Diagnosis/conclusion of Skybuck's UBEE cable modem from 2009 (tutorial how to get into it even if corrupted)

[skybu...@hotmail.com]

Hello,

My diagnosis/conclusion concerning my UBEE cable modem is:

Corruption of download signal over COAX is somehow locking the modem out, or it's done by ISP provider, mostly it is caused by signal corruption.
(Could also be a miss configuration by ISP because of upgraded protocol, old modem gets confused by newer protocol, see log below)

This tutorial might help those to diagnose problems and to see menus of UBEE cable modem, the exercise in itself is almost useless it does provide some information about mac addresses and firmware, but logs will be deleted/reset, however this exercise does prove the cable modem is working correctly before it is hooked up to the COAX:

1. Disconnect cable modem from power.

2. Disconnect cable modem from coax/white cable (to splitter).

3. Connect cable modem to power.

4. Press reset button with a tiny screw driver.

5. Have browser open and navigate to 192.168.1.1

Use following links if 192.168.1.1 is not showing default menu:

Basic information is accessible without username/password:

http://192.168.1.1/BasicCmState.asp
http://192.168.1.1/BasicFirmware.asp
http://192.168.1.1/BasicStatus.asp

Advanced information is accessible with authentication:
user: admin
password: password

http://192.168.1.1/AdvMta.asp
http://192.168.1.1/AdvLine.asp
http://192.168.1.1/AdvDhcp.asp
http://192.168.1.1/AdvQos.asp
http://192.168.1.1/AdvProvisioning.asp
http://192.168.1.1/AdvEventLog.asp

The outputs will be htm pages, with red bars and information.

The event log was the most interesting after step 6:

6. Connect cable modem back to coax, I did it by disconnecting power first.

This is what the log showed:

Advanced
Event Log
This page displays the Event Log on the current system.
CM Event Log
Date/Time Event Level Event ID Description
Time Not Established Warning (5) D3.0 DHCP WARNING - Non-critical field invalid in response ;CM-MAC...
Time Not Established Critical (3) R2.0 No Ranging Response received - T3 time-out;CM-MAC=0c:60:76:49...
Time Not Established Critical (3) T1.0 SYNC Timing Synchronization failure - Failed to acquire QAM/Q...
Time Not Established Critical (3) T2.0 SYNC Timing Synchronization failure - Failed to acquire FEC f...

MTA Event Log
Date/Time Event Level Event ID Description
Endpoint

I now believe that this response says it all:

"Non-critical field invalid in response"

Something strange is being downloaded.

Either it's a misconfiguration/miss communication from the ISP side, confusing this modem which is from 2009 or it is data corruption because of noisy signal.

Hopefully soon new splitter will arive which is supposed to replace old splitter to clear up analog tv signal.

It will be very interesting to see if this fixes the problem.

If not I may phone ISP with my findings to inform them that they might be causing some weird kind of misconfiguration on my modem, probably because of more advanced protocol from their side which may not be incompable with this older modem.

Date: 15/10/2018

Bye,
Skybuck.

[skybu...@hotmail.com]

Little typo corrected, I think I ment to write the last line as follows:

"...probably because of more advanced protocol from their side which may now be incompatible with this older modem."

(Modem works fine for internetting, just can't get into the menu, resets connections when attempting too, may be a weird DHCP misconfiguration ?!?)

Bye,
Skybuck.

[jrwal...@gmail.com]

On Monday, 15 October 2018 00:22:58 UTC+1, skybu...@hotmail.com wrote:
> My diagnosis/conclusion concerning my UBEE cable modem is:

Probably wrong.

> http://192.168.1.1/BasicCmState.asp
...

> The outputs will be htm pages, with red bars and information.

There is not much point in providing all these links, because they are
only readable by you as they point to the private LAN address of
the modem.

> Event Log
> This page displays the Event Log on the current system.
> CM Event Log
> Date/Time Event Level Event ID Description
> Time Not Established Warning (5) D3.0 DHCP WARNING - Non-critical >field invalid in response ;CM-MAC...
> Time Not Established Critical (3) R2.0 No Ranging Response received - >T3 time-out;CM-MAC=0c:60:76:49...
> Time Not Established Critical (3) T1.0 SYNC Timing Synchronization >failure - Failed to acquire QAM/Q...
> Time Not Established Critical (3) T2.0 SYNC Timing Synchronization >failure - Failed to acquire FEC f...

