World IPv6 Launch - Networking

I know that T-Mobile USA and Verizon already support IPv6 to some degree from this thread, T-Mobile has a beta on the Nexus phones.
http://forum.xda-developers.com/showthread.php?t=1468127
But I don't see either of them or any other cell provider listed on the world ipv6 launch web site
http://www.worldipv6launch.org/
AT&T is listed, but it is only for their DSL network.
World IPv6 launch should be a pretty big deal since Google, Facebook, Yahoo, and Microsoft are all making their main websites IPv6 forever after that day ... June 6 of this year, ... Comcast and Time Warner Cabler are also playing ball.... but nobody from mobile is really stepping up.

Surely IPv6 is way more comfortable (Altrough the adresses are harder to remember), but it will take some time to migrate to IPv6 (It's already been 14 years are many websites are reachable through IPv6, I don't think that full migration will happen all of a sudden...)

I dont think it is the number of websites that matter so much as it is that the largest websites that account for the majority of the internet traffic are going to now support ipv6

DNS is still going to get you where you want to go without you having to remember an IPv6 address. Also, I think most of the IPv6 addresses are going to consist of zeros to begin with, which can be omitted.
People have started supporting IPv6, as has been done on most systems for years. Some people even have public IPv6 addresses, but all of them (to my knowledge) can still be reached using good old-fashioned IPv4 addresses.
As far as LAN's go, unless you are a massive company, with the inability to route between 2 Class C's, you will NEVER need to go to IPv6 on your LAN..

Most ISPs already support IPv6. It's just the protocol, it does`nt necessarily change the addres of a website, depending on whether they bought it or not.
As far as my understanding goes it's more likely that the big websites will just hold on to their IPv4 IP adresses, no?

this wont affect my situation

There is already an IPv6 network in my university

Ipv6 is already being used, Microsoft supports the new industry standard. IPv6 is also designed to solve many of the problems of IPv4, including mobility, autoconfiguration, and overall extensibility.

I'll have to admit, IPv4 has been even more tenacious than I imagined. Here it is, 2012, and we're still managing to get by, even with the population of the Internet being orders of magnitude larger than it was when IPv4 exhaustion was starting to be an issue.
I still think it's something that needs to be a priority, but I just worry about it because most home routers these days barely have enough RAM to store a usable IPv4 routing table. Heaven forbid you multiply the size of each entry. Firmware updates won't fix that.

FYI -- T-Mobile USA finished their nationwide IPv6 deployment. Any Nexus S or Galaxy Nexus can connect http://www.extremetech.com/mobile/127213-ipv6-now-deployed-across-entire-t-mobile-us-network

additional costs for isp's providing no revenue at short perspective and exposing computers in lan to the risks of the internets

zdeev said:
Most ISPs in the Netherlands already support IPv6. It's just the protocol, it does`nt necessarily change the addres of a website,
Click to expand...
Click to collapse
It invariably will. For example instead of having an address like:
192.168.1.1
You'd have something like:
fc00:0db8:85a3:0000:0000:8a2e:0370:7334
However DNS can map to either IP. So say you pointed your browser to www.example.com, DNS could return both IPv4 and IPv6 addresses, and your computer will pick the one it determines is best routable.

in a couple of years we will be on ipv6 over 80%

Related

How I greatly improved internet access on my Hermes.

I have an Orange SPV M3100 with a T-mobile Web'n'Walk SIM. Now that my phone is fully SIM unlocked and with a SuperCID (thanks to IMEI-check.co.uk), I have done the following four things.
1) 'Downgraded' to the latest HTC ROM: (1.18.255.3 - 07/22/06), which I have found to be good and snappy.
2) I have upgraded the radio stack using "Radio upgrade only version 1.20.31.10 (type II) fixed" and this seems to have improved reception for me quite a bit.
3) I have specified DNS server addresses, rather than relying on the T-mobile ones. The ones I am using are 4.2.2.1 and 4.2.2.2. This seems to have made a vast improvement to the time the browser spends on "locating..." (i.e. looking up IP addresses from domain names) and it gets straight onto "opening..." far more quickly now.
4) Lastly, I played with the phone 'band' settings. I don't recommend doing this - I'm just reporting what I changed a couple of days ago:
I changed 'network type' from 'auto' to 'WCDMA', and changed 'GSM/UMTS band' from 'auto' to 'UMTS(2100+800).
I don't know which of these has made the biggest difference, but I am happy to say that, overall, it's like a different device all together. Browsing was incredibly frustrating before - especially in my lounge where the signal is a bit weak. Previously the phone would only manage GPRS 99% of the time, occasionally going to UTMS/HSPDA if I was in a very specific spot in the room/the window was open/breeze was blowing the right way/I was wearing the correct coloured pants. Even then it would drop back frequently, making it no fun at all and impossible to make video calls.
Now, with the above set up, the phone is always showing "U" (possibly because that's all I've allowed it to) and browsing is GREAT. I can download at 800+ kpbs even deep in the bowels of my office building (in fact, in the toilet cubicle ...hehehe). In all the places that previously made it drop to GPRS and/or hardly able to browse at all, it now shows a U with a tiny signal bar. ..but even then it browses at full speed.
I don't really understand what I've done with the Band settings but I might have made it so I can't connect when UTMS is not possible. But I like to think that it's as though I've made it try harder to use UTMS rather than giving up easily and dropping to GPRS as it did before.
Anyway, I'm very happy about all of this and I'll be using this set up for a while (I'm not going roaming or going anywhere with lower signal in the near future).
Thanks for posting this Very useful.
I am having real speed problems with internet access on T-mob WNW (i.e. ages to connect to simple sites like google etc).
What settings did you use for DNS adresses? not WINS or alt WINS
What browser do you use as well?
I have been using the DNS setting suggested for about 4 months now and this was the one single thing that sped the browsing up!
Cheers
I think there's a bit of terminology confusion going on here:
Which DNS settings?
Izzard-UK wrote:
3) I have specified DNS server addresses, rather than relying on the T-mobile ones. The ones I am using are 4.2.2.1 and 4.2.2.2. This seems to have made a vast improvement to the time the browser spends on "locating..." (i.e. looking up IP addresses from domain names) and it gets straight onto "opening..." far more quickly now.
But 4.2.2.1 + 4.2.2.2 are WINS settings not DNS adresses.
Help
These can't be valid DSN addresses, surely? Nonetheless, I tried your tip and to my utter amazement, PIE immediately finds the site .. no longer "locating ...".
Huh?
Well, it is the way it is.
phatphat said:
I think there's a bit of terminology confusion going on here:
Which DNS settings?
Izzard-UK wrote:
3) I have specified DNS server addresses, rather than relying on the T-mobile ones. The ones I am using are 4.2.2.1 and 4.2.2.2. This seems to have made a vast improvement to the time the browser spends on "locating..." (i.e. looking up IP addresses from domain names) and it gets straight onto "opening..." far more quickly now.
But 4.2.2.1 + 4.2.2.2 are WINS settings not DNS adresses.
Help
Click to expand...
Click to collapse
If you don't have internet always ON when you connect you wait ALL DHCP informations to be assigned, IP number (fast) and DNS (not so fast)
So giving your device a FIXED dns helps to have the first connection faster
Also every internet request needt to find the IP destination address and large providers DNS are overloaded (this is the case of VODAFONE in Rome)
I use the open DNS servers, you will find the WM5 settings step by step HERE http://www.opendns.com/start/windows_mobile5.php
DNS system could be used als to "prevent" access to some website and opend DNS state they will never use for this. And this DNS censored system is used from many governement to control were to go and were don't.
Use open DNS!
Changing the DNS servers did nothing for me, not noticeably faster or slower than the standard set-up, perhaps the servers at T-mob NL are as fast as the DNS servers provided in this thread. But thanks for the tip anyway, when I find T-Mob being slow I'll definitely try these settings.
Koksie said:
Changing the DNS servers did nothing for me, not noticeably faster or slower than the standard set-up, perhaps the servers at T-mob NL are as fast as the DNS servers provided in this thread. But thanks for the tip anyway, when I find T-Mob being slow I'll definitely try these settings.
Click to expand...
Click to collapse
Does anyone know what the DNS servers for t-mobile NL are?

