gray tmobile 5g gateway port forwarding

  • 21 August 2021
  • 5 replies
  • 206 views

Badge

I recently signed up for T-mobile internet, and was disappointed that I could not even forward ssh traffic to my Asus router.   I saw that this was discussed 7 months ago in a previous thread, and hope the developers will notice this.  The speed is great, and the same as was advertised in the chat.

I would like this issue to be resolved so that I don’t need to continue with AT&T.


5 replies

Badge

I found through nmap on Linux that port 22 is definitely open for ssh traffic, but still cannot be accessed remotely.  I am using Termux and an Android phone to attempt access.

The gray router will not show which IP address is assigned to which device, so for those interested, I ran sudo nmap -sT 192.168.xx.0/24 to figure it out.

Userlevel 4
Badge +3

It is their implementation of XLAT464.

 

They aren't using anything to preserve the port assignments through their "tunnel" back into our local v4 address, breaking all manner of applications in the process.

From the introduction of RFC6877:

https://datatracker.ietf.org/doc/html/rfc6877 

"This document describes an IPv4-over-IPv6 solution as one of the techniques for IPv4 service extension and encouragement of IPv6 deployment. 464XLAT is not a one-for-one replacement of full IPv4 functionality.  The 464XLAT architecture only supports IPv4 in the client-server model, where the server has a global IPv4 address. This means it is not fit for IPv4 peer-to-peer communication or inbound IPv4 connections. 464XLAT builds on IPv6 transport and includes full any-to-any IPv6 communication."

 

Some people have been successful restoring SOME functionality through VPN's, but it is limited and hit and miss.  Some providers will allow you to reserve a public v4 IP and assign a few ports for forwarding, but it costs extra to do so.  May not be worth it in the end.

 

I was able to set up v6 passthrough on my Asus with my Askey LTE modem (their older one).  In theory, that may allow more things to work--provided the applications/devices in play are v6 capable/aware.

 

They really didn't plan this service out well... designed more for the casual user.  Don't think they even thought about people who use their internet beyond casual browsing and streaming video.

 

Without some form of major overhaul to their topology to more properly address the dual stack scenario...  many are kinda screwed for now.

Badge

Thank you for your level of detail.  I was hoping that this would work out, because the bandwidth speeds are much better for the price, compared to AT&T. 

 

For reference:

Hardware Version:
3TG00739AAAB
Software Version:
1.2003.03.0178

bump

I got this service as a backup for my main home internet since I work from home. Part of my job I ssh port 22 into multiple network elements all day. When I needed to use this the other day that's when I found out ssh not working. Such a shame plan on returning back 

Reply