All these messages are telling you that the cable has been unplugged and
the modem was unable to make contact with the service provider.

> If not I may phone ISP with my findings to inform them that they might be >causing some weird kind of misconfiguration on my modem, probably because of >more advanced protocol from their side which may not be incompable with this >older modem.
>

I don't think that approach will get you very far as they probably
know more about how the modem interacts with their system than you do.

You might do better by asking them to run their remote diagnostics
and check that the modem is working properly. They should have access
to all the information you tried to post.

It would be helpful to know whether the modem is now configured as a
router rather than just a modem since you reset it.

Try running ipconfig/all again with the cable modem properly
connected to the coax. What does it say?

In particular, does your PC still have a public IP address or does it
now have an address like 192.168.x.x

Can you still access the internet OK just after you have run ipconfig?

John

[skybu...@hotmail.com]

On Monday, October 15, 2018 at 8:26:56 AM UTC+2, jrwal...@gmail.com wrote:
> On Monday, 15 October 2018 00:22:58 UTC+1, skybu...@hotmail.com wrote:
> > My diagnosis/conclusion concerning my UBEE cable modem is:
> Probably wrong.
>
> > http://192.168.1.1/BasicCmState.asp
> ...
> > The outputs will be htm pages, with red bars and information.
>
> There is not much point in providing all these links,

This is incorrect.

The advanced links are hidden from view.

Now you know.

> because they are
> only readable by you as they point to the private LAN address of
> the modem.

Must know the links first.

> > Event Log
> > This page displays the Event Log on the current system.
> > CM Event Log
> > Date/Time Event Level Event ID Description
> > Time Not Established Warning (5) D3.0 DHCP WARNING - Non-critical >field invalid in response ;CM-MAC...
> > Time Not Established Critical (3) R2.0 No Ranging Response received - >T3 time-out;CM-MAC=0c:60:76:49...
> > Time Not Established Critical (3) T1.0 SYNC Timing Synchronization >failure - Failed to acquire QAM/Q...
> > Time Not Established Critical (3) T2.0 SYNC Timing Synchronization >failure - Failed to acquire FEC f...
>
> All these messages are telling you that the cable has been unplugged and
> the modem was unable to make contact with the service provider.

These messages till the webserver of the modem is working when not connected to coax, and for whatever reason stops working when connected to coax and isp.

The content of the messages could even be considered irrelevant.

It's the connection and the operationality of the webserver which is proven.

> > If not I may phone ISP with my findings to inform them that they might be >causing some weird kind of misconfiguration on my modem, probably because of >more advanced protocol from their side which may not be incompable with this >older modem.
> >
>
> I don't think that approach will get you very far as they probably
> know more about how the modem interacts with their system than you do.

This is an assumption on your side. My fear is they are clueless and simply bought a new docsis 3.0 hosting/server, plumped it down somewhere and never tested on it on old ubee cable modem from 2009 cause they don't have any left.

Their professionality might be tested by me on the phone asking them questions about this.

Do you want to place bets on their profesionality ? =D

I am hoping for the best, but the results prove otherwise for now ;)

For their sake I hope it's corruption issue, otherwise prove is basically already delivered unless device is damaged.

So your assumption is the reverse of what it should be based on the story and the results presented.

> You might do better by asking them to run their remote diagnostics
> and check that the modem is working properly. They should have access
> to all the information you tried to post.

They claim they can access my modem, at least the last time, these are just status pages, the configuration menu of the modem itself might only be accessible from my side, not sure if settings are uploaded to them and then later downloaded again. I would assume not though.

First time they could not enter the modem.

This part of the modem may be working correctly for some reason.

My suspicion is the DHCP server/tcp ip stack is somehow misconfigured over the download begins somehow causing a tcp reset whenever my PC tries to communicate with it.

^ This is the real mystery so far. I bet it has to do with the DHCP misconfiguration/field.

> It would be helpful to know whether the modem is now configured as a
> router rather than just a modem since you reset it.

What is the point of this ? NAT issues ? There ain't no NAT issues, this is bridge mode as far as I can tell.

> Try running ipconfig/all again with the cable modem properly
> connected to the coax. What does it say?

Everything looks fine see other thread, nobody saw anything bad.

Public IP address.

> In particular, does your PC still have a public IP address or does it
> now have an address like 192.168.x.x

Still public ofcourse, otherwise could not sent this message unless it was NATTED.

