Port 2222

  • 1
  • Question
  • Updated 2 months ago
  • Answered
Hello,

I use the Pantheon hosting service (https://pantheon.io) to host some websites and in order to update the site it's required i connect via Git, SSH or SFTP which Pantheon opens on port 2222.  It seems like Viasat/Exede are blocking port 2222 and now I can't connect at all to my site. Is this true? I get a timeout error trying to access:

http://portquiz.net:2222
But almost all other ports seem open.
Looking for help here... Thanks.
Photo of Kris Robinson

Kris Robinson

  • 4 Posts
  • 0 Reply Likes
  • frustrated, confused

Posted 6 months ago

  • 1
Photo of VeteranSatUser

VeteranSatUser, Champion

  • 3637 Posts
  • 2127 Reply Likes
Possible it is being blocked. Which modem?
Photo of Jack Britton

Jack Britton

  • 19 Posts
  • 7 Reply Likes
So I was able to SSH on 2222 to the address you posted about.  I got the encryption key and login so the port is not being blocked by VIASAT.  I doubt your modem is doing it either unless you have changed its default settings.   Just a question, what are you using to try to connect with the HTTP protocol?  
Photo of Bev

Bev, Champion

  • 3087 Posts
  • 1298 Reply Likes
Are you out of Priority data for the month and, speeds are slowed, thus causing the site to time out? Have you tried the site when connected via Ethernet cable, not just wifi?
Photo of Diana

Diana, Viasat Employee

  • 2260 Posts
  • 429 Reply Likes
Hi Kris,   I received your email and it has been escalated it.    Telnet is blocked for security reasons. It is a common attack vector for malware.  Diana
Photo of Jack Britton

Jack Britton

  • 19 Posts
  • 7 Reply Likes
So port 2222, some off port they have decided to use, is not telnet.  Telent is port 23.  The normal SSH port is 22.  Blocking telnet should not block either one of those ports.  Also they aren't normally blocked from the inside out, meaning that you could probably even telnet from within the network to outside the network as long as the connection was initiated from within.  At any rate I SSH, use Git, and do a lot of other network centric stuff from my home office over Viasat.  I have never gotten a firewall generated error.   ssh trump.freeshells.org from your ssh client and you will see SSH is not blocked in anyway.   Git is not blocked.  I can't see a single port that is blocked from the inside out.
(Edited)
Photo of Diana

Diana, Viasat Employee

  • 2260 Posts
  • 429 Reply Likes
Jack, thank you. I will check with the network team that gave me that information for verification. Port 2222 does allow malware through and will remain blocked, from what I have been told. Diana
Photo of Kris Robinson

Kris Robinson

  • 4 Posts
  • 0 Reply Likes
Yeah this is just a weird port to block, totally screws me over too :( Git and SSH work fine on regular ports, its just that Pantheon decided to run it over 2222, probably to limit SSH attacks on port 22 I'm guessing.
Photo of Jack Britton

Jack Britton

  • 19 Posts
  • 7 Reply Likes
Kris:  Something else you could try if port 2222 is blocked from the inside out for you is a VPN service like NordVPN (I use this all the time for different things). Nord tunnels your traffic through a VPN Service (and a server that is somewhere else on the ground) your traffic is tunneled through the VPN and the Viasat guys won't be able to block it.  Google them and see if you can get a free trial or buy 3 days worth.   
Photo of Jack Britton

Jack Britton

  • 19 Posts
  • 7 Reply Likes
Kris.  I totally verified that this works (VPN thingy).  I went to Pantheon, created a free dev account, created a sandbox site called jacksplayground, added my SSH key to the site, started up NordVPN, cloned git repo from site:


Photo of Kris Robinson

Kris Robinson

  • 4 Posts
  • 0 Reply Likes
Wow thanks Jack, I'm going to try this.

Pantheon also has these docs on their help site for this issue as well, tunneling via another SSH connection: https://pantheon.io/docs/port-2222/
Thanks again.
Photo of Jack Britton

Jack Britton

  • 19 Posts
  • 7 Reply Likes
The ssh tunneling - forwarding should work for sure but you need a place to tunnel to that will let you forward traffic through it.  Its pretty much the same principal as using a VPN but free if you have an off Viasat server that is friendly.
Photo of Kris Robinson

Kris Robinson

  • 4 Posts
  • 0 Reply Likes
The VPN also seems like a better option because I'll be doing more than just Git (pulling/pushing databases and files for example).  Thanks again for the help, much appreciated.
Photo of John Rickard

John Rickard

  • 7 Posts
  • 2 Reply Likes
A point to point VPN is always the best way to move traffic between networks securely, and YES, Viasat is blocking port 2222 and others.  I've had to redirect through a stateful firewall to other ports that are not blocked.  At first I thought it was related to my activities but at this point I don't think so. 

This was tested again over this last weekend and sure enough 2222 was blocked although 2223 was not.  Pantheon should allow you to change the port it uses though, try that first.  This explains what else, although not all, uses of port 2222.   https://www.speedguide.net/port.php?port=2222 

Port 2222 though DOES NOT let malware through as stated by Diane it's only a port that is sometimes taken advantage of by malware although in my experience not often.  What I tried to use port 2222 for would not let any malware through as traffic in my instance is only allowing one remote IP address to connect and that traffic is encrypted.

I wish us luck in using the Internet as we see fit instead of how our corporate providers think we should use it!   Throw out incumbents in general and specifically those who didn't vote for net neutrality.
(Edited)
Photo of Diana

Diana, Viasat Employee

  • 2260 Posts
  • 429 Reply Likes
 Updated information from the network team states port 2222 is not normally blocked. I am sorry for the misinformation I was given yesterday. Diana
(Edited)
Photo of crystal3tech .

crystal3tech .

  • 20 Posts
  • 1 Reply Like
I am also experiencing port 2222 blocked for SSH.  Port 2222 is what InMotionHosting uses for SSH to their shared hosting.
Photo of crystal3tech .

crystal3tech .

  • 20 Posts
  • 1 Reply Like
Viasat, please remove the blocking on port 2222.  thanks.
Photo of vervex

vervex

  • 1 Post
  • 0 Reply Likes
I'm a bit late but I also wanted to chime in and report that port 2222 is blocked for me too. I use a VPN to bypass the blocked port and connect to SFTP (I'm a web developer). This is a very annoying issue, especially since upload through VPN is slow (Viasat's download speeds are good, but their upload performance is very poor.) I wish Viasat made it easier for its users to work with hosting services that use (rather commonly) port 2222.