Glinet to Goodcloud : which ports need to be opened?

pokinwilly · February 19, 2025, 5:10pm

Hello,

My Glinet devices are behind a firewall, with outbound ports blocked by default. They cannot connect to eu.goodcloud.xyz, while they can when connected to my domestic ISP.

Thus I need to know which ports are used by glinet device to connect to GoodCloud. And ideally to which IP address, sothat I can have this ports opened for outbound traffic.

Thank you,

braveboy · February 20, 2025, 1:32am

There is no special IP and port specified for connecting to cloud service devices, but you can set the priority of the network port.

pokinwilly · March 11, 2025, 9:53am

Sorry to object: if I plug my glinet within a corporate network (with outgoing ports blocked), it will not connect to goodcloud. So there must be some unusual ports used to access GoodCloud, but which ones ?

hecatae · March 11, 2025, 4:52pm

Here's the eu version I connect to:

12:35:46: query[A] eu.goodcloud.xyz from
12:35:46: forwarded eu.goodcloud.xyz to 9.9.9.10
12:35:46: reply d2ygakqc01hbzq.cloudfront.net is 2600:9000:20f0:3200:8:ea4d:fd80:93a1
12:35:46: reply d2ygakqc01hbzq.cloudfront.net is 2600:9000:20f0:ac00:8:ea4d:fd80:93a1
12:35:46: reply d2ygakqc01hbzq.cloudfront.net is 2600:9000:20f0:be00:8:ea4d:fd80:93a1
12:35:46: reply d2ygakqc01hbzq.cloudfront.net is 2600:9000:20f0:4200:8:ea4d:fd80:93a1
12:35:46: reply d2ygakqc01hbzq.cloudfront.net is 2600:9000:20f0:aa00:8:ea4d:fd80:93a1
12:35:46: reply d2ygakqc01hbzq.cloudfront.net is 2600:9000:20f0:7a00:8:ea4d:fd80:93a1
12:35:46: reply d2ygakqc01hbzq.cloudfront.net is 2600:9000:20f0:1600:8:ea4d:fd80:93a1
12:35:46: reply d2ygakqc01hbzq.cloudfront.net is 2600:9000:20f0:400:8:ea4d:fd80:93a1
12:35:47: reply eu.goodcloud.xyz is

it's behind cloudfront, so there's no static ip address or ports

admon · March 11, 2025, 8:07pm

Should be only https, afaik.

pokinwilly · March 11, 2025, 9:05pm

https (TCP 443) is open on this network, so there must be something else that is preventing the glinet to register... If I activate a VPN (client) on glinet for cloud connection, it will indeed connect.

admon · March 11, 2025, 9:44pm

Maybe your corporate networks forces TLS interception?

hecatae · March 11, 2025, 10:40pm

If you connect the VPN and run in SSH

netstat -tulpn

You should see all open ports and then you can check which one is connecting to goodcloud

igrvki · March 15, 2025, 11:31pm

Hello,

I've filtered my Fortinet firewall from Spain, and the device uses port TCP/18883 to display its status on the GoodCloud website and for the mobile app to work. It also uses port TCP/59127 (this could be a random port, although it seems to always appear the same in several tests).

The first port is AWS services. The second is GoodCloud. However, if you don't have access to the firewall, it'll be difficult to resolve this. It's possible that your company only allows HTTP/S.

And if you have access to the firewall, you should be able to do the same thing yourself.