Reliance jio static ip per mac address


rajil.s

Well-Known Member
Adept
Apr 19, 2011
461
95
66
45
Hello,
Is there anyway to specify a static ip address for a client on Jio2 mifi?
I want to setup few port forwarding rules to various clients connected to the mifi.
Thanks
 

vivek.krishnan

If you cant see the green dot, I'm offline :P
Veteran
Dec 18, 2009
7,533
1,708
303
Ghatkopar, Mumbai
plus.google.com
hey, I did this with a Lyf phone in USB tethering, but the IPv4 address is not accessible from outside, but IPv6 is. Just FYI.

Additionally, the ipv6 address changes every 4 hours.
 

rajil.s

Well-Known Member
Adept
Apr 19, 2011
461
95
66
45
Vivek, I was talking about the LAN side. I think you are talking about the Wan side. My intention is to port forward ssh to a LAN client. I will then setup reverse ssh to a remote server.
I can't find any setting to setup a static dhcp lease. The device is Jiofi3 JMR540
 

rajil.s

Well-Known Member
Adept
Apr 19, 2011
461
95
66
45
The JIOF3 device is picking up a private ip address (10.102.66.220) for ipv4. Seems I cant directly address the router in ipv4 space. Can i get to it using ipv6? Do i need a tunnel broker?
 

rajil.s

Well-Known Member
Adept
Apr 19, 2011
461
95
66
45
You are right. The client on the LAN side is getting an ipv6 address from the mifi device which is publicily reachable. Interestingly, the ipv6 address assigned to the mifi device is blocking ICMP replies. It is not clear to me the purpose of the port forward functionality provided though. The mifi is assigned a private ipv4 address so portforward for the ipv4 address is useless.
The mifi device is pretty locked down. I hope there are other alternate devices (usb dongle/mifi) which are able to work on reliance bands.
 

vivek.krishnan

If you cant see the green dot, I'm offline :P
Veteran
Dec 18, 2009
7,533
1,708
303
Ghatkopar, Mumbai
plus.google.com
Its blocking ICMP by default. This is true for most MiFi dongles. See if there is any firewall which needs to be disabled.

Alternatively, it will be running android, so see if you can enable shell.[DOUBLEPOST=1483184552][/DOUBLEPOST]Also, how often does the IPv6 address change?
 
Last edited:

rajil.s

Well-Known Member
Adept
Apr 19, 2011
461
95
66
45
No idea if it is an android device. The webui is pretty limited and doesnt have any firewall settings. These are the open ports
Code:
#nmap -T4 -F 192.168.225.1

Starting Nmap 7.40 ( https://nmap.org ) at 2016-12-31 09:14 CST
Host is up (0.013s latency).
Not shown: 98 closed ports
PORT  STATE SERVICE
53/tcp open  domain
80/tcp open  http

Nmap done: 1 IP address (1 host up) scanned in 1.49 seconds
 

vivek.krishnan

If you cant see the green dot, I'm offline :P
Veteran
Dec 18, 2009
7,533
1,708
303
Ghatkopar, Mumbai
plus.google.com
These ports are open from outside?[DOUBLEPOST=1483203135][/DOUBLEPOST]
No idea if it is an android device. The webui is pretty limited and doesnt have any firewall settings. These are the open ports
Code:
#nmap -T4 -F 192.168.225.1

Starting Nmap 7.40 ( https://nmap.org ) at 2016-12-31 09:14 CST
Host is up (0.013s latency).
Not shown: 98 closed ports
PORT  STATE SERVICE
53/tcp open  domain
80/tcp open  http

Nmap done: 1 IP address (1 host up) scanned in 1.49 seconds
Can you check IPv6 as well?
 

rajil.s

Well-Known Member
Adept
Apr 19, 2011
461
95
66
45
There are no open ports on the ipv6 interface. The ipv4 ports are not visible from outside.
 

bendavid

New Member
Disciple
Apr 12, 2020
3
0
1
@vivek.krishnan "You said ipv6 is accessible from outside". I don't understand how. I tried and I can't. I used a tunnel broker, but public IP (router) is blocking ICMP. So it's not possible to use tunnel broker either. Did you try? Can you access your ipv6 *from outside* ?
Thanks!
 

vivek.krishnan

If you cant see the green dot, I'm offline :P
Veteran
Dec 18, 2009
7,533
1,708
303
Ghatkopar, Mumbai
plus.google.com
@vivek.krishnan "You said ipv6 is accessible from outside". I don't understand how. I tried and I can't. I used a tunnel broker, but public IP (router) is blocking ICMP. So it's not possible to use tunnel broker either. Did you try? Can you access your ipv6 *from outside* ?
Thanks!
During the time of the original posting - I did check from Jio to Jio only, since no one else was giving IPv6 here. Recently, I and @superczar were having a discussion on improving work from home, and I remotely enabled native IPv6 on my office network, and also setup the same at home, and it was working fine as well (Airtel/Jio/BlazeNet)

