Org blocks port 53 traffic to 1.1.1.1, has made WARP unusable

coloradosjones · August 30, 2023, 5:04pm

My organization recently began blocking port 53 traffic to Cloudflare. This seems to have rendered WARP unusable. Is there any way to get around this?

A few simple nmap scans to 1.1.1.1 from within my org’s network show this:

Starting Nmap 7.80 ( https://nmap.org ) at 2023-08-30 11:02 MDT
Nmap scan report for one.one.one.one (1.1.1.1)
Host is up (0.0096s latency).
Not shown: 995 filtered ports
PORT     STATE SERVICE
80/tcp   open  http
443/tcp  open  https
1720/tcp open  h323q931
8080/tcp open  http-proxy
8443/tcp open  https-alt

Nmap done: 1 IP address (1 host up) scanned in 4.88 seconds```

```$ nmap -p 53 1.1.1.1
Starting Nmap 7.80 ( https://nmap.org ) at 2023-08-30 11:02 MDT
Nmap scan report for one.one.one.one (1.1.1.1)
Host is up (0.012s latency).

PORT   STATE    SERVICE
53/tcp filtered domain

Nmap done: 1 IP address (1 host up) scanned in 0.25 seconds```

nwbonjour · September 6, 2023, 7:27pm

In the Warp client, have you tried changing the DNS option to “DNS over HTTPS”? This may not work if your org has also blocked TCP port 443 to 1.1.1.1.

coloradosjones · September 7, 2023, 1:43pm

My org hasn’t blocked TCP 443 to 1.1.1.1 but changing DNS to DoH didn’t solve the issue. I think there is some communication to port 53 that WARP can’t function without.