Author Topic: Xfintity Xfi detecting attacks and blocking  (Read 7510 times)

N1SFX

  • Newbie
  • *
  • Posts: 3
    • View Profile
Xfintity Xfi detecting attacks and blocking
« on: 2020-09-21, 15:53:41 »
Hi,

I have been running the Remoterig setup on my lan wired for a couple days and then and also on wireless for a week with not issues.

I then setup xxxxxx.ddns.remotefig.com and undid my local wifi password to use me device over cellular hot spot and got a sip connection error (Flashing yellow Light).

I am connecting to Xfinity Xfi on the Radio side with their Gigspeed router and the new router requires you to go to the Xfinity XFI page to setup advanced settings and have setup port forwarding using the default 1300 thru 13002.

He lies the issue, Xfinity Xfi has built in protection against outside attacks and disables ports if it detects malicious attacks. which it has detected and has reported - There should be an option to disregard the attacks and allow the ports to be remain open overriding the security for 30 days.

My other option is to completely disable the Xfi protection which I would prefer not to do as I want to retain the auto protection for other devices (Wife and kids have devices I would rather not have to keep fixing.)

If I could setup a second router to allow the RRC unit and retain the Xfinity router that would be another great option too.

Any Ideas tips and tricks would be greatly appreciated - I do know that the ports and xxxxxx.ddns.remotefig.com worked thru the hotspot at one point during my trial setup before I letf it connected to the internal LAN and WiFI to verify a solid SIP connection.

Duane
N1sfX

N1SFX

  • Newbie
  • *
  • Posts: 3
    • View Profile
Re: Xfintity Xfi detecting attacks and blocking
« Reply #1 on: 2020-09-23, 03:27:58 »
Tried to disable Xfinity advanced security and set port forwarding which still failed -Reactivated Xfinity security and verified port forwarding was still set.

Scanned for open ports and they always remain closed Tried with ports 13000, 13001, 13002 UDP and 8080 TCP then tried 5083, 5084, 5085 UDP and 8080 TCP all are still closed

Also trying to connect Controller to Xfinity mobile phone hotspot which uses Verizon cellular network.

Anyone with a similar setup or have success using different port.

Thanks,
Duane
N1SFX

N1SFX

  • Newbie
  • *
  • Posts: 3
    • View Profile
Re: Xfintity Xfi detecting attacks and blocking
« Reply #2 on: 2020-10-01, 16:29:27 »
Fixed my issue.


Found that the setting I restored did not have the correct DNS naming, I was using the local IP not the DNS name, once corrected I was able to use a cellular connection.

Verified that the cellular connection over Verizon mobile and also T-Mobile were solid and them took the remote setup for a ride in the car for the day.

Got good audio reports, had a solid connection with no drops, Noticed a little chopping of the receive audio (Tried both cellular services and local wifi and the chopping is still there), Sounds like little dropouts. Suspect a tweak to the SIP audio timing will correct that.

After two days of that I have reenabled the Xfinity XFI advanced security and verified that I still can connect over cellular, will check setup again this weekend to see how it is working.

Xfi reports malicious attacks, will see if the security alerts block the ports. Comcast states that if you allow the ports and acknowledge the alerts it resets for 30 days, I will go a month with out acknowledging alerts and see if it disabled the port forwarding.


Next projects will be:
 1) adding the TP-Link AC750 Wireless Portable Nano Travel Router - Wi-Fi Bridge/Range Extender/Access Point/Client Modes, Mobile in Pocket(TL-WR902AC)

   Will be adding this to the mobile setup as the Client RRC needs a PC to add additional Wi-Fi networks - The TP link can be accessed from a mobile device Wi-Fi browser . At $40 and that I have hotspot on cellphone there is no need for a separate additional hotspot otherwise I would have considered a Pepwave Surf SOHO MK3 Router with 802.11ac WiFi as the Pepwave surf on the go is no longer available.

2) Portable battery pack and travel pouch.

3) Input switches on client and output solid state relays or switches on the device RRC to remote control an AES magloop