Forum Discussion
DNS Blocking on T-Mobile Gateway, Gateway Refuses to Accept Connection
Have been having issues lately and did some deep trouble-shooting today.
All the usual trouble shooting, restart reboot gate way, reboot router, reset gateway, reset router, unplug devices, etc…
Found the issue was the gateway kept reporting it was connected but the router which is wired directly to the gateway said there was no connection.
I normally use an alternative dns provider for everything, as the ISP provided dns is slow and insecure subject to dns jacking.
As soon as I switch the router to use the ISP Provided dns from the gateway it connected perfectly, devices that were manually configured with the alternative dns on their interfaces still couldn’t connect though.
Switching these devices to the ISP Provided dns solved their issue as well.
Only thing that is working with the alternative dns without issue is the Secure DNS protocol which appears to be immune to what ever is going on with the t-mobile ISP.
I don’t know if this is a bug or a feature in t-mobile’s book or this is due to their main internet gateway provider somehow getting jacked.
- HenrickTheBullRoaming Rookie
I actually noticed this myself. My Apple TV was using the Cloudflare DNS 1.1.1.1 and it's been blocked, my dad's Chromecast uses Google's own 8.8.4.4 and 8.8.8.8 DNS servers and it can't connect to ANYTHING and I can't change the DNS on the Chromecast. I also had nothing but issues from my Desktop (Windows and Linux), Laptop (Linux), and Tablet (Linux). Until I changed off the Cloudflare DNS to Automatic DNS.
- HenrickTheBullRoaming Rookie
Ok, got off the phone with them a while ago, the tech support people said they will be pushing out new firmware to fix the issues. But who knows when that will be.
- HenrickTheBullRoaming Rookie
DrLipSyncher wrote:
Check to make sure you are using their dns to start with before you initiate the vpn connection. I am using a software based vpn and it connects without issue.
If you are using a hardware appliance vpn, it might be hardcoded to use another dns (which should be a feature) so you will have to check the manual to modify the configuration to get it to work.
Once you establish the vpn connection you will be good, yes they can block it but it is unlikely as many people have these vpns to connect for work and many employers even ship vpn appliances to employees to enable them to have many company devices all separated out from the employee’s home network.
If they had messed with this, now they would get businesses and some of their biggest corporate patrons upset.
They actually told me on the phone IPSec and IKEV are not supported on their Dual-Stack system. Also I discovered my computer is only routing IPv4 Traffic to the VPN, when I turn off IPv6 on my physical NIC then everything goes through the VPN.
It’s all kinds of shifty.
- DrLipSyncherTransmission Trainee
Good News everyone! secure dns is coming to windows 10, it is available on beta builds now.
https://lifehacker.com/how-to-turn-on-dns-over-https-for-all-apps-in-windows-1-1843544589
- DrLipSyncherTransmission Trainee
Yep, I was trying to think of an innocent answer to this problem.
Just maybe they have t-mobile using a private dns for name translation for servers needed to connect on the t-mobile network and since other dns providers don’t have the ability to translate these names into an ip address the connection fails.
If so, who ever set this up failed to realize how badly they had broken everyone’s internet connection.
- djb14336Bandwidth Buddy
Basicslly, they need to fix the dual-stack problem.
Trying to force everything across an IPv6 only network just ramps up the complexity... don't think they were quite ready for primetime with this.
- HenrickTheBullRoaming Rookie
I've been on the phone with them a couple times to complain about the dual-stack issue. I'm on the phone again right now and I've been subjected to 30 minutes of silent hold so far. I'm about to call up Verizon and see about their fixed wireless home internet service.
- DrLipSyncherTransmission Trainee
djb14336 wrote:
Basicslly, they need to fix the dual-stack problem.
Trying to force everything across an IPv6 only network just ramps up the complexity... don't think they were quite ready for primetime with this.
IPv6? did you detect ipv6? I tried to detect it and didn't.
- HenrickTheBullRoaming Rookie
DrLipSyncher wrote:
IPv6? did you detect ipv6? I tried to detect it and didn't.
If you go to whatsmyip.com it will show you the IPv4 and IPv6 address for your T-Mo service.
- DrLipSyncherTransmission Trainee
HenrickTheBull wrote:
DrLipSyncher wrote:
IPv6? did you detect ipv6? I tried to detect it and didn't.
If you go to whatsmyip.com it will show you the IPv4 and IPv6 address for your T-Mo service.
It says I am not on ip6, it only picks up a ipv6 on the local computer/network but it isn’t a valid ipv6 address for the internet
Contenido relacionado
- Hace 8 meses
- Hace 8 meses
- Hace 3 años
- Hace 2 años