> Can you still access the internet OK just after you have run ipconfig?

Internet access restoration is very fast, can reconfigure my adapter and such, modem changes IP from 192. to public ip as soon as it downloads stuff from ISP after reset/reboot of modem.

Bye,
Skybuck.

[skybu...@hotmail.com]

I forgot to mention the method of debugging this modem and producing the log:

Being a programmer myself I used the logging functionality of the cable modem as a "debugger" by using the refresh F5 functionality of the webbrowser to get a constant update of the log (like stepping through code, this will show what the modem is doing step by step), and using the back button of the browser as a breakpoint. The webbrowser apperently remembers the last successfull transmission of the cable modem/websites/webservers. Firefox was used for this.

Exact method is as follows:

1. Connect modem as usual.

2. Power on modem.

3. Reset modem

4. Surf to http://192.168.1.1/AdvEventLog.asp

5. Keep pressing F5 until the log disappears/connection reset message.

6. Press back button of browser and examine last good log.

Bye,
Skybuck.

[jrwal...@gmail.com]

On Monday, 15 October 2018 13:10:44 UTC+1, skybu...@hotmail.com wrote:

Lets take a step back and check that all the following is true:

1) The service provider thinks that the modem is working OK.

2) Your PC is always getting its address by DHCP and you are not
setting addresses manually at any time.

3) When the modem is NOT connected to the cable network it acts
as a DHCP server, giving your PC an address in the 192.168.1.x
range. You can access the status pages of the modem at 192.168.1.1

4) When you connect the modem to the cable network the modem
appears to stop acting as a DHCP and web server and instead
re-configures itself into bridge mode.

5) When your modem is in bridge mode your PC is given a public ip
address of 84.25.113.203 and allocated a default gateway address
of 84.25.112.1 with a subnet mask of 255.255.254.0 (/23).

6) In this state you can access most or all places in the internet
but you can't receive incoming traffic.

7) When you go to www.whatismyip.com it tells you that your IP
address is 84.25.113.203 This means that there is no NAT
between your PC and the internet.

8) You want the modem to be in bridge mode and you want your PC
to have a public ip address where some ports can be reached from
the internet.

9) You would also like to be able to access the management and status
pages of your modem when it is operating.

Please confirm that every one of the above assertions is true. You
might think this is a waste of time, but it establishes clearly how
your system is set up, how you want it to be set up and confirms
exactly what IS working. If any of them are NOT true, please explain.

If all the above is true, there does not seem to be anything unexpected
about DHCP behaviour. Your PC is being given a public IP address by
the service provider when the cable is connected.

You stop being able to access the modem web server because its
management website is on a different subnet range from the public
one given to your PC by the service provider.

If you want to check the modem settings while it is connected to the
cable network you may be able to do this by manually configuring your PC
as follows:
IP address: 192.168.1.66
Subnet mask: 255.255.255.0
Gateway: not needed but you could enter 192.168.1.1

You may now be able to access the modem management pages on 192.168.1.1
If you can't, then try 192.168.0.66 for your PC and 192.168.0.1 for the
modem and default gateway. Also try 192.168.2.66 and 192.168.2.1
respectively. Cable modems often have different addresses for their
configuration servers when they are in bridge mode.

When you have finished, make sure you go back to DHCP mode for address
setting on your PC, otherwise you will lose access to the internet.

Are you absolutely sure that you don't have a Windows firewall
blocking all incoming ports on the ethernet interface?

Please set your Windows firewall so that it allows incoming ICMP ping
packets from all source addresses - local and remote - to the ethernet
interface. Be careful not to let in any other traffic except perhaps
for UDP port 16000 which you want to let in for your game.

John

[skybu...@hotmail.com]

Everything is as you described John.

The firewall is down, but I am not sure if it is actually still blocking, don't think so though.

Some services are stopped like IP helper, don't think that is of any influence though.

Remote Wi-Fi/Natted connections may be the cause, not my home computer (???)

I am going to try and verify this now with help from my ISP ;)

Network engineer coming soon to test cable signal and such related to TV noise.

Helpfull guy on phone from ziggo explained multiple devices responsible for tv signal.

Also informed him of weird shakey video.

Also explained some bandwidth loss is unnoticeable with such a fast cable modem.

Bye for now,
Skybuck.

[skybu...@hotmail.com]

Ok I called ziggo a couple of times to try and get to the bottom of this.

