Forum Discussion
DNS Blocking on T-Mobile Gateway, Gateway Refuses to Accept Connection
Have been having issues lately and did some deep trouble-shooting today.
All the usual trouble shooting, restart reboot gate way, reboot router, reset gateway, reset router, unplug devices, etc…
Found the issue was the gateway kept reporting it was connected but the router which is wired directly to the gateway said there was no connection.
I normally use an alternative dns provider for everything, as the ISP provided dns is slow and insecure subject to dns jacking.
As soon as I switch the router to use the ISP Provided dns from the gateway it connected perfectly, devices that were manually configured with the alternative dns on their interfaces still couldn’t connect though.
Switching these devices to the ISP Provided dns solved their issue as well.
Only thing that is working with the alternative dns without issue is the Secure DNS protocol which appears to be immune to what ever is going on with the t-mobile ISP.
I don’t know if this is a bug or a feature in t-mobile’s book or this is due to their main internet gateway provider somehow getting jacked.
- coreyzevNetwork Novice
I have learned that tmobile through the gateway (nokia at least) forces ipv6 pretty much. So by setting my ping ips to ipv6 i’ve solved most of the problems I was having.
for cloudflare’s 1.1.1.1 & 1.0.0.1 :
- 2606:4700:4700::1111
- 2606:4700:4700::1001
- DrLipSyncherTransmission Trainee
We don’t have all the same gateways, I can see the wider network is in ipv6 and so is the dns, but my gateway is only ipv4
- tswalkerTransmission Trainee
One problem here is that we are only getting a /64 prefix for IPV6 from them… when we need more in reality.
I don’t think they thought we would have our own routers connected to the modem… we should be able to make prefix requests to segment our own IPv6 for home networks with VLANs.
and yes, we get IPv6 addresses provided by the network.. but only /64 (single segment)
- HenrickTheBullRoaming Rookie
DrLipSyncher wrote:
Check to make sure you are using their dns to start with before you initiate the vpn connection. I am using a software based vpn and it connects without issue.
If you are using a hardware appliance vpn, it might be hardcoded to use another dns (which should be a feature) so you will have to check the manual to modify the configuration to get it to work.
Once you establish the vpn connection you will be good, yes they can block it but it is unlikely as many people have these vpns to connect for work and many employers even ship vpn appliances to employees to enable them to have many company devices all separated out from the employee’s home network.
If they had messed with this, now they would get businesses and some of their biggest corporate patrons upset.
They actually told me on the phone IPSec and IKEV are not supported on their Dual-Stack system. Also I discovered my computer is only routing IPv4 Traffic to the VPN, when I turn off IPv6 on my physical NIC then everything goes through the VPN.
It’s all kinds of shifty.
- DrLipSyncherTransmission Trainee
Check to make sure you are using their dns to start with before you initiate the vpn connection. I am using a software based vpn and it connects without issue.
If you are using a hardware appliance vpn, it might be hardcoded to use another dns (which should be a feature) so you will have to check the manual to modify the configuration to get it to work.
Once you establish the vpn connection you will be good, yes they can block it but it is unlikely as many people have these vpns to connect for work and many employers even ship vpn appliances to employees to enable them to have many company devices all separated out from the employee’s home network.
If they had messed with this, now they would get businesses and some of their biggest corporate patrons upset.
- HenrickTheBullRoaming Rookie
DrLipSyncher wrote:
Well, some others have reported that some of their devices are hard coded with other dns providers. I have a smart thermostat and who knows what else that are dead and can’t connect till either they knock it off or I figure out a good work around.
Only fool proof work around that would turn everything back on is a whole network vpn to forward all traffic.
My VPN is broken. I got it connected over PPTP but it still shows T-Mobile as my carrier and not my VPN. So Idk if that will work. Also for some reason IPSec and IKEV VPN connections are broken!?
- DrLipSyncherTransmission Trainee
Well, some others have reported that some of their devices are hard coded with other dns providers. I have a smart thermostat and who knows what else that are dead and can’t connect till either they knock it off or I figure out a good work around.
Only fool proof work around that would turn everything back on is a whole network vpn to forward all traffic.
- HenrickTheBullRoaming Rookie
Ok, got off the phone with them a while ago, the tech support people said they will be pushing out new firmware to fix the issues. But who knows when that will be.
- DrLipSyncherTransmission Trainee
HenrickTheBull wrote:
DrLipSyncher wrote:
IPv6? did you detect ipv6? I tried to detect it and didn’t.
If you go to whatsmyip.com it will show you the IPv4 and IPv6 address for your T-Mo service.
It says I am not on ip6, it only picks up a ipv6 on the local computer/network but it isn’t a valid ipv6 address for the internet
- HenrickTheBullRoaming Rookie
DrLipSyncher wrote:
IPv6? did you detect ipv6? I tried to detect it and didn’t.
If you go to whatsmyip.com it will show you the IPv4 and IPv6 address for your T-Mo service.
Related Content
- 9 months ago
- 9 months ago
- 4 months ago
- 7 months ago