPN while IPv6 is excluded so it goes directly to the 6rd gateway? (BTW, it would be nice if 6rd worked for bonded Fusion)
by Guest » Mon May 11, 2015 12:18 pm
When I asked the question as a legacy DSL customer, I forgot that sonic.net didn't provide static IP's yet on FTTN. In any case, isn't port 25 used for incoming mail as a standard since I thought people only used other ports to send outgoing mail but incoming mail still comes in via port 25. As for the VPN delivery of static IP's. will additional hardware be needed if it goes to a wireless wifi AC router, FreeBSD Unix box, Windows, Mac OSX to take the static IP via VPN or is this something that software can handle on the clients so it can use the static IP? Only have used VPN where it takes all traffic and uses it as a gateway but never did the static IP via VPN before so not sure how that works.
by oddhack » Thu Jun 25, 2015 7:42 pm
dherr wrote:
Is there no FTTN customer that really wants port 25 enough to call Sonic support and ask for it a block removal?

Well, there is, but since support said they cannot do it, period, end of story, it is irrelevant. I eventually reconfigured postfix to use SASL AUTH on port 587 and my outgoing mail works now, yay.

Note to Sonic support: recommending port 465 to someone who said they have a postfix installation is not actually helpful, since it turns out that postfix doesn't support SMTPS.
by Guest » Fri Jun 26, 2015 1:06 am
you can do a roll your own VPN client to cover your circuit starting at 100 bucks for hardware and 40/no for access to a VPN provider.

a company called private internet access sells a 40/year open VPN account, which offers access to a shared IP in a data center (good for privacy, not for sendmail) and there is a product called the edgerouter lite from ubiquiti which can be set up as a hardware openvpn endpoint.

if you don't want to roll your own there are outfits that sell ddwrt routers set up as endpoints for VPN providers. if you want a router and access point in one that does this you can set up one of your own.

I do not know any VPN providers that sell ipsec, but openvpn is ssl-based, not pptp based, and is fairly robust.

I hope sonic starts offering access to their network via openvpn to static egress ips and dynamic, shared ips for folks who are simply privacy minded.

it took me a few hours to get openvpn running on my nas a year ago, about 40 minutes on the edgerouter and even less time on a pfsense install I'm currently using as my inside fttn gateway. I'm still testing but think the pfsense box will fail closed as I want it to; the Edgerouter as I set it up seems like a bit of a fail-open risk but i think that may be fixable.

so, if you need the bandwidth but don't want to have att read traffic easily there are live solutions today. I hope sonic pursues offering them.
by dkurn » Wed Jan 27, 2021 8:18 pm
I'm getting Authentication required (in reply to MAIL FROM command)) when attempting to relay mail to [mail.sonic.net]:587. If someone has a configuration for postfix that actually works, I'd love to look at it. Of course, you should eliminate private information.

My sasl_passwd file contains:
mail.sonic.net:587 <my-sonic-account-name>:<my password which happens to include spaces>
21 posts Page 2 of 3

Who is online

In total there are 10 users online :: 3 registered, 0 hidden and 7 guests (based on users active over the past 5 minutes)
Most users ever online was 999 on Mon May 10, 2021 1:02 am

Users browsing this forum: Bing [Bot], Google [Bot], Majestic-12 [Bot] and 7 guests