At least the television section of ziggo was usefull, they will send a network engineer to try and diagnose the problem when it comes to noisy signal.

The internet section/service/support of ziggo was a bit less helpfull, but they try.

Questions asked by me:

1. Is a custom modem allowed, can I buy a custom mode:

Answer: no not allowed, it is "allowed" to have old cable modem :)

2. Is a screenshot from their settings on their end possible to be send to me ?

Answer: no not allowed.

3. Are they willing to perform some tests with me, with my own software, to test if the cable modem and internet is working properly, port-wise and such.

Answer: I'll ask, and eventually no not allowed, to much risk to their systems.

I did suggest installing a virtual machine, they girl on the phone thought that was neat.

Later I guess a superior/supervisor guy came on the phone claiming to be a programmer himself, futher questions asked to these people and girls and such:


4. Does ziggo have a testing facility where they test all of their combinations and such ?

Girl wasn't entirely sure, but yes such a division exists but nameless or she didn't know.

5. Later I asked the guy do they test combinations of new gear with old gear.

Not really. They do claim they have this old ubee cable modem in stock, I kinda doubt that a little bit but ok.

6. Does my cable modem upload settings to their servers ?

No, it does not, but yes they can see settings.

7. Is it technically possible for them to set back an older firmware version ?

No, not possible.

8. Is it possible for them to provide me with URLs of configuration screen, perhaps I can access it that ? No this was not possible.

9. Finally the girl tried to reset the modem, by setting back default factory settings. This disconnected the phone, unfortunately this did not help.

It did seem like the graphics of the button slightly changed, but this could be a "stored htm" vs "loaded/active htm" not sure why Firefox would render it differently.

At this point I called back just to inform them this did not help.

10. Have other customers reported not being able to access this cable modem menu ?

Answer: No, most people don't do this or won't notice it, or have newer cable modems.

11. Does ziggo have cable modems available without ventilators ?

Guy found this funny. I told him because of dust reasons, this could cause overheat and noise.

12. Guy starts to tell me about wi-fi capabilities of new modems, this was a reason for ziggo to allow "upgrades" of new modems... to replace them.

I listened to his story. I did find this funny and told him I find WI-FI a security risk because of hackers and denial of service attacks/cyber attacks.

Funny enough he disagreed with this and said: "THIS IS NEVER GOING TO HAPPEN"

At this point I started lolling on the inside. I hope he is right, but I don't think he is LOL.

Someday the Russians gonna roll in and NUKE everybody's WI-FI LOL.

Anyway at this point we got disconnected, maybe he slapped the phone on the hook or it was because it was 22:00 and service time is up.

Didn't mind that much though, I got what I wanted in answers.

He also went on about "hackers" would never attack me cause I would need to be somebody important ?! Wow... wtf ?! LOL. So he kinda assuming that I am not somebody important ?! LOL. This may be interpreted as a slight insult perhaps maybe not... but it's funny none-the-less ;)

He also told me a wrong IP of my modem according to him it's 192.168.178.1... I said let me try that right now.. me re-configuring my PC.. and nope didn't work... he started mubling about DHCP crap/reconfigs and so forth... he kinda new this was all bullshit etc... I told him I scanned my network pretty sure modem is at 192.168.1.1

I am even thinking of causing a IP conflict on purpose or using ms-dos and ethernet packets just to do ARP manually and so forth.

Anyway I pulled out all the stops in trying to get this configuration menu to work on my side, but nope.

They have their own special software to see modem settings.

I did suggest they try and connect up their ubee cable modem evm320b if they actually still have one and try and connect to it via a webbrowser like I am doing...

Also reported this strange DHCP error message, they had no idea about this... maybe they'll forward it to the "test" department if they have such a thing ;)

I find it very interesting how this company will behave in the future, say 10 or 20 years from now ?!

What if their products become incompatible with older hardware. They might even face the justice court if some lives are lost because of phones not working.

For now this is not the case and all is working except modem configuration issue.

I did ask girl what "network access: denied" ment... but she didn't see that setting in her screen... which is kinda weird. For now I will assume this later changes to allowed when the modem boots up. So this probably means "access to ISP network".

I hope that any ISP boss that reads this understand that as new gear is introduced their budget for the "testing department" will have to go up because of the number of combinations that rises.

The number of combinations probably rises almost quadratic or for each new device, every old device/combination has to be tested.