How to hack prepaid wifi network?

Guys.....
I find lot of prepaid wifi network in hotels, restaurants, etc. in order to join the network, I must register with user name & password that will be given by the provider if I paid certain amount of money.
I just wondering is there a way to hack prepaid wifi?
thanks
You will need this l33t t00l: m0n3y.
I remember this was discussed long time ago...
as I recall, you can't do that using WM phone, neither a windows laptop..etc.. you need Linux OS and some special tools...and even though it's possible, it takes very long time 1-2 hour to break the password (according to the encryptions of course)
try to search the forum, you might end up with that thread
I cannot believe how often companies just use the same username and passwords.
You actually crack some networks in 40 mins.
using something like CommView® for WiFi PPC or Airscanner Mobile Sniffer can help in that process.
None of the above techniques will work since the companies use a form of IP Tables.
THE only way is to tunnel with DNS using something like NSTX, but its very alpha. (Easiest way to test if technique works is by trying to ping a website and see if it returns the correct IP address)
The technique is there, just needs a good coder and some time..
Tunneling over DNS. That's clever. But all the commercial hotspots I've ever used resolve every IP address to the login/order form page when you aren't already logged in. That is, you can't tunnel through DNS.
The methods that take "40 minutes" to crack the encryption are talking about something completely different - finding the WEP or WPA keys for a network that has security enabled. It wouldn't be useful for prepaid hotspots, as they generally do not use WEP or WPA encryption. Instead, they let you associate and get an IP quite easily. Then they direct you to the credit card order form.
One method that can be used on some of them is to spoof the MAC address and IP address of an authorized, logged in client. However, you will quite literally steal their internet access, as that client will be knocked off the network. I've done this myself but it doesn't seem to work anymore on any of the big networks like T-Mobile (in Starbucks).
Best bet is trying to find a vulnerability in one of the web applications running on the server. All the layer 2/3 stuff is pretty well locked down.
fluxist
They will resolve but wont actually PING, thats due to IP Routing Tables.
There is no way to crack wifi password for pocket pc and laptop centrino main board. And you need special wirelless hardware. Must be pentium 4 or above.. Airsniffer and other proğrams can helpful. its change on WEP or WAP protocol. WEP is the most hard. You can find how to crack on forums and videos on youtube
^ That is rubbish.
Centrino or not, it has nothing to do with it.
Its all down to the wireless card and whether or not it accepts mode monitor/master.
Its WPA not WAP and WPA is far harder than WEP due to having to be brute forced, unlike WEP which has the well known RC4 weakness.
I think he is referring to the fact that one cannot do promisc mode on PPC, so they can never collect the packets to try and compute a WEP key. And also the fact that on Centrino Wifi cards (2200BG, et al.) the linux drivers cannot due packet injection in promisc mode. However, this limitation is overcome in some recent patched drivers. See the Backtrack linux live cd (www.remote-exploit.org/backtrack.html) for details.
fluxist
I don't think there is a hacking tool for ppc which is too very effective or complete...
All so called cracking tools for ppc are buggy little ****s...
Aircrak ng is best for PCs ... em waiting 4 a version of it on ppc...
Hmmmm.... That would be very interesting if they came out with an application to crack WEP and WPA networks I could see WEP being cracked but not sure about WPA since WEP is extremely easy to crack usually in about 10 minutes or less depending on the strenght of the signal, but WPA is much more difficult since it requires a brute force attack. I'm not so sure that our phones are capable of that.
You are waisting your time thinking of this with a phone as the Colleting of packets will take so long and PPC don't support packet injection and you would be limited to WEP
Get your self a net book that supports CUDA then you stand a chance Google CUDA Brute Force
i can buy a pin to accesses it but i cannot sharing it via hotspot how can i share it

[Q] data on cm7 w/ TMO problem (actually, not CM7 specific)

