Press J to jump to the feed. Press question mark to learn the rest of the keyboard shortcuts
46

Strange network request from a client

Hi everyone,

I work at a place that provides office space for small companies. I have a broker asking for my company to assign a public IP to a device for about 3 times the amount we normally charge. The person we have been in touch with claims to not know what exactly this device will be doing other than the following explanation:

"My understanding is that it is primarily ping / tracert data between the network of these, with the data being aggregated (loss at certain network hops,etc). ... The WAN device is a Meraki Z3 (acting as the firewall / gateway), with a POE powered UBNT edge router fastened to the top of the meraki. My limited tech understanding is that they used to do this with the UBNT devices only, but they have been using the additional of the merki simple because of the easy of remote management / alerting."

We allow firewalls and devices all the time for companies to hook up with their company networks, but this person hasn't been very forthcoming with the purpose of this type of setup. The other twist is that it's for a company that doesn't even have permanent space here. It's just all sorts of confusing... can anyone glean what this type of setup might be doing or am I just being paranoid because of lack of knowledge? I'm fine with hosting, it's just that there are some conflicts of interest and the conversation and other prior conversations have rubbed me the wrong way.

Thanks in advance!

24 comments
88% Upvoted
What are your thoughts? Log in or Sign uplog insign up

"...Meraki’s proven and highly scalable Auto VPN technology, administrators can deploy network services and remote endpoints with automatic, zero-touch provisioning"...
Two routers with a VPN gateway for a tenant who isn't using the physical space...hmmmmm, what could I possibly do with this? I don't think you are being paranoid enough.

basically treat it as a tor exit node.

Agreed. If they're not going to pony-up what it is and keep playing evasive, assume it's something like this. Subsequently refuse it.

SUN cert network admin. showing my age
15 points · 1 day ago

Isn't there some cookie cutter legal waiver available to insulate you from risk? Get them on their own line, so if there's blow back it doesn't affect your other clients, and charge them 5x the normal rate. Because, really, who cares?

This guy does business.

Original Poster1 point · 1 day ago

We’re only talking $100/mo here to host his setup so that would be tough. I’m more concerned with actually knowing what this device is doing. Is this setup even fully complete? A gateway and a router and no 3rd device?

They don’t even have space here or do business in my state so there wouldn’t be someone in my center actually hooking into it locally to tunnel out. So that’s what’s so confusing.

Every other setup of this nature has someone taking an office and they need to tunnel back to their company’s network to do part of their job. That’s not the case here.

He also suggests its to monitor the last leg/mike of networks. But why would they in a state they aren’t physically in. Or if this is for a larger company they are doing on behalf for then why is that information even needed or worth the $100/mo? Nothing adds up so it gives me pause.

SUN cert network admin. showing my age
9 points · 1 day ago

It's really none of your business what he does in his business.

Just CYA, take the money, give the FBI/NSA a heads up and stop worrying about it.

For $100 a month this isnt even worth the time you've wasted talking to them.

Unless you are sniffing your other customers' traffic, you don't really know what they are doing either. This company in question could have just as easily said 'we're planning on expanding in the near future and we have only budgeted step 1 so far'. As long as you don't have explicit proof that they're engaging in clearly illegal activity (hosting child porn, human trafficking, etc.) you have no reason to be concerned about what they 'might' be doing.

14 points · 1 day ago

Uhh, hell no.

11 points · 1 day ago

Well the trusting explanation would be that the client is monitoring internet health as a whole to try to identify providers doing shady things like Comcast intentionally making their peering connections congested to keep Netflix from hammering their last mile nodes so bad. The not so trusting explanation is that they're wanting to use your connection as a way to anonymize their traffic for whatever reasons, which usually aren't good but might be somewhat innocent and probably not outright illegal.

Original Poster1 point · 1 day ago

So with just those 2 pieces of equipment, they would accomplish what he’s suggesting? I am assuming there has to be something plugged up behind the gateway and the router to actually perform. Your thoughts? I just don’t understand wanting to check last leg connections in a state that you aren’t even located in and have no physical presence.

3 points · 1 day ago · edited 1 day ago

If you're hosting some sort of service you'll want a wide variety of measurement points to see if some area for some reason is not getting what they're supposed to get and that way your monitoring won't be affected by local outages either.