The girl did ask why I would want into this menu. To see error reports and see if anything is wrongly configured.

The girl also noticed many drop packets.

Today was the first time in 20+ years or so that I was thinking that I may have to switch internet providers if this situation degrades.

For now everything is basically fine, except tv signal. It's most other computers on the internet behind NAT and such that is causing testing problems.

One idea might be to use port 80 tcp/http port to see if this might get through to my PC from these Wi-Fi hotspots, by running some webserver or so on my PC.

All this NAT out there is making it very hard to diagnose connection problems.
Now I am still not sure what the cause is of connection failures.

Team viewer found a way around this, I think they may be connecting computers via their own servers.

This means Team Viewer may be spying on people's desktop activity ! ;)

They may be using their services for "rendevouz/NAT port discovery and trying to connect PCs directly without them in between or they may actually be spieing.

Guy also suggest a network sniffer, also said I thought of doing this and did do this somewhat on my PC not on the laptop.

But for this too work traffic must ofcourse reach my computer otherwise it won't be that helpfull.

Conversations were nice, the end was a bit abrupt.

Interesting times ahead.

It will keep testing until I figure out the cause of these failed connections and failed udp communication.

If needed everything will be masked as tcp/htpp/port 80 possibly encrypted as well, as a big middle finger to NAT crap.

(Also I hope to test different computers/laptops/connections etc)

Bye for now,
Skybuck.

[jrwal...@gmail.com]

On Monday, 15 October 2018 19:54:05 UTC+1, skybu...@hotmail.com wrote:
> Everything is as you described John.
>

So for outbound connections, everything really is working properly.

> The firewall is down, but I am not sure if it is actually still blocking, don't think so though.
>

I don't understand exactly what you mean by this. Is the Windows firewall
active or not? Is it configured to allow any incoming traffic?

In particular, have you configured it to allow incoming and outgoing
ICMP ping packets?

If it is easier, you can just enable all ICMP traffic. This is very
unlikely to do any harm and would greatly help debugging the connection.

> Some services are stopped like IP helper, don't think that is of any influence though.

I don't think that will make any difference as it is used to provide
IPv6 by a tunnel.

> Remote Wi-Fi/Natted connections may be the cause, not my home computer (???)
>

What do you mean? You are not using WiFi and you do not appear to be
using NAT.

I have tried port scanning your IP address and nothing is responding.

I do get responses from your default gateway.

It would be very unusual for a router in bridge mode to do any kind of
filtering, so incoming packets should be reaching the ethernet port
of your PC.

Almost certainly, something about your PC setup is blocking incoming
traffic.

Some anti-virus software includes a firewall that acts in addition
to the Microsoft one.

Do try and allow ICMP access. This will help a lot.

Consider using Wireshark to do a packet dump on your ethernet port. It
should show lots of random traffic trying to access your PC. It should
also show an incoming ping from me every second.

John

[skybu...@hotmail.com]

> > Everything is as you described John.

Except for one thing. My PC was capable of receiving UDP packets from a website.

(Didn't have time to write that yesterday).

> So for outbound connections, everything really is working properly.
>
> > The firewall is down, but I am not sure if it is actually still blocking, don't think so though.
> >
> I don't understand exactly what you mean by this.

Windows may have a bug in it's firewall.

> Is the Windows firewall active or not?

The windows firewall is stopped.

> Is it configured to allow any incoming traffic?

Not sure, though plenty of applications are configured to go through it.

> In particular, have you configured it to allow incoming and outgoing
> ICMP ping packets?

Not yet.

May try so later today.

At the moment I tried switching to a different ethernet port.

My PC's motherboard has two ethernet ports.

I was under the impression one might be damaged/failing/not working.

But I just switched to it, and simply removed the modem of the power grid and then plugged it back in, since the modem was failing to assign it an IP properly... instead windows assigned it 169 via it's protocols... after the power reset the cable modem did assign 192.168.1.1 and now a new IP address for my PC which is a little bit odd that now the IP address changed and be quite a lot:

My computer's public IP is now totally different:

This 212.120.118.72 is totally different from yesterday.


