Recently, it’s said that the Chinese Government will require commercial Chinese ISPs to block TCP ports 80, 8080, and 443 by January 11, 2018. If the news is true, this policy will have profound impact on businesses relying on Internet VPN or SD-WAN access within China.
*Port 80 is of course the TCP port commonly used for carrying HTTP traffic; 8080 and 443 are used for carrying HTTPS traffic. Commercial ISP customers interested in maintaining access to those ports must register or apply to re-open the port through their local ISP.
Here’s a translation of the text from Chinese government describing the policy↓↓↓
And the original Chinese
New regulations block VPNs access?
Millions of Internet users relied on virtual private networks (VPNs) to circumvent the Chinese censorship system, dubbed the Great Firewall of China. In the past, VPNs have worked intermittently but were invariably blocked, forcing users to jump to another VPN.
Crackdowns on accessing the Internet beyond the Great Firewall — the world’s most sophisticated state-censorship operation, employs at least 2 million online censors. But this news highlights how the world’s second largest economy is struggling to balance authoritarianism with its business leadership aspirations.
Strict new cybersecurity law came into effect in June?
In addition, there is news that strict new cybersecurity law came into effect in June. In July China Telecom, the nation’s biggest Internet service provider, sent a letter to corporate clients that said in future, VPNs would only be allowed to connect to a company’s headquarters abroad then.
There are many SD-WAN and meshed VPN installations in China today that leverage the lower internet costs within China, using a lesser number of MPLS circuits to reach data centers outside of the country. If so, these circuits will fail to pass traffic on January 10th, unless the enterprise register with their local ISPs.
Of the SD-WAN service providers most likely to be impacted by these changes, Aryaka and Cato Networks come to mind. SD-WAN providers generally provide appliances that rely on the provided transport.
No Ban on VPNs actually!
However, China Telecom staff denied on Monday ever receiving any notice to block private virtual private networks (VPNs) after media reports saying a ban will take place on Thursday.
“It’s strange because we didn’t ever receive such a notice banning access to VPNs.”
“I can firmly confirm with you that no such notice has been received up to now.” Many employees from China Telecom customer service said.
A website under the International Data Group published a report on Friday saying that China was going to block SD-WAN and VPN traffic, which would have a “profound impact on businesses relying on Internet VPN or SD-WAN access within China.”
All basic telecommunication firms and internet access service providers are barred from setting up or renting special lines including VPNs for cross-border operations without government approval, according to a regulation issued by the Ministry of Industry and Information Technology (MIIT) in January 2017.
The rules target companies and individuals without approvals from telecommunication regulators who conduct illegal cross-border operations by renting special lines including VPNs.
Source: networkworld
HACOS,Business Services Solutions Master