They also don't need any other equipment, they can tunnel traffic remotely to the units with the traffic seemingly exiting from that address. For monitoring purposes they could even run some software/scripts on the edgerouter itself

2 points · 1 day ago

Think of the EdgeRouter as more of a small Linux server than a typical router. It can absolutely do all of that on it's own.

12 points · 1 day ago

You service small companies? They don't look like a small company. They don't look like a legitimate business at all. If they did, they would go to a datacenter or something.

Original Poster1 point · 1 day ago

We service all sizes but mostly small businesses. Several Fortune 500’s so this is out of the norm. However, everyone else is very forthcoming. There is also a conflict of interest as we are competing in the same industry but they also bring us business and profit share. It’s a real big mess to explain that relationship and how everything works with them. The guy is the CFO so he should at least know the true purpose (which he doesn’t seem to want to share) and the tech setup doesn’t seem complete (surely there is a 3rd piece of equipment that is the true heart of the desired service). Our IT team also gave us red flags and they know our previous setups in and out. So, yeah.

3 points · 1 day ago · edited 1 day ago

If you've ever read Escape! from the "I, Robot" collection, this sounds similar in that it seems like a competitor may be setting you up to do something they wouldn't do themselves.

5 points · 1 day ago

Are you an isp? If not I would have them buy a separate circuit for their needs.

4 points · 2 days ago

I'm so confused, can anyone explain?

38 points · 2 days ago · edited 2 days ago

Original poster works at a place that provides office space for small companies.

Customer wishes to place some network gear in his office, but can not explain what the equipment will be used for. They will not occupy any physical space in any building, they just want to drop a router and a vpn device and get a public ip address from them.

They are unable to explain what they intend to do with this internet connection.

They are willing to pay three times the normal rate to put this in.

Assumption being they intend to use it as either a spam gateway or tor exit. (dark web.. which I hate that term but it applies).

In any event, there does not appear to be a very reasonable explanation for their request - and the complete lack of the requesting parties ability to answer simple questions about the setup make it sound dubious, and likely to be used for no good.

Now, poster's company would not reasonably be liable for any illegal activities from this. But I imagine dmca takedown requests, criminal investigations, public ip blacklisting should be expected. He would be well suited to simply decline the request and avoid the headache.

Original Poster4 points · 1 day ago

I know this company well enough to understand what I think they might be setting up, but you hit the nail on the head. The either intentional or unintentional lack of knowledge when I have pressed this person 3 times now is so unsettling. He seems to have a pretty good understanding of networking while simultaneously stating he’s no expert.

Not to mention this person is a CFO so he surely knows the purpose of this business arrangement. But he has been evasive and keeps holding the “I’m just trying to get your center some extra revenue” as if that’s the most important thing.

We do this setup for all sorts of clients and they are VERY forthcoming with the purpose and can go into detail (connecting their employee into their network). But that is always for people who are physically at my space.

These guys don’t have anyone with permanent space and not to mention we are partners but also in a way competing (they broker normal business to us and need us as their brick and mortar, so there’s profit sharing).

They could be wanting to host a SIP server, a telephone system, a server of some kind, but they won’t say. So that’s truly what gives me pause especially considering our relationship is suppose to be a partnership not “hey, another $100/mo randomly, but I’m not going to specifically tell you why”

2 points · 1 day ago

Nobody would legitimately host a server in random office space they had no intention of physically using. That stuff belongs in a colo or in the cloud.

call the FBI.

2 points · 1 day ago

They probably have tons of them and use them as proxy hops.

Community Details

123k

Subscribers

719

Online

###Enterprise Networking Routers, switches and firewalls. Network blogs, news and network management articles. Cisco, Juniper, Brocade and more all welcome.

Create Post
r/networking Rules
1.
Rule #1: No Home Networking.
2.
Rule #2: No Certification Brain Dumps / Cheating.
3.
Rule #3: No BlogSpam / Traffic re-direction.
4.
Rule #4: No Low Quality Posts.
5.
Rule #5: No Early Career Advice.
6.
Rule #6: Educational Questions must show effort.
Cookies help us deliver our Services. By using our Services or clicking I agree, you agree to our use of cookies. Learn More.