I'll just give roll out of ip config:

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Users\Skybuck>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : DREAMPC2006
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : dynamic.ziggo.nl

Ethernet adapter Tunngle:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : TAP-Win32 Adapter V9 (Tunngle)
Physical Address. . . . . . . . . : 00-FF-88-8C-04-24
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection 8:

Connection-specific DNS Suffix . : dynamic.ziggo.nl
Description . . . . . . . . . . . : Marvell Yukon 88E8053 PCI-E Gigabit Ether
net Controller #3
Physical Address. . . . . . . . . : 00-01-6C-C8-68-F6
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 212.120.118.72(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.254.0
Lease Obtained. . . . . . . . . . : Tuesday, 16 October 2018 8:10:05
Lease Expires . . . . . . . . . . : Tuesday, 16 October 2018 9:10:05
Default Gateway . . . . . . . . . : 212.120.118.1
DHCP Server . . . . . . . . . . . : 10.255.235.1
DNS Servers . . . . . . . . . . . : 84.116.46.22
84.116.46.23
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 19:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{888C0424-09D9-48F6-84EB-EDBE6297AB66}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Reusable Microsoft 6To4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.dynamic.ziggo.nl:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : dynamic.ziggo.nl
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 17:

Connection-specific DNS Suffix . : dynamic.ziggo.nl
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2002:d478:7648::d478:7648(Preferred)
Default Gateway . . . . . . . . . : 2002:c058:6301::1
DNS Servers . . . . . . . . . . . : 84.116.46.22
84.116.46.23
NetBIOS over Tcpip. . . . . . . . : Disabled

C:\Users\Skybuck>

> If it is easier, you can just enable all ICMP traffic. This is very
> unlikely to do any harm and would greatly help debugging the connection.

I agree it would be of some use... especially checking if my PC is accessible, however pinging in opposite direction is still possible.

It's weird how a windows firewall is necessary for this ?!

Can ping not be enabled without windows firewall running ?

Apperently ICMP is embedded into windows firewall ? I find this very odd...

Windows did not use to work like this.

Older versions of windows had ICMP but no Windows firewall, so that's why it's very odd.

I guess this part of the software got moved into the Windows Firewall for security reasons or so ?! ;)

This is why I am reluctant to enable it, I want windows firewall down as to not cause any blocking and now I may have to enable it to get ICMP working which is kinda of a paradoxal situation.

> > Some services are stopped like IP helper, don't think that is of any influence though.
> I don't think that will make any difference as it is used to provide
> IPv6 by a tunnel.

The wifi-hot-spot I was using might actually have IPv6 connectivity available as well not sure about that though.

> > Remote Wi-Fi/Natted connections may be the cause, not my home computer (???)
> >
> What do you mean? You are not using WiFi and you do not appear to be
> using NAT.

My home computer is connected via ethernet/cable modem/isp and so forth.

However I take laptop away from home and into the city, inside the city there are multiple WiFi-HotSpots.

This means free internet via wi-fi.

So I try and test my computer remotely, from a free wifi-hotspot in the city...

> I have tried port scanning your IP address and nothing is responding.

If you want to continue scanning you will have to change IP since 16 october 2018, at 8:20 AM Amsterdam time.

Computer was offline when I went to sleep some 5 hours ago or so.

I think your scan was within the time period that my PC was still online and with old IP address.

I will keep this new IP address, since this will allow me to re-use the "better ethernet port" to connect directly to the laptop.

For whatever reason the other ethernet port, which is of a different manufacturer had troubles connecting to the laptop.

So at least this would allow me to use Internet Connection Sharing of Windows to have two operational computers at home capable of internetting.

Usually I don't use it, sometimes it may come in handy though.

Also it will make working on both computers a bit simpler and less risky.

Up until now I had to pull out the cable modem's power and re-power it everything I had to switch from PC to Laptop to get internet working, this is a bit risky cause of power surges going into modem. So far modem could withstand this electric beating.

> I do get responses from your default gateway.
>
> It would be very unusual for a router in bridge mode to do any kind of
> filtering, so incoming packets should be reaching the ethernet port
> of your PC.

Unless they are blocked somewhere in the internet itself.

I am not sure if NAT devices would report back via ICMP if they did block ?!

I did write some ICMP software once to tell what happens to UDP packets and such. I could try that later on... though not sure if the software is working 100% correctly for old IPv4 it seemed to work but not for IPv6.

Also ICMP is kinda shady... sometimes it will work sometimes not, some routers/devices may support it others not to prevent ICMP floods for example, or perhaps other issues.

> Almost certainly, something about your PC setup is blocking incoming
> traffic.

