Forum Discussion
DNS Blocking on T-Mobile Gateway, Gateway Refuses to Accept Connection
Have been having issues lately and did some deep trouble-shooting today.
All the usual trouble shooting, restart reboot gate way, reboot router, reset gateway, reset router, unplug devices, etc…
Found the issue was the gateway kept reporting it was connected but the router which is wired directly to the gateway said there was no connection.
I normally use an alternative dns provider for everything, as the ISP provided dns is slow and insecure subject to dns jacking.
As soon as I switch the router to use the ISP Provided dns from the gateway it connected perfectly, devices that were manually configured with the alternative dns on their interfaces still couldn’t connect though.
Switching these devices to the ISP Provided dns solved their issue as well.
Only thing that is working with the alternative dns without issue is the Secure DNS protocol which appears to be immune to what ever is going on with the t-mobile ISP.
I don’t know if this is a bug or a feature in t-mobile’s book or this is due to their main internet gateway provider somehow getting jacked.
Well, some others have reported that some of their devices are hard coded with other dns providers. I have a smart thermostat and who knows what else that are dead and can't connect till either they knock it off or I figure out a good work around.
Only fool proof work around that would turn everything back on is a whole network vpn to forward all traffic.
DrLipSyncher wrote:
Well, some others have reported that some of their devices are hard coded with other dns providers. I have a smart thermostat and who knows what else that are dead and can't connect till either they knock it off or I figure out a good work around.
Only fool proof work around that would turn everything back on is a whole network vpn to forward all traffic.
My VPN is broken. I got it connected over PPTP but it still shows T-Mobile as my carrier and not my VPN. So Idk if that will work. Also for some reason IPSec and IKEV VPN connections are broken!?
Check to make sure you are using their dns to start with before you initiate the vpn connection. I am using a software based vpn and it connects without issue.
If you are using a hardware appliance vpn, it might be hardcoded to use another dns (which should be a feature) so you will have to check the manual to modify the configuration to get it to work.
Once you establish the vpn connection you will be good, yes they can block it but it is unlikely as many people have these vpns to connect for work and many employers even ship vpn appliances to employees to enable them to have many company devices all separated out from the employee’s home network.
If they had messed with this, now they would get businesses and some of their biggest corporate patrons upset.
One problem here is that we are only getting a /64 prefix for IPV6 from them… when we need more in reality.
I don’t think they thought we would have our own routers connected to the modem… we should be able to make prefix requests to segment our own IPv6 for home networks with VLANs.
and yes, we get IPv6 addresses provided by the network.. but only /64 (single segment)
We don’t have all the same gateways, I can see the wider network is in ipv6 and so is the dns, but my gateway is only ipv4
I have learned that tmobile through the gateway (nokia at least) forces ipv6 pretty much. So by setting my ping ips to ipv6 i've solved most of the problems I was having.
for cloudflare’s 1.1.1.1 & 1.0.0.1 :
- 2606:4700:4700::1111
- 2606:4700:4700::1001
