Support

FAQ

Blocked network ports

In accordance with industry standards and network security we are blocking the following network ports both inbound and outbound. This practice protects you and the network as a whole, it is in line with other providers in the industry.

Port & protocol
Description
25 TCP
SMTP is unsecured, and Botnet spammers can use it to send spam. We recommend using port 587 for sending outbound email. Businesses with dedicated IP’s may request this to be allowed.
135 TCP/UDP
Windows file share/NetBIOS
136 TCP/UDP
Windows file share/NetBIOS
137 TCP/UDP
Windows file share/NetBIOS
138 TCP/UDP
Windows file share/NetBIOS
139 TCP/UDP
Windows file share/NetBIOS
445 TCP
Windows file share
1900 UDP
SSDP This port is routinely exploited for Distributed Denial of Service (DDoS) attacks

IPv6

At sites where IPv6 is enabled, its support is on par with IPv4.

Using our managed Wi-Fi networks.

All your devices will be placed into a VLAN (Virtual Local Area Network) that is unique to your unit. This VLAN is isolated from all other VLANs and units. Using RA (router announcements) your device will pick an IPv6 address using SLAAC (Stateless Address Auto-Configuration), your device will also receive our IPv6 DNS server.

You can test your IPv6 connection
here
The following configuration is default on many consumer routers but not all. Please consult with your router manufacturer if you have questions on enabling this.The wan interface of your router will get an IPv6 address using SLAAC but like above. The LAN interface will get its IPv6 address using DHCPv6-PD (Prefix Delegation). We support PD requests between network blocks of /60 and /64.You can test your IPv6 connection here

Vendor connections

We support two types of vendor connections at our sites.

Public IP

With this option, we will provide you with an ethernet port hand-off from the nearest switch location. It is the vendor’s responsibility to run all the cabling for this. In the IDF locations this hand-off will only be 1gbps RJ45 port. In the location where we have our core switch, we can offer ports with 1 or 10gbps fiber hand offs. This port will offer public IP addressing. We can do static or DHCP IPv4 and at supported site we can also support IPv6. The vendor will be responsible for reaching every location they need network access. At many sites we offer access to fiber that we ran between IDF locations. We do not block or filter traffic for public IPs other than expectations listed on the rest of this page.

Behind our NAT

With this option, your devices will be behind our NAT/firewall/dhcp. You can connect your end point devices directly to our managed switches on assigned ports. We will set up a dedicated VLAN, so all of your devices are on the same network. We can also link this VLAN with the Wi-Fi system if you wish. You will have to use the IP range/subnet we assign. Our switches may offer POE if we have the POE budget available. If you need more ports than we have available in a location, you may be asked to pay for us to install another managed switch in that location. We do not do port forwarding or open firewall rules, if you need this, please see the Public IP option.

NTP and DNS

We provide all our network clients with DNS and NTP servers.

DNS (Domain Name System)

While on our network, it is recommended to use our following DNS servers as they will provide the fastest experience.
199.185.174.9
199.185.175.9
2605:7b80:0:8001::53
2605:7b80:0:8002::53

NTP (Network Time Protocol)

This allows your devices to synchronize their clocks with the global time system. Many client devices will already have somewhere to synchronize. If your device does not have its own, while on our network, you may use time.asn2728.net as the NTP server.

Take Command