I keep getting logged out of sites that keep track of my session based on source IP address. I used whatismyip.com and verified that each request I make to it comes from different IP's within the same subnet.
Is TMO intercepting HTTP/HTTPS traffic and load balancing it across multiple transparent proxies?
Or, could it be that my phone is roaming between different towers and they NAT data traffic out based on the tower that I'm on?
It makes the wifi hotspot useless for anything but basic web browsing. Since XDA keeps track of my session based solely on cookies, it's not a problem with this site. But many other sites use a combo of source IP and cookies.
Any ideas to somehow influence the traffic to come from a single IP?
Well, it's only for HTTP/HTTPS traffic. So I set up an IPSec VPN to my house and installed a proxy, and that fixed the problem. But it's not exactly convenient.
Ticket opened and escalated within TMO. It's a problem with the way they are load balancing their outbound traffic. They need to support some form of source IP persistence to make your phone "sticky" for a period of time to one proxy/NAT device (whatever it is they are using).
If they are using a commercial load balancing product such as F5, Cisco CSS, Kemp, A10, RadWare, or whatever else, it's simply a checkbox, a dropdown, or a single command to enable it.
If they are using multiple equal metric routes, then it's a bit more complex.
Bottom line is, many people don't see the issue if they are not logging into websites, or if the websites only keep track of sessions based on a cookie. If it's a cookie/source IP combo, then they will see the issue. This issue also breaks the Juniper Pulse client which is available on the Market.
If anyone wants to see if this issue affects them, open a browser on your phone and go to "http://www.whatismyip.com". Note the IP address, wait about 15 seconds or more, and then reload the page. I see the IP changing between 208.54.40.70 and 208.54.40.54. This should not be happening. Also, it appears that it might not just be for HTTP traffic, it might be all traffic, which means that it could break VPN's and other things also.
With more and more companies going to Android for their business phones, it's going to need to get fixed at some point.
If any network engineers from TMO see this, PM me and I can describe more in detail. If you're not a TMO engineer, but know one, send him this link so he can read the message. I don't have high hopes that my ticket is actually going to get escalated to someone that can understand/fix it.
Ok, I managed to talk to a network engineer at TMO about something else, and I mentioned this issue to him.
He said that it's a known issue, and it's a priority to fix it. Currently, they have to load balance their NAT across multiple devices. The new implementation of it is a single device/cluster that will handle all of the NAT and be able to have session persistence based on src/dst pairs. It has already been fixed in the Dallas area, and they have an aggressive rollout schedule for the rest of the country. It should be fixed most everywhere in 6-8 weeks.
Bottom line is, that anyone having a problem related to this now should see it start working properly within the next couple of months.

