Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Got T-Mobile 5G Home Internet

    Scheduled Pinned Locked Moved General pfSense Questions
    21 Posts 6 Posters 4.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • NollipfSenseN
      NollipfSense @stephenw10
      last edited by

      @stephenw10 said in Got T-Mobile 5G Home Internet:

      to use some external static server that both pfSense and external client connect to.

      This is what I am realizing...one thing I noticed checking the supposed T-Mobile gateway out is that I am given both IPv6 and IPv4 address...what a great way to brush away my IPv6 mental resistance despite my stomach protesting dual stack...

      pfSense+ 23.09 Lenovo Thinkcentre M93P SFF Quadcore i7 dual Raid-ZFS 128GB-SSD 32GB-RAM PCI-Intel i350-t4 NIC, -Intel QAT 8950.
      pfSense+ 23.09 VM-Proxmox, Dell Precision Xeon-W2155 Nvme 500GB-ZFS 128GB-RAM PCIe-Intel i350-t4, Intel QAT-8950, P-cloud.

      JKnottJ 1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        Ha. Well if they give you a public IPv6 that solves the problem. Mostly at least.

        Of course it won't work if you're trying to connect from somewhere that doesn't have IPv6....

        JKnottJ 1 Reply Last reply Reply Quote 0
        • JKnottJ
          JKnott @NollipfSense
          last edited by

          @nollipfsense

          IPv6 is where the world is moving to, so you might as well get used to it. I've had it for almost 13 years.

          I don't know what T-Mobile hands out, but I get 2^72 addresses from my ISP. This seems to be fairly typical.

          PfSense running on Qotom mini PC
          i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
          UniFi AC-Lite access point

          I haven't lost my mind. It's around here...somewhere...

          1 Reply Last reply Reply Quote 0
          • JKnottJ
            JKnott @stephenw10
            last edited by

            @stephenw10

            Back when I used a tunnel to get IPv6, I set up my notebook to get a single address, as well as the /56 on my home network. I wonder if he.net offers something similar, so that you can access IPv6 over IPv4.

            PfSense running on Qotom mini PC
            i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
            UniFi AC-Lite access point

            I haven't lost my mind. It's around here...somewhere...

            1 Reply Last reply Reply Quote 0
            • stephenw10S
              stephenw10 Netgate Administrator
              last edited by

              Yup, you could probably do that if you had to. I can pretty much guaranty that if you're using remote access OpenVPN then at some point you're going to end up trying to connect back from somewhere that's IPv4 only.

              1 Reply Last reply Reply Quote 0
              • Dobby_D
                Dobby_
                last edited by

                It all depends also where are you living!

                In Germany you could get a Fritz!Box LTE router that is
                able to use with T-mobile, they have a choice (service)
                that is called My!Fritz so you may able to connect to
                the inside of your network with VPN then.

                The second chance is you get a small business contract
                from them (T-Mobile) with an static public IP address
                and all is fine for you and the vpn.

                The third way may be more independent from all others but you must set up a so called "jump host" elsewhere in the internet and over that host you "vpn" home.

                #~. @Dobby

                Turris Omnia - 4 Ports - 2 GB RAM / TurrisOS 7 Release (Btrfs)
                PC Engines APU4D4 - 4 Ports - 4 GB RAM / pfSense CE 2.7.2 Release (ZFS)
                PC Engines APU6B4 - 4 Ports - 4 GB RAM / pfSense+ (Plus) 24.03_1 Release (ZFS)

                1 Reply Last reply Reply Quote 0
                • NollipfSenseN
                  NollipfSense
                  last edited by

                  Here is an interesting statement from my SIP service provider, Voip.ms: "The SIP request would come from a public IP address and port assigned to your modem from the ISP side. There's no issue when using cg-NAT with our service as most of our residential internet users are behind a cg-NAT."

                  Are they blowing smoke up my rare end?

                  pfSense+ 23.09 Lenovo Thinkcentre M93P SFF Quadcore i7 dual Raid-ZFS 128GB-SSD 32GB-RAM PCI-Intel i350-t4 NIC, -Intel QAT 8950.
                  pfSense+ 23.09 VM-Proxmox, Dell Precision Xeon-W2155 Nvme 500GB-ZFS 128GB-RAM PCIe-Intel i350-t4, Intel QAT-8950, P-cloud.

                  S JKnottJ 2 Replies Last reply Reply Quote 0
                  • S
                    SteveITS Galactic Empire @NollipfSense
                    last edited by

                    @nollipfsense Connections out to a service don't matter. Connections in to you do matter. So it depends on what connects to whom. We're a 3CX partner and the connection is made from 3CX out to the SIP provider.

                    *rear ;)

                    Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
                    When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
                    Upvote ๐Ÿ‘ helpful posts!

                    Dobby_D 1 Reply Last reply Reply Quote 1
                    • stephenw10S
                      stephenw10 Netgate Administrator
                      last edited by

                      Mmm, if you have external VoIP phones connecting to your PBX behind the CG-NAT that's going to fail.

                      S 1 Reply Last reply Reply Quote 0
                      • Dobby_D
                        Dobby_ @SteveITS
                        last edited by

                        @steveits said in Got T-Mobile 5G Home Internet:

                        @nollipfsense Connections out to a service don't matter. Connections in to you do matter. So it depends on what connects to whom. We're a 3CX partner and the connection is made from 3CX out to the SIP provider.

                        *rear ;)

                        If you are using a PBX appliance it would be perhaps good
                        to place them in a DMZ. Or plain a switch where the phones
                        will be connected. Will this solve the problem?

                        #~. @Dobby

                        Turris Omnia - 4 Ports - 2 GB RAM / TurrisOS 7 Release (Btrfs)
                        PC Engines APU4D4 - 4 Ports - 4 GB RAM / pfSense CE 2.7.2 Release (ZFS)
                        PC Engines APU6B4 - 4 Ports - 4 GB RAM / pfSense+ (Plus) 24.03_1 Release (ZFS)

                        1 Reply Last reply Reply Quote 0
                        • S
                          SteveITS Galactic Empire @stephenw10
                          last edited by

                          @stephenw10 Yes but phones connecting out to "the cloud" would succeed. Looks like VoIP.ms has both services.

                          Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
                          When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
                          Upvote ๐Ÿ‘ helpful posts!

                          1 Reply Last reply Reply Quote 1
                          • JKnottJ
                            JKnott @NollipfSense
                            last edited by

                            @nollipfsense said in Got T-Mobile 5G Home Internet:

                            Are they blowing smoke up my rare end?

                            Maybe it needs to be cooked a bit longer. ๐Ÿ˜‰

                            In order to use VoIP behind NAT, STUN is used. This provides the public address of wherever you hit the Internet. Also, I don't know that most residential users are behind CGNAT, though many are. Cell network connections usually are.

                            PfSense running on Qotom mini PC
                            i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
                            UniFi AC-Lite access point

                            I haven't lost my mind. It's around here...somewhere...

                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.