internet routable wireless broadband

Forums › Spark New Zealand (including Skinny and BigPipe) › internet routable wireless broadband

millst

26 posts

Geek
+1 received by user: 7

#217953 19-Jul-2017 19:31

Trying to use a spark wireless broadband modem for a site to site VPN solution but it seems sparks wireless broadband solution is not internet routable.

Spark support ummed and arrrrd about it for an hour and then said it couldn't be done.

Is there a solution or trick to this?

Internet connections that can't work in both directions aren't much use.

Do any other wireless broadband providers do internet routable solutions?

hio77

'That VDSL Cat'
13036 posts

Uber Geek
+1 received by user: 3896

ID Verified

Trusted

Lizard Networks

Subscriber

#1825459 19-Jul-2017 19:48

Are you using Spark wireless on both sites or a normal connection on the other?

Spark wireless BB is offered over cgnat, so you won't have your own public ip - this is typically done by providers so that your data won't get hammered out by a remote attack.

VPN connections DO work over spark wireless, the caveat being they can't be used for hosting the VPN.

#include <std_disclaimer>

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

millst

26 posts

Geek
+1 received by user: 7

#1825460 19-Jul-2017 19:50

Bugger

Spark fiber on the other end.

The VPN solution requires both ends to be routable. (unifi USG's).

hio77

'That VDSL Cat'
13036 posts

Uber Geek
+1 received by user: 3896

ID Verified

Trusted

Lizard Networks

Subscriber

#1825462 19-Jul-2017 19:52

millst:

Bugger

Spark fiber on the other end.

The VPN solution requires both ends to be routable. (unifi USG's).

mhm, may be an option on the corporate side but currently i can't flick my fingers with a solution for that one - will do some digging.

alternatively if you used a standard VPN setup (eg IPSEC) you should be good as gold.

#include <std_disclaimer>

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

millst

26 posts

Geek
+1 received by user: 7

#1825464 19-Jul-2017 19:55

yeah, I have a L2TP tunnel working fine, but I need the whole network to be routable from inside the vpn, so it needs to be S2S.

Annoying as I canned a crap slow ADSL line that had it working fine only to "Upgrade" to Wireless Broadband and not it turns out its natted.
They don't mention that in the marketing.

coffeebaron

6304 posts

Uber Geek
+1 received by user: 3567

Trusted

Lifetime subscriber

#1825467 19-Jul-2017 20:03

Ultimate broadband

Full Flavour

Rural IT and Broadband support.

Broadband troubleshooting and master filter installs.
Starlink installer - one month free: https://www.starlink.com/?referral=RC-32845-88860-71
Wi-Fi and networking
Cel-Fi supply and installer - boost your mobile phone coverage legally

Need help in Auckland, Waikato or BoP? Click my email button, or email me direct: [my user name] at geekzonemail dot com

hio77

'That VDSL Cat'
13036 posts

Uber Geek
+1 received by user: 3896

ID Verified

Trusted

Lizard Networks

Subscriber

#1825471 19-Jul-2017 20:07

millst:

yeah, I have a L2TP tunnel working fine, but I need the whole network to be routable from inside the vpn, so it needs to be S2S.

Annoying as I canned a crap slow ADSL line that had it working fine only to "Upgrade" to Wireless Broadband and not it turns out its natted.
They don't mention that in the marketing.

Normally this is one question that is off the back of having a static IP.

If you have business requirements such as a VPN, this is where the extra question may need to be asked.

with a L2TP tunnel working, a routing rule would likely cover things, Sounds like you are better suited to being on a network that is physically routable in both directions however.

#include <std_disclaimer>

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

Mighty Ape

Shop now at Mighty Ape (affiliate link).

sbiddle

30853 posts

Uber Geek
+1 received by user: 9996

Retired Mod

Trusted

Biddle Corp

Lifetime subscriber

#1825606 20-Jul-2017 07:23

I'm not sure why it took Spark an hour to give you the answer. Their 4G fixed wireless is a residential offering that uses CG-NAT so doesn't come with a public IP therefore can't be used to terminate inbound sessions. Your requirements are beyond the scope of what is available on a low cost residential offering.

When you say "wireless" you haven't said whether you're simply after a 4G offering or fixed wireless. The simple answer is yes, there are plenty of solutions to your problem, but without knowing a lot more about your requirements it's hard to recommend the best product for your requirements. None will be as cheap as the Spark FWA offering.

If you want to stick with a low cost offering for the 4G wireless then you'll need to look at other solutions such as using the 4G for initiating the VPN only and terminating this elsewhere to bridge it.

millst

26 posts

Geek
+1 received by user: 7

#1825640 20-Jul-2017 08:50

I need residential broadband. I do about 50% of my work from home so need at least 100Gb a month of data and it needs to be fairly snappy (sending and receiving very larger multi gigabyte files).

However, I have a home automation solution with an app that requires an open inbound port that the app can connect to. It includes cameras and remote control etc.

I receive a reasonably large number of deliveries and when I was on ADSL and away from home, I got a notification when someone arrived and then could remotely open a garage door if it was a courier.

The problem is, because I was rural, the best ADSL connection I could get was about 600Kbps, so while it was awesome for the full open inbound access, it was terrible for actually doing anything.

I thought that rural broadband was going to be the answer to my problems, it gives me nearly 40Mbps in both directions but not having the inbound ports is real pain (I'm a geek so always experimenting with new tech).

It looks like I'm a bit snookered, ADSL does what I want but is too slow and RB is fast but doesn't do what I want.

There is a local WISP that can do it over wireless AC, but the best they offer is 5Mbps and a tiny data plan which would not be enough.

chevrolux

4962 posts

Uber Geek
+1 received by user: 2638
Inactive user

#1825706 20-Jul-2017 09:43

Use a VPS to terminate a VPN connection and then just route from there to your home connection via that VPN.

Edit: Free tier AWS would be totally adequate or maybe even one of those cheap as Linode's.

millst

26 posts

Geek
+1 received by user: 7

#1825720 20-Jul-2017 09:50

thanks, yes might be the only option.
I'll try this and report back

DarkShadow

1647 posts

Uber Geek
+1 received by user: 656

#1825723 20-Jul-2017 09:53

millst:

RBI is fast but doesn't do what I want.

coffeebaron above told you about two ISPs that provide publicly routable IP addresses over RBI

Mighty Ape

Shop now at Mighty Ape (affiliate link).

millst

26 posts

Geek
+1 received by user: 7

#1825727 20-Jul-2017 09:58

yes, changing ISP would be last resort due to break fee.

deadlyllama

1283 posts

Uber Geek
+1 received by user: 476

Trusted

#1825735 20-Jul-2017 10:13

http://superservers.co.nz/ offer cheap NZ based (palmy) unlimited traffic VPSes which would be great for this purpose. I'm considering getting one myself.

deadlyllama

1283 posts

Uber Geek
+1 received by user: 476

Trusted

#1825922 20-Jul-2017 14:43

In fact, you could get a cheap VPS from someone like superservers, chuck a Mikrotik CHR image on it, and terminate your VPNs on that.

millst

26 posts

Geek
+1 received by user: 7

#1900867 14-Nov-2017 18:51

Just following up on this.
Spark have released static IP's on their wireless broadband today - Hurray.

However, the crappy modem that comes with spark wireless can't do bridge mode, so you can't use your own router and still can't setup a site to site VPN.

So close but still so far away.