router disconnecting at random times

My WiFi keeps disconnecting at random times i am running on a router/modem Belkin and comcast is my provider if that means anything,my xoom,netflix and ps3 are good.It's my old phones like droidx,samsung fasinate and bionic.All three phones are out of service but worked before when they were disconnected from verizion,it started this week.
Under wifi it will say scanning then obtaining ip address then connected to WLAN,then repeat all over again.
This is no big deal,and I have some time so I threw this question out there to try and figure it out.
THANKS
P.S.... I tried changing channels in router page,unplugged router and went back to my old settings.
Did you check the screen off settings? It's possible your MAC address of your phone has become blacklisted automatically by your router as well. Just a couple things to check.
can you tell me where i can find the mack address.thanks
The MAC Address can be found on Android phones in :
Parameters > About phone > Status
Right below your IP Address, you should have your MAC address.
.
this wont fix your router, but make sure your gateway from comcast has been bridged or else you're running a double NAT and will have sporadic DNS error when the comcast DNS servers have to outsource the lookup to other servers...
Have you set any static IPs? If so, make sure they don't fall in your DHCP range as this can cause IP conflicts. Also make sure you're close enough to your router to get a good signal.
It's also possible that you just have a crappy router. ISPs are notorious for giving out garbage.
ConfusingBoat said:
Have you set any static IPs? If so, make sure they don't fall in your DHCP range as this can cause IP conflicts. Also make sure you're close enough to your router to get a good signal.
It's also possible that you just have a crappy router. ISPs are notorious for giving out garbage.
Click to expand...
Click to collapse
+1, but he has a seperate Belkin... crap router... needs to get a highend Cisco, and bridge the gateway to prevent DNS issues...
DNS should never be a problem as long as you're not using the ones from your ISP. Use the Google public DNS (8.8.8.8 and 8.8.4.4) or some other reliable public DNS service. Years ago when I used the DNS servers from Qwest or Comcast my internet would randomly **** out every few days until I renewed my WAN DHCP.
Also, as far as routers go, I personally use a high-end Buffalo (cost me $80 new) loaded with DD-WRT and a NetGear WNDR-3700 with DD-WRT. Great routers, great firmware. If you have any reasonable amount of tech knowledge I would highly recommend using it.
Let me explain... I worked for Comcast for 2 years... He stated he is running a modem/belkin combo... That's not enough info to determine if he has two separate devices, or and all-in-one Gateway...
If he is using an all-in-one Gateway, and decides to use his own personal router, the Gateway MUST be placed into bridged mode, disabling it's built-in router. If that is not done, he is running a double NAT and will have sporadic DNS issues when the Comcast DNS servers cannot perform the lookup, and have to outsource them to another set of DNS servers...
And yes, Google DNS FTW
In any case it doesn't sound like a double-NAT issue as he said his other devices work fine, and any future double-NAT could be resolved by simply turning the wifi off on any applicable combination device (modem/router combo) and simply running any other routers in infrastructure (AP) mode. Either that or you could place the new router in a DMZ, effectively disabling NAT altogether without actually turning it off. There are many ways to skin a cat, especially in IT.
Btw I'm a developer / network admin at an information services company
ConfusingBoat said:
In any case it doesn't sound like a double-NAT issue as he said his other devices work fine, and any future double-NAT could be resolved by simply turning the wifi off on any applicable combination device (modem/router combo) and simply running any other routers in infrastructure (AP) mode. Either that or you could place the new router in a DMZ, effectively disabling NAT altogether without actually turning it off. There are many ways to skin a cat, especially in IT.
Btw I'm a developer / network admin at an information services company
Click to expand...
Click to collapse
I understand, but having the ISP place it into bridged mode is easier... It's still unclear what equipment he has.
BTW, I don't care...
Quasimodem said:
I understand, but having the ISP place it into bridged mode is easier... It's still unclear what equipment he has.
BTW, I don't care...
Click to expand...
Click to collapse
I'm not sure if you realize it, but your response seemed a little crude. My profession is every bit as relevant as you having worked for Comcast, and helps add credibility to my input regardless of whether or not you care.
Now, before this gets derailed into a geek-knowledge **** size contest...
If other wireless devices are working fine as the OP stated and all the affected devices are as small as a phone, it really starts to sound like a poor signal / interference issue. If the OP is in an older building, a building which utilizes dense materials or is full of anything else that may add to the signal attenuation, that could be part of the problem.
Another possible cause is that the DHCP pool isn't big enough to address all of the OP's devices. That's not to say there's not enough free addresses though, as the OP could just increase the pool size.
Or, again, it could just be that the router doesn't have the hardware to support as many devices as are trying to connect.
We really won't know until the OP replies with more information.
Quasimodem said:
this wont fix your router, but make sure your gateway from comcast has been bridged or else you're running a double NAT and will have sporadic DNS error when the comcast DNS servers have to outsource the lookup to other servers...
Click to expand...
Click to collapse
ConfusingBoat said:
I'm not sure if you realize it, but your response seemed a little crude. My profession is every bit as relevant as you having worked for Comcast, and helps add credibility to my input regardless of whether or not you care.
Now, before this gets derailed into a geek-knowledge **** size contest...
If other wireless devices are working fine as the OP stated and all the affected devices are as small as a phone, it really starts to sound like a poor signal / interference issue. If the OP is in an older building, a building which utilizes dense materials or is full of anything else that may add to the signal attenuation, that could be part of the problem.
Another possible cause is that the DHCP pool isn't big enough to address all of the OP's devices. That's not to say there's not enough free addresses though, as the OP could just increase the pool size.
Or, again, it could just be that the router doesn't have the hardware to support as many devices as are trying to connect.
We really won't know until the OP replies with more information.
Click to expand...
Click to collapse
If you read my post above, you will see that his equipment is unknown, and i was providing a helpful tip if in fact he does have a gateway device.
Why in the world would you have him check all you mentioned when it's most likely easily fixable?
**** measuring? I think you just showed yours is smaller..
PS - I accidentally thanked you...
I was just throwing some ideas out there as food for thought because there's a lot that can affect a wireless connection, especially on devices as small as phones.
And my comment about "**** measuring" was thrown in solely because your responses come off rather condescending, especially when you begin with this:
Quasimodem said:
Let me explain... I worked for Comcast for 2 years...
Click to expand...
Click to collapse
Sorry if I offended you somehow, and I'm sure you're actually a nice and helpful person, but you just come off as a know-it-all prick.
ConfusingBoat said:
I was just throwing some ideas out there as food for thought because there's a lot that can affect a wireless connection, especially on devices as small as phones.
And my comment about "**** measuring" was thrown in solely because your responses come off rather condescending, especially when you begin with this:
Sorry if I offended you somehow, and I'm sure you actually a nice and helpful person, but you just come off as a know-it-all prick.
Click to expand...
Click to collapse
It's all good man, sometimes I'm like that... but we still don't know if he has a gateway device... from memory, belkin doesn't make gateways.... He just needs to optimize his router settings to WPA2-PSK and limit the radio to N only if that's all he's got... A gateway is a different animal and needs to be bridged... Uncheck avoid poor connections...
Why would it only be happening with the phones though, that's my main beef.
ConfusingBoat said:
Why would it only be happening with the phones though, that's my main beef.
Click to expand...
Click to collapse
Cause it's a belkin... and uncheck avoid poor connecions...