Perhaps it's ethernet port related, don't really think so but it's worth a try.

I did try other ethernet port (marvel) but it also cannot connect to the cable modem's configuration menu.

> Some anti-virus software includes a firewall that acts in addition
> to the Microsoft one.

Nothing else is running.

Number of services running on my PC is very limitted.

Following services are running on my Windows 7 computer, would love it if somebody repeats this setup and then tries and connect to the computer from an outside computer/outside internet connection to see if it works:

Application Experience
Application Information
Base Filtering Engine
COM+ Event System
Creative Audio Service (soundblaster)
Cryptographic Services
DCOM Server Process Launcher
Desktop Window Manager Session Manager
DHCP Client
DNS Client
Encrypting File System (EFS)
Function Discovery Provider Host (normally this is off but was started manually apperently)
Group Policy Client
Multimedia Class Scheduler
Network Connections
Network List Service
Network Location Awareness
Network Store Interface Service
Plug and Play
Power
Remote Procedure Call (RPC)
RPC Endpoint Mapper
Security Accounts Manager
Software Protection (normally this is off I think, not sure, it's probably not needed, it's on manual)
System Event Notification Service
Task Scheduler
Themes
User Profile Service
VHD Attach (custom tool/service)
Windows Audio
Windows Audio Endpoint Builder
Windows Event Log
Windows Font Cache Service
Windows Management Instrumentation

All are set to automatic except these ones:

Windows Font Cache Service - automatic delayed start.

Application Experience manual
Application Information manual
Function Discovery Provider Host manual
Network Connections manual
Software Protection manual
Windows Management Instrumentation manual

Meanwhile I have also turned off IPv6 in network settings for adapters.

Also QaS packet scheduling turned off.

And both link-layer topology turned off.

Used this have this all on, but don't think it is necessary.

Maybe it was interferring but probably not. Want to reduce possible attack surface too.

Perhaps this link-layer topology was starting the Function Discovery Provider Host service, which is somewhat unusual.

Usually this service is not running, so not sure what triggers it to start running probably me trying to view "network" or so.

> Do try and allow ICMP access. This will help a lot.

Problem with this is I would have to turn on firewall and I kinda don't like doing that, but maybe today I may try.

Though tired today, only had 5 hours of sleep. Not sure if I will go through with it today with remote testing... maybe I will test other things at home.

> Consider using Wireshark to do a packet dump on your ethernet port. It
> should show lots of random traffic trying to access your PC. It should
> also show an incoming ping from me every second.

I already tried this yesterday, lots of ARP traffic coming in as usual.

The occasional IPv6 sollicit probably from windows.

I have turned off IPv6 which is kinda interesting.

Any further IPv6 communication will definetly not be coming from my PC so if it does show up that would be a little bit interesting.

I could try running some other software/udp/tcp ports on my system.

Though then you would have to use your own software to connect to it because nobody wants to run my own software :)

I will think about this and maybe set something up.

Bye for now,
Skybuck.

[+++ATH0]

On 2018-10-15 23:31, skybu...@hotmail.com wrote:

> <snip loads of drivel>

You could do with stopping assuming you know much about this stuff.

There are so many falsehoods and incorrect assumptions you're working on
the basis of, instead of going back to first principles and not making
up a load of shit to believe in.

[DecadentLinux...@decadence.org]

+++ATH0 <ne...@ringpiece.local> wrote in news:POmdnVi5k_ziN1vGnZ2dnUU7-
d3N...@supernews.com:

Exactly
Common sense... error message = connection problem. Likely a bad RG-
6 fitting (they better be using RG-6) And sometimes the cable co in
question buys the wrong splitter and it has to be hooked up a specific
way.

Either way, the cable guy can come over and take a simple signal
strength reading out at the pole (or ground based lock box) and then in
the house at the cable modem feed line end and give you definitive
quality inspection results.

THEN one would begin looking further inbound for an issue.

[skybu...@hotmail.com]

Today I performed some more tests, from wi-fi hotspot to somewhere else/cable modem.

From these test I learned that windows security center and windows firewall must be running (with that the services I mean)

If windows firewall is off (with this I mean the windows firewall is stopped) then inbound connections udp and tcp apperently don't work.

Why this is I will have too look into, perhaps this is some windows security feature or architectural thing.

So far everything is working as normal, which is good news.

(At least when marvel adapter is used).

Bye,
Skybuck.