Firewalls stopped sending RST packets (or any other kind of error) by default on all ports more than a decade ago. This is great for Internet-facing security, but has converted from easily diagnosed instant failures on internal networks to 30 second timeouts... which are indistinguishable from "host is down".
Don't worry! Just ping the host... err... can't do that either because of overly paranoid admins like you mentioned.
Next, spend a week trying to figure out why packets seem to go only one way through a cloud VPN only to discover that Path MTU Discovery uses ICMP and without which VPNs are basically broken.
Firewalls stopped sending RST packets (or any other kind of error) by default on all ports more than a decade ago. This is great for Internet-facing security, but has converted from easily diagnosed instant failures on internal networks to 30 second timeouts... which are indistinguishable from "host is down".
Don't worry! Just ping the host... err... can't do that either because of overly paranoid admins like you mentioned.
Next, spend a week trying to figure out why packets seem to go only one way through a cloud VPN only to discover that Path MTU Discovery uses ICMP and without which VPNs are basically broken.
Fun.