Internet issues with Android devices at school

Hi,
Just got a shiny new Galaxy Note 10.1 last weekend. Yesterday, after receiving my case and keyboard from Amazon, I brought it in to school to start taking advantage of the S-Pen for note taking in classes that keyboards don't quite cut it in. Unfortunately, it revived an issue that I had and ignored on my HTC Rezound from last year... an issue that a WiFi device can't ignore, and unfortunately my phone's battery is not up to using CM10's tether function all day (and it might start running down my monthly data being used 5 days a week, all day).
So, any ideas what might cause this issue? The school primarily has Macs, and my Windows 8 Laptop sometimes has issues, but at least half the time it works fine. It is just Android devices that will not work. They connect, and get great signal strength, but just won't get any actual data. To my knowledge, nobody has ever gotten an Android device to connect. My Rezound is running an unofficial CM10 (4.1 JB) version, and my Note is using whatever the newest official update is (4.1 as well, I believe. Non-rooted). I don't know a whole lot about this type of stuff, but I'm not afraid to tinker around to try and get it working. I've tried a few other suggestions from numerous Google searches, but to no avail so far. The network is unprotected, and run by the school's IT people, so needless to say I have no way to easily change settings for the campus' network. I'd prefer not root the Note just yet, but if I need to, so be it. Any ideas what this might be?
Thanks
Some more Info
Coffeeist said:
[Original Post]
Click to expand...
Click to collapse
Some more info:
I cannot ping the tablet from my laptop (I get no packet loss, but all return 'Destination Host Unreachable'.
Same result if I try pinging my laptop or the router from my tablet using Terminal Emulator.
Sometimes, if set to DHCP, the tablet will give an 'Authentication Error Occured' error (or similar, I don't recall the actual wording). Sometimes it indicates a connection, but just won't work. I've never had a problem connecting using the same info as my laptop (with the IP changed, of course), but again, no internet, no ping.
Thanks
May or may not be the problem, but from what I've noticed, school networks tend to have a lot of blocked ports. I know the main Google Sync Framework uses port 5228. Try shooting an email to a network admin in your school's IT dept, asking about that port or just in general if they're aware that Android devices are unable to connect on their network.
Coffeeist said:
Some more info:
I cannot ping the tablet from my laptop (I get no packet loss, but all return 'Destination Host Unreachable'.
Same result if I try pinging my laptop or the router from my tablet using Terminal Emulator.
Sometimes, if set to DHCP, the tablet will give an 'Authentication Error Occured' error (or similar, I don't recall the actual wording). Sometimes it indicates a connection, but just won't work. I've never had a problem connecting using the same info as my laptop (with the IP changed, of course), but again, no internet, no ping.
Thanks
Click to expand...
Click to collapse
What do you mean by "same info as my laptop" what types of credentials are you referring to? Something you have to change on the laptop in order to get in? The more information regarding this you can provide (safely, mind you, mask/alter any sensitive info), the better we can assist you. If you have to do something like set a VLAN, then you're never going to get an Android device to work as we do not have the capability to use VLAN'd wireless like most PCs and Macs can with the proper configuration changes. If there's some browser catch-all page, then that should work, but based on your statement "with the IP changed" leads me to believe that you're messing with the adapter settings directly. I would be especially keen to helping you with more detailed networking issues like this should you provide me with the information requested. I look forward to your reply. (Yes, I like technical challenges like this, it's why I work VoIP support.)
IP address or no IP address
Coffeeist said:
Some more info:
I cannot ping the tablet from my laptop (I get no packet loss, but all return 'Destination Host Unreachable'.
Same result if I try pinging my laptop or the router from my tablet using Terminal Emulator.
Sometimes, if set to DHCP, the tablet will give an 'Authentication Error Occured' error (or similar, I don't recall the actual wording). Sometimes it indicates a connection, but just won't work. I've never had a problem connecting using the same info as my laptop (with the IP changed, of course), but again, no internet, no ping.
Thanks
Click to expand...
Click to collapse
since you know ping, then did you check the IP address for each device?
Back to basic:
1: ping your device gateway IP
2) if ok, then ping ur device (tablet or laptop)
3) if ok then ping bbc.co.uk (this will check your dns), if failed ping your dns's IP address.
If no IP on android, then check if there is any protection on device. It sound like no IP been allocated for you.
Depends on how good a school's IT dept. I have not seen many school actually put filter to stop non-window device.
I am not sure it has anything to do with VLAN yet. As a simple logon, device does not care VLAN or no VLAN.
The basic for us is 1) get an IP on device. 2) know how to get out (gateway IP) 3) interrept hwere you go (DNS resolution) 4) know how to get to internet (internet router, internet firewall, internet boardband et...)
If you have authentication error, then it is sure you are not going to get an IP address. If this is WiFi then check on security (WEP, WAP...TKIP...)
tinbox134 said:
since you know ping, then did you check the IP address for each device?
Back to basic:
1: ping your device gateway IP
2) if ok, then ping ur device (tablet or laptop)
3) if ok then ping bbc.co.uk (this will check your dns), if failed ping your dns's IP address.
If no IP on android, then check if there is any protection on device. It sound like no IP been allocated for you.
Depends on how good a school's IT dept. I have not seen many school actually put filter to stop non-window device.
I am not sure it has anything to do with VLAN yet. As a simple logon, device does not care VLAN or no VLAN.
The basic for us is 1) get an IP on device. 2) know how to get out (gateway IP) 3) interrept hwere you go (DNS resolution) 4) know how to get to internet (internet router, internet firewall, internet boardband et...)
If you have authentication error, then it is sure you are not going to get an IP address. If this is WiFi then check on security (WEP, WAP...TKIP...)
Click to expand...
Click to collapse
Hello Coffeeist,
Please contact your schools IT department and find out what kind of encryption they use on their APs.
If they use TKIP, then that is whats causing the problem with android devices.
Once TKIP is disabled on the AP you are connecting to, you will be able to reach the internet.
I say this because I had the same problem in the past (setting up Cisco APs), and can confirm that this is the cause of the problem.
TKIP shouldn't be used anyway. They should be using AES. TKIP is too weak.
I guess that last part answered another question that you might of had. (Why TKIP doesn't work with Android?) Android=Secure TKIP=WEAK.... Unacceptable for Android
Also, you mention something about not being able to ping your tablet from your laptop. If I understand this correctly, you have both your laptop and tablet connected to the same AP and you are trying to ping between the two. This wont work in most cases. Reason: "Port-Protection", which if enabled doesn't allow clients on the AP to communicate with each other.
Regards,
Ed
Let us know how it goes.
nasvi said:
Hello Coffeeist,
Please contact your schools IT department and find out what kind of encryption they use on their APs.
If they use TKIP, then that is whats causing the problem with android devices.
