Information concerning Comcast

When connecting via the Comcast "xfinity" wifi hotspot service, you may notice that it often blocks the PPTP VPN protocol (apparently by blocking Generic Routing Encapsulation (GRE), see here, due to the fact that many Comcast customers still have the old Comcast-provided routers which use crippled firmware which mistakenly blocks the GRE traffic).

If your VPN provider supports OpenVPN you could use it instead, as it is currently not blocked by any of these deficient Comcast routers, and allows download speeds of around 3 megabytes per second over wifi. If you are using Apple OSX, there is even a convenient package called Tunnelblick that you can use to configure OpenVPN very easily.

The Microsoft PPTP VPN protocol uses TCP Port number 1723 and IP Protocol number 47 Generic Routing Encapsulation (GRE). Note that PPTP is much less secure than OpenVPN, and Microsoft have implemented the proprietary SSTP protocol as a replacement (that protocol is not available on Apple machines, though).

A PPTP tunnel is instantiated by communication to the peer on TCP port 1723. This TCP connection is then used to initiate and manage a Generic Routing Encapsulation (GRE) tunnel to the same peer. The PPTP GRE packet format is non-standard, including a new acknowledgement number field replacing the typical routing field in the GRE header. However, as in a normal GRE connection, those modified GRE packets are directly encapsulated into IP packets, and seen as IP protocol number 47. The GRE tunnel is used to carry encapsulated PPP packets, allowing the tunnelling of any protocols that can be carried within PPP, including IP.

If you're having trouble getting OpenVPN to work remember that the MTU on xfinitywifi has been decreased to around 1300 bytes, so using a higher MTU would no longer work properly.

On Apple OSX there's a convenient utility nettop that can display the network traffic. Using is nettop -m route and pressing c to collapse the display is a quick way to see which interface is being used for network traffic.