I’ve been using T-Mobile for a while, but as of more recently have been trying to get VPN working properly over the their “VPN” GPRS service. The odd part about it is that it’s not actually listed on their web site and nobody seems to know about what it actually does. I attempted to call their customer support to answer this question, but ran into a brick wall. The customer service folks seemed to think that only the NOC would have that information. It’s not that hard to find the NOC from their IP space:
OrgName: T-Mobile USA OrgID: TMOBI Address: 12920 SE 38th Street City: Bellevue StateProv: WA PostalCode: 98027 Country: US NetRange: 184.108.40.206 - 220.127.116.11 CIDR: 18.104.22.168/17, 22.214.171.124/19 NetName: TMO2 NetHandle: NET-208-54-0-0-1 Parent: NET-208-0-0-0-0 NetType: Direct Allocation NameServer: WEST1.JMRTECH.NET NameServer: EAST1.JMRTECH.NET NameServer: WEST2.JMRTECH.NET NameServer: EAST2.JMRTECH.NET Comment: RegDate: Updated: 2003-03-23 OrgTechHandle: DNSAD11-ARIN OrgTechName: DNS Administrators OrgTechPhone: +1-888-662-4662 OrgTechEmail: firstname.lastname@example.org
I normally don’t make it a policy of calling random NOC’s since they don’t tend to take kindly to calls, but what’s the worse that could happen? After explaining my situation and asking for help, my reply was something similar to “I don’t know where you go this number, but you’re going to have to talk to customer service for that. Have a nice evening.”
Maybe we can figure out something with port scanning, since I do have a public IP.
The first thing I checked out was to see whether or not they appeared to be filtering GRE, which would break the Microsoft PPTP VPN:
(The 255 protocols scanned but not shown below are in state: open|filtered) PROTOCOL STATE SERVICE 55 filtered mobile
/etc/protocols has this to say about it:
mobile 55 MOBILE # IP Mobility
It’s not surprising that they’d filter port 55 since that could be used to muck with T-Mobile’s network when crossing subnets. Protocol 47, or GRE, seems to be accessible incoming.
What about a UDP Scan on interesting ports?
All 1478 scanned ports are: open|filtered Nmap run completed – 1 IP address (1 host up) scanned in 297.953 seconds
Running a simple SYN TCP scan tells us the following:
All 1663 scanned ports are: filtered Nmap run completed – 1 IP address (1 host up) scanned in 335.872 seconds
Well then. I suppose that answers my question. I guess it’s not too surprising that I can’t run services on my public IP on T-Mobile. On the other hand, I could always run 6to4 from that if I don’t mind using IPv6.