If you are facing ICMP ping issues, you would not be able to setup the tunnel, as I believe it is a requirement. However, if you can share your details, we may be able to sort out your issues
 

bendavid

New Member
Disciple
Apr 12, 2020
3
0
1
During the time of the original posting - I did check from Jio to Jio only, since no one else was giving IPv6 here. Recently, I and @superczar were having a discussion on improving work from home, and I remotely enabled native IPv6 on my office network, and also setup the same at home, and it was working fine as well (Airtel/Jio/BlazeNet)

If you are facing ICMP ping issues, you would not be able to setup the tunnel, as I believe it is a requirement. However, if you can share your details, we may be able to sort out your issues
The thing I'm having is NAT444. The flow is having 3 IP addresses involved.
10.x.x.x -> 172.x.x.x -> 137.x.x.x
10.x is my local addr. 137.x is the external one. 172.x are used for ISP's internal services i believe. The thing is, I can enable inbound connection by using a Vpn tunnel or SSH. But, I don't have these both. I.e I don't have a VPS. DDNS won't work either. For setting tunnel broker, ICMP is blocked by 137.x
I used HurracineElectric. But, my ISP (jio) has given me a global ipv6. I tried to ping6 ipv6.google.com. It's not working. So that global V6 is local. I'm having ipv6 and ISP is ipv4 only? That's happening here I think.
I wonder how did you setup remote ipv6 connection? Thanks!
 
Last edited:

superczar

Well-Known Member
Veteran
Mar 17, 2005
4,479
571
202
40
If the intent is simply to allow external access to services then the easiest solution is via an external VPS and running openvpn (or similar)
I have two ISPs, primary is on CGNAT (local fiber), secondary has external ipv4 (BSNL)
I use an amazon lightsail server for VPS - the nice thing about lightsail is that the server is local (Mumbai) and thus very low latency.. The cost is around 220/- i.e. just a tad more than a bottle of beer a month in retail if that helps put it in perspective :p

RDP via lightsail (double hop) is as fast ,if not more than a single hop rdp through the BSNL connection
 
  • Like
Reactions: vivek.krishnan

bendavid

New Member
Disciple
Apr 12, 2020
3
0
1
If the intent is simply to allow external access to services then the easiest solution is via an external VPS and running openvpn (or similar)
I have two ISPs, primary is on CGNAT (local fiber), secondary has external ipv4 (BSNL)
I use an amazon lightsail server for VPS - the nice thing about lightsail is that the server is local (Mumbai) and thus very low latency.. The cost is around 220/- i.e. just a tad more than a bottle of beer a month in retail if that helps put it in perspective :p

RDP via lightsail (double hop) is as fast ,if not more than a single hop rdp through the BSNL connection
I understand it's easy! But, I like to try the hard way!;)
Post automatically merged:

If the intent is simply to allow external access to services then the easiest solution is via an external VPS and running openvpn (or similar)
I have two ISPs, primary is on CGNAT (local fiber), secondary has external ipv4 (BSNL)
I use an amazon lightsail server for VPS - the nice thing about lightsail is that the server is local (Mumbai) and thus very low latency.. The cost is around 220/- i.e. just a tad more than a bottle of beer a month in retail if that helps put it in perspective :p

RDP via lightsail (double hop) is as fast ,if not more than a single hop rdp through the BSNL connection
The question I always have is, I have a V6 address which is global. But, I can't do any ICMP V6 outbound to the internet (ipv6.google.com) Which means, this V6 address is a dummy one? If not, why it's not reachable to internet? Again, I believe the ISP is ipv4 only. If it is, I don't see the point I'm having one V6 address!
 
Last edited:

superczar

Well-Known Member
Veteran
Mar 17, 2005
4,479
571
202
40
I understand it's easy! But, I like to try the hard way!;)
Post automatically merged:



The question I always have is, I have a V6 address which is global. But, I can't do any ICMP V6 outbound to the internet (ipv6.google.com) Which means, this V6 address is a dummy one? If not, why it's not reachable to internet? Again, I believe the ISP is ipv4 only. If it is, I don't see the point I'm having one V6 address!
That shouldn't have been the case.
Simply switching to my phone hotspot (airtel) from my laptop allows me to ping any ipv6 address