Once TKIP is disabled on the AP you are connecting to, you will be able to reach the internet.
I say this because I had the same problem in the past (setting up Cisco APs), and can confirm that this is the cause of the problem.
TKIP shouldn't be used anyway. They should be using AES. TKIP is too weak.
I guess that last part answered another question that you might of had. (Why TKIP doesn't work with Android?) Android=Secure TKIP=WEAK.... Unacceptable for Android
Also, you mention something about not being able to ping your tablet from your laptop. If I understand this correctly, you have both your laptop and tablet connected to the same AP and you are trying to ping between the two. This wont work in most cases. Reason: "Port-Protection", which if enabled doesn't allow clients on the AP to communicate with each other.
Regards,
Ed
Let us know how it goes.
Click to expand...
Click to collapse
With useful posts above the rest is not much left for me to say but a simple advice
Make sure your friends aren't playing a prank on you coz I tend to do it I use arpspoof and aireplay-ng to cause such mayhem
Sent from my A116 using Tapatalk 2
Airplay and Arpspoof wouldn't be possible if MFP is enabled on the AP. Also the OP is stating that it is with all android devices and not 1.
Sent from my HTC One XL using xda app-developers app
responses
First off, thanks for all of the posts, and I apologize for taking so long to respond.
Also, I did check port 5228 with my laptop, and it seemed to indeed be closed. Haven't been able to contact IT yet, but I will need to soon to solve an issue with another, unrelated issue.
Cynagen said:
What do you mean by "same info as my laptop" what types of credentials are you referring to? Something you have to change on the laptop in order to get in? The more information regarding this you can provide (safely, mind you, mask/alter any sensitive info), the better we can assist you. If you have to do something like set a VLAN, then you're never going to get an Android device to work as we do not have the capability to use VLAN'd wireless like most PCs and Macs can with the proper configuration changes. If there's some browser catch-all page, then that should work, but based on your statement "with the IP changed" leads me to believe that you're messing with the adapter settings directly. I would be especially keen to helping you with more detailed networking issues like this should you provide me with the information requested. I look forward to your reply. (Yes, I like technical challenges like this, it's why I work VoIP support.)
Click to expand...
Click to collapse
Just IP/DHCP/DNS (and I've also tried public DNS such as Google). Nothing fancy set up on the laptop (everything should be on Windows default network settings, same with Android on both devices). There is also no catch-all page, assuming I'm interpreting that correctly (as a login page sort of thing, like I'd get at Starbucks or a Hotel).
Glad to provide the challenge... truth be told, underneath the annoyance of lacking connection, I love issues like this because of the fun tricks and such that solving them can teach.
tinbox134 said:
since you know ping, then did you check the IP address for each device?
Back to basic:
1: ping your device gateway IP
2) if ok, then ping ur device (tablet or laptop)
3) if ok then ping bbc.co.uk (this will check your dns), if failed ping your dns's IP address.
If no IP on android, then check if there is any protection on device. It sound like no IP been allocated for you.
Depends on how good a school's IT dept. I have not seen many school actually put filter to stop non-window device.
I am not sure it has anything to do with VLAN yet. As a simple logon, device does not care VLAN or no VLAN.
The basic for us is 1) get an IP on device. 2) know how to get out (gateway IP) 3) interrept hwere you go (DNS resolution) 4) know how to get to internet (internet router, internet firewall, internet boardband et...)
If you have authentication error, then it is sure you are not going to get an IP address. If this is WiFi then check on security (WEP, WAP...TKIP...)
Click to expand...
Click to collapse
1. If I recall, this either had full loss, or Destination Host Unreachable, when pinging the gateway IP from the tablet.
2. Have tried this nonetheless, and I think I made it through once or twice just after turning on the tablet, but after that would only get Dest. Host Unreachable.
3. Had tried with Google, fails across any DNS.
I seem to get an IP, although sometimes I get the authentication error in Android and it won't connect. Whenever I set a static IP, based off of my laptop's IP (not the same, of course), I get connected, just no internet.
nasvi said:
Hello Coffeeist,
Please contact your schools IT department and find out what kind of encryption they use on their APs.
If they use TKIP, then that is whats causing the problem with android devices.
Once TKIP is disabled on the AP you are connecting to, you will be able to reach the internet.
I say this because I had the same problem in the past (setting up Cisco APs), and can confirm that this is the cause of the problem.
TKIP shouldn't be used anyway. They should be using AES. TKIP is too weak.
I guess that last part answered another question that you might of had. (Why TKIP doesn't work with Android?) Android=Secure TKIP=WEAK.... Unacceptable for Android
Also, you mention something about not being able to ping your tablet from your laptop. If I understand this correctly, you have both your laptop and tablet connected to the same AP and you are trying to ping between the two. This wont work in most cases. Reason: "Port-Protection", which if enabled doesn't allow clients on the AP to communicate with each other.
Regards,
Ed
Let us know how it goes.
Click to expand...
Click to collapse
Unless I am totally clueless about this stuff (er, moreso than I though I already was), it uses neither TKIP or AES, being an open and unsecured network.
sak-venom1997 said:
With useful posts above the rest is not much left for me to say but a simple advice
Make sure your friends aren't playing a prank on you coz I tend to do it I use arpspoof and aireplay-ng to cause such mayhem
Sent from my A116 using Tapatalk 2
Click to expand...
Click to collapse
Haha, I doubt it. None of my friends, especially the ones who I think would even try and do something like this, are tech-savvy enough for me to have any suspicion of that. Thanks though
Another piece of info (a pretty weird seeming one at that): Sometimes, I'll turn on my tablet in the middle of the day, and out of the blue there is an email notification there, for recent emails. Of course, if I go into browser, I can't get any pages. Can't think of any other networks that the device could/would connect to on campus, either.
Thanks!
Coffeeist said:
First off, thanks for all of the posts, and I apologize for taking so long to respond.
Also, I did check port 5228 with my laptop, and it seemed to indeed be closed. Haven't been able to contact IT yet, but I will need to soon to solve an issue with another, unrelated issue.
Just IP/DHCP/DNS (and I've also tried public DNS such as Google). Nothing fancy set up on the laptop (everything should be on Windows default network settings, same with Android on both devices). There is also no catch-all page, assuming I'm interpreting that correctly (as a login page sort of thing, like I'd get at Starbucks or a Hotel).
Glad to provide the challenge... truth be told, underneath the annoyance of lacking connection, I love issues like this because of the fun tricks and such that solving them can teach.
1. If I recall, this either had full loss, or Destination Host Unreachable, when pinging the gateway IP from the tablet.
2. Have tried this nonetheless, and I think I made it through once or twice just after turning on the tablet, but after that would only get Dest. Host Unreachable.
3. Had tried with Google, fails across any DNS.
