Actually, from what I have written it is clear that port 4000 is not blocked. Check this out:
└─[~]> telnet rce6-1.priv 4000
Connected to rce6-1.priv.
Escape character is ‘^]’.
I can see here that rce6-1.priv:4000 (NX) is accepting connections, now I try to use openssl req to grab the cert
└─[~]>openssl s_client -connect rce6-1.priv.hmdc.harvard.edu:4000
140383579920200:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:177:
no peer certificate available
No client certificate CA names sent
SSL handshake has read 0 bytes and written 263 bytes
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
This is the weird part. Apparently it has no certificate?
I can actually use NXClient and connect directly to rce6-1.priv:4000 and achieve a session, but I am not able to –nodeadd.