Got T-Mobile 5G Home Internet
-
@stephenw10 said in Got T-Mobile 5G Home Internet:
to use some external static server that both pfSense and external client connect to.
This is what I am realizing...one thing I noticed checking the supposed T-Mobile gateway out is that I am given both IPv6 and IPv4 address...what a great way to brush away my IPv6 mental resistance despite my stomach protesting dual stack...
pfSense+ 23.09 Lenovo Thinkcentre M93P SFF Quadcore i7 dual Raid-ZFS 128GB-SSD 32GB-RAM PCI-Intel i350-t4 NIC, -Intel QAT 8950.
pfSense+ 23.09 VM-Proxmox, Dell Precision Xeon-W2155 Nvme 500GB-ZFS 128GB-RAM PCIe-Intel i350-t4, Intel QAT-8950, P-cloud. -
Ha. Well if they give you a public IPv6 that solves the problem. Mostly at least.
Of course it won't work if you're trying to connect from somewhere that doesn't have IPv6....
-
IPv6 is where the world is moving to, so you might as well get used to it. I've had it for almost 13 years.
I don't know what T-Mobile hands out, but I get 2^72 addresses from my ISP. This seems to be fairly typical.
-
Back when I used a tunnel to get IPv6, I set up my notebook to get a single address, as well as the /56 on my home network. I wonder if he.net offers something similar, so that you can access IPv6 over IPv4.
-
Yup, you could probably do that if you had to. I can pretty much guaranty that if you're using remote access OpenVPN then at some point you're going to end up trying to connect back from somewhere that's IPv4 only.
-
It all depends also where are you living!
In Germany you could get a Fritz!Box LTE router that is
able to use with T-mobile, they have a choice (service)
that is called My!Fritz so you may able to connect to
the inside of your network with VPN then.The second chance is you get a small business contract
from them (T-Mobile) with an static public IP address
and all is fine for you and the vpn.The third way may be more independent from all others but you must set up a so called "jump host" elsewhere in the internet and over that host you "vpn" home.
-
Here is an interesting statement from my SIP service provider, Voip.ms: "The SIP request would come from a public IP address and port assigned to your modem from the ISP side. There's no issue when using cg-NAT with our service as most of our residential internet users are behind a cg-NAT."
Are they blowing smoke up my rare end?
pfSense+ 23.09 Lenovo Thinkcentre M93P SFF Quadcore i7 dual Raid-ZFS 128GB-SSD 32GB-RAM PCI-Intel i350-t4 NIC, -Intel QAT 8950.
pfSense+ 23.09 VM-Proxmox, Dell Precision Xeon-W2155 Nvme 500GB-ZFS 128GB-RAM PCIe-Intel i350-t4, Intel QAT-8950, P-cloud. -
@nollipfsense Connections out to a service don't matter. Connections in to you do matter. So it depends on what connects to whom. We're a 3CX partner and the connection is made from 3CX out to the SIP provider.
*rear ;)
Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
When upgrading, allow 10-15 minutes to reboot, or more depending on packages, and device or disk speed.
Upvote ๐ helpful posts! -
Mmm, if you have external VoIP phones connecting to your PBX behind the CG-NAT that's going to fail.
-
@steveits said in Got T-Mobile 5G Home Internet:
@nollipfsense Connections out to a service don't matter. Connections in to you do matter. So it depends on what connects to whom. We're a 3CX partner and the connection is made from 3CX out to the SIP provider.
*rear ;)
If you are using a PBX appliance it would be perhaps good
to place them in a DMZ. Or plain a switch where the phones
will be connected. Will this solve the problem? -
@stephenw10 Yes but phones connecting out to "the cloud" would succeed. Looks like VoIP.ms has both services.
-
@nollipfsense said in Got T-Mobile 5G Home Internet:
Are they blowing smoke up my rare end?
Maybe it needs to be cooked a bit longer.
In order to use VoIP behind NAT, STUN is used. This provides the public address of wherever you hit the Internet. Also, I don't know that most residential users are behind CGNAT, though many are. Cell network connections usually are.