I seem to get an IP, although sometimes I get the authentication error in Android and it won't connect. Whenever I set a static IP, based off of my laptop's IP (not the same, of course), I get connected, just no internet.
Unless I am totally clueless about this stuff (er, moreso than I though I already was), it uses neither TKIP or AES, being an open and unsecured network.
Haha, I doubt it. None of my friends, especially the ones who I think would even try and do something like this, are tech-savvy enough for me to have any suspicion of that. Thanks though
Another piece of info (a pretty weird seeming one at that): Sometimes, I'll turn on my tablet in the middle of the day, and out of the blue there is an email notification there, for recent emails. Of course, if I go into browser, I can't get any pages. Can't think of any other networks that the device could/would connect to on campus, either.
Thanks!
Click to expand...
Click to collapse
Based on your responses, I have a follow up question and comment. The question is as follows: Did you have to register your computer with your IT when you started school in order to be permitted on the wireless network? If this was the case they're likely filtering based on MAC address (which you won't be able to spoof on your Android, but you may be able to spoof on your laptop), get them to re-register your laptop after you spoof the MAC address so you can get both devices on using the same MAC address (though not at the same time of course unless you're fine with stuff randomly not working). The comment is as follows: Yeah, finding the workarounds to get back limitations like this is definitely a fun challenge because when you win, you've definitely learned something new. Oh, and you were right about my question of the gateway authentication page like a hotel wifi login page.
MAC
Cynagen said:
Based on your responses, I have a follow up question and comment. The question is as follows: Did you have to register your computer with your IT when you started school in order to be permitted on the wireless network? If this was the case they're likely filtering based on MAC address (which you won't be able to spoof on your Android, but you may be able to spoof on your laptop), get them to re-register it after you spoof the MAC address so you can get both devices on using the same MAC address (though not at the same time of course). The comment is as follows: Yeah, finding the workarounds to get back limitations like this is definitely a fun challenge because when you win, you've definitely learned something new.
Click to expand...
Click to collapse
Nope, it was up and running just through connecting normally, and has been since (mostly) - no registration or anything like that. Now, the reason that I put 'mostly' in parentheses is that sometimes the computer will be connected, but also have no internet (I don't think this started until I, dare I admit, upgraded to Windows 8). However, this only happens sometimes, whereas the Android devices never get internet access.
However, on the topic of MAC addresses, one post (in fact, I think it was on XDA) I saw awhile back while Google searching this problem was that someone had a similar issue, found to be with their device's MAC address having the letters 'FA' instead of 'FB' or something like that. Being that my Note isn't rooted, I haven't tested it with that, but perhaps I should give that a try with my CM10 Rezound?
(This is the post: HERE)
Thanks!
Coffeeist said:
Nope, it was up and running just through connecting normally, and has been since (mostly) - no registration or anything like that. Now, the reason that I put 'mostly' in parentheses is that sometimes the computer will be connected, but also have no internet (I don't think this started until I, dare I admit, upgraded to Windows 8). However, this only happens sometimes, whereas the Android devices never get internet access.
However, on the topic of MAC addresses, one post (in fact, I think it was on XDA) I saw awhile back while Google searching this problem was that someone had a similar issue, found to be with their device's MAC address having the letters 'FA' instead of 'FB' or something like that. Being that my Note isn't rooted, I haven't tested it with that, but perhaps I should give that a try with my CM10 Rezound?
(This is the post: HERE)
Thanks!
Click to expand...
Click to collapse
That shouldn't be it unless they have corporate level routers that don't recognize the MAC address of any devices manufactured after 2009 (when most of these manufacturers got the MAC addresses assigned to them (this is VERY unlikely)). I would honestly work with IT on campus and advise that it appears not a single Android device is allowed on the network. If they're blocking Android for any reason, check the terms of service for using the WiFi and see if there's any provisions for banning an entire brand of device/OS for whatever reason. If there's only provisions for individual banning, then take it back to them and show them that your record has not been abusive in the least and go from there. Make a case, otherwise draw one up with legal council. *shrugs* I don't believe anyone should ever be punished for the type of device they chose to purchase, that's first amendment choice, but it really comes down to their terms of service which you agree to by using the wifi.
Cynagen said:
That shouldn't be it unless they have corporate level routers that don't recognize the MAC address of any devices manufactured after 2009 (when most of these manufacturers got the MAC addresses assigned to them (this is VERY unlikely)). I would honestly work with IT on campus and advise that it appears not a single Android device is allowed on the network. If they're blocking Android for any reason, check the terms of service for using the WiFi and see if there's any provisions for banning an entire brand of device/OS for whatever reason. If there's only provisions for individual banning, then take it back to them and show them that your record has not been abusive in the least and go from there. Make a case, otherwise draw one up with legal council. *shrugs* I don't believe anyone should ever be punished for the type of device they chose to purchase, that's first amendment choice, but it really comes down to their terms of service which you agree to by using the wifi.
Click to expand...
Click to collapse
I'll give it a shot, thanks.
Coffeeist said:
I'll give it a shot, thanks.
Click to expand...
Click to collapse
Sorry to bump the thread, but seeing as it's my own I figured it would be alright...
I got around to asking the the school IT about the issue, and they said that the deliberately block mobile traffic, which they went on to find out does include Android tablets (I understand phones, but I can't even begin to understand why they target Android tablets... unfortunately, that's not my call). I Google searched a bit, and found that networking devices from a company called Aruba can be set to block traffic from specific types of devices (supposedly Cisco and a few other companies can do similar things too), by checking something with the HTML version, or something like that (I'm by no means a networking expert hehe).
So, I guess I'll make my last effort with this thing, and ask if anyone knows of some legal, non-hacky way of getting by this?
I'm guessing not, but worth asking.
Thanks
Coffeeist said:
Sorry to bump the thread, but seeing as it's my own I figured it would be alright...
I got around to asking the the school IT about the issue, and they said that the deliberately block mobile traffic, which they went on to find out does include Android tablets (I understand phones, but I can't even begin to understand why they target Android tablets... unfortunately, that's not my call). I Google searched a bit, and found that networking devices from a company called Aruba can be set to block traffic from specific types of devices (supposedly Cisco and a few other companies can do similar things too), by checking something with the HTML version, or something like that (I'm by no means a networking expert hehe).
So, I guess I'll make my last effort with this thing, and ask if anyone knows of some legal, non-hacky way of getting by this?
I'm guessing not, but worth asking.
Thanks
Click to expand...
Click to collapse
Before discussing any workarounds, you may need to review the Terms of Service for your wifi on the school premises first, review the consequences for bypassing their security measures, and figure if it's worth the risk to you... At this time, it'll be kind of "hacky" to get around such a block. In order to provide you with a valid workaround though we'll need a little bit of information regarding what's going on when you connect.
First, when you connect to the WiFi with your Android device, do you even receive an IP address? If you don't then we'll stop here, the only way to get around the types of blocks they're employing at this level would require hardware hacking/firmware reprogramming to change the identity of the device itself, which is flat out illegal in just about anywhere I can think of. Here's your checklist, fill out where applicable: (Even if you set static information to accomplish this, that will be a valid Y.)
Get an IP? (If Y, proceed)
Is it a valid IP address on the same network as your PC? (Either way, don't care)
Can you ping the gateway you got from DHCP on Android? (If Y, proceed)
Can you ping the DNS server(s) you got from DHCP on Android? (If Y, proceed)
Can you ping an external server such as Google DNS (8.8.8.8) on Android? (If Y, then we're done here)
It's kind of a bit of a process unfortunately, however, if you pass every single one of these tests with the Android device, there's good news. They're only filtering traffic based on the User-Agent identification of all your applications (and based on the MAC address of your device, denying your DHCP requests), you should be able to bypass this with a VPN tunnel back to your home from your Android (after setting your static IP) in order to encrypt and keep this information from leaking to their systems. However, this will likely set off alarms if they monitor their network heavily. If the school IT asks, then you're "working on projects in-between classes on your computer at home and your family has a home office with VPN already, so you used that to connect back to the house". Either way, they can't say much about it besides cut you off... again. Anywhos, I wouldn't recommend trying to bypass without doing all this research first, and then also evaluating the possible consequences, however the rewards are within themselves. You'll be the only person at school with a working mobile device, (besides those iSuckers). Technically, encrypting your traffic is completely legal (and they can't say anything legally about it), however, setting a static IP address in the same range as your computer at school may be against their TOS which you abide by being on campus. Let us know how everything goes.
Cynagen said:
Get an IP? (If Y, proceed)
Is it a valid IP address on the same network as your PC? (Either way, don't care)
Can you ping the gateway you got from DHCP on Android? (If Y, proceed)
Can you ping the DNS server(s) you got from DHCP on Android? (If Y, proceed)
Can you ping an external server such as Google DNS (8.8.8.8) on Android? (If Y, then we're done here)
Click to expand...
Click to collapse
With Static I set an IP and all other info (Gateway, DNS, etc, except for Network Prefix Length... no clue what that is, left it at 24 default), and could not ping gateway
Dynamic/DHCP I will have to check tomorrow, after downloading stuff for the tablet to get that info (I think I need root to use IfConfig with Terminal Emulator, correct?).
Whatever they use to block me out, it seems to have a slight hole built in... every day, multiple times a day, I will look down at my tablet and see notifications (mainly email, occasionally Facebook, etc) that pushed through on the schools network (I know that for sure, being that often times the emails are messages received during the day, in a time period where the tablet has been nowhere near any other networks). Maybe this hole can be breached?
Thanks!
Coffeeist said:
With Static I set an IP and all other info (Gateway, DNS, etc, except for Network Prefix Length... no clue what that is, left it at 24 default), and could not ping gateway
Dynamic/DHCP I will have to check tomorrow, after downloading stuff for the tablet to get that info (I think I need root to use IfConfig with Terminal Emulator, correct?).
Whatever they use to block me out, it seems to have a slight hole built in... every day, multiple times a day, I will look down at my tablet and see notifications (mainly email, occasionally Facebook, etc) that pushed through on the schools network (I know that for sure, being that often times the emails are messages received during the day, in a time period where the tablet has been nowhere near any other networks). Maybe this hole can be breached?
Thanks!
Click to expand...
Click to collapse
It seems like small gaps where the system doesn't block you long enough to receive some traffic, but that is promising. BTW, you can get your "network prefix" (netmask as we call it) from your computer. If you go into the command prompt on windows and run "ipconfig /all" you'll get 4 useful bits of info we need, IP address (so you can mimic it), the gateway, the subnet mask (usually 255.255.something.something) and the DNS servers. The subnet mask determines what you use, and I HIGHLY doubt they use 24 (that's mainly for home networks, 24 = 254 devices permitted on the DHCP, 16 = 65534 devices (this is WAY more likely)).
Cynagen said:
It seems like small gaps where the system doesn't block you long enough to receive some traffic, but that is promising. BTW, you can get your "network prefix" (netmask as we call it) from your computer. If you go into the command prompt on windows and run "ipconfig /all" you'll get 4 useful bits of info we need, IP address (so you can mimic it), the gateway, the subnet mask (usually 255.255.something.something) and the DNS servers. The subnet mask determines what you use, and I HIGHLY doubt they use 24 (that's mainly for home networks, 24 = 254 devices permitted on the DHCP, 16 = 65534 devices (this is WAY more likely)).
Click to expand...
Click to collapse
Well, I just had a clean connection for about 5 minutes, and had a normal-looking IP based on my PC. Using Terminal Emulator I pinged the gateway after my connection failed, still with no response. I still appeared to have a proper IP on my tablet, but no actual internet connection.
So, perhaps these small windows are something to pursue? Or perhaps sticking with the VPN plan is best?
Thanks!
Coffeeist said:
Well, I just had a clean connection for about 5 minutes, and had a normal-looking IP based on my PC. Using Terminal Emulator I pinged the gateway after my connection failed, still with no response. I still appeared to have a proper IP on my tablet, but no actual internet connection.
So, perhaps these small windows are something to pursue? Or perhaps sticking with the VPN plan is best?
Thanks!
Click to expand...
Click to collapse
You need to make sure your networking information is entered correctly, you still haven't said anything about the netmask in this situation. However, if you're entering this information in correctly then you should have a solid connection until they realize you've forced a device into the network. The only thing you can do beyond that point is during that window, open a VPN connection without using a single browser request so they don't know what the device is unless they check the MAC address. Either way, this is a window that can be used, you just need to avoid identifying your device in any way prior to initiating the VPN connection. Turn off Sync when you connect.

Categories

Resources