- Messages
- 8
- Location
- Balaghat,Madhya Pradesh,India
- ISP
- My wired ISP :- Jio Fiber, PadmeshXFibernet (Local ISP)
My Mobile ISP :- Airtel 4G and Jio 4G
So, in my experiments of accessing my home network from outside I found that the IPv6 we got in Jio is not NAT-ted and every single devices connected to Jio Router got dynamic public IPv6 address (I read many threads where people are saying that Jio is providing NAT-ted IPv6),but they give DHCP IPv6 address, in a nutshell everyone using any Big ISP which has IPv6 infra and pools are giving dynamic public IPv6 address to everyone. The whole point of using IPv6 is to eliminate the use of NAT, so to cut the cost Jio doesn't use NAT on IPv6 addresses.
I recently hosted a test FTP server and tried to use RDP using IPv6 address.
To host service you just need to add a custom service first
-log in to your Jio Router's Web UI
192.168.29.1
Username:- admin
Password:-Jiocentrum (if you didn't change)
-Go to Security tab--->Firewall
-Select IPv6 Firewall rules
-Click on +Add New tab
Rule Type- Inbound
Service- ANY
Action- Allow Always
Schedule- No Schedule
Source IP Address- Any
Destination IP Address- Any
-Save
It takes few seconds
Note:- It will completely turn off the Router level firewall for all ports and to be secure it is advisable to strengthen your PC and all the devices connected to the network firewall setting before doing this settings on your JIO Fiber router. Ex. No unnecessary ports are open on PC's Firewall
Voila!! You have now disabled your IPv6 Firewall on router level
You can use this site Open Port Checker Tools to check your forwarded ports on IPv6.
Now you can access your PC remotely using Remote Desktop Protocol on Windows or you can access your FTP server or you can host a webserver
Now to set this thing securely
-On firewall setting go to Custom Services
-Click on +Add New icon
Name:-(Set it according to you) in my case I will set it as RDP
-Type:- (Depends on you which type of connection you want to establish TCP, UDP or ICMP) In my case I will use UDP because it is best for services like this which contains screen sharing
-Port type:- I will use Multiple ports. Because RDP uses only single port. If you want to open multiple ports in range system then you can choose Port Range.
-Ports :- 3389 (You can enter whatever port you want to open)
If you select Port Range then
Start Port :- (Enter your start port)
End Port :- (Enter you end port)
-Now Save all the settings.
Now go back to IPv6 Firewall rule
-Click on +Add New tab
Rule Type- Inbound
Service- (Select the service you just created -you can find your custom service on last line- In my case I named the service RDP, so I will select that)
Action- Allow Always
Schedule- No Schedule
Source IP Address- Any
Destination IP Address- Any
-Save
Congrats!! you have now successfully forwarded the specific port you want
If you want to use DDNS service like No-IP
Then you have to select AAAA type and have to update your IPv6 address whenever it change.
(Always use the IPv6 address from whatismyipaddress site cause the IP shown in your Windows' network setting tab is not the public IPv6 address, it's kinda NAT-ted by your system, but don't worry you can easily host anything on IPv6 despite you have different IP on system's network setting or shown different on whatsmyipaddress site)
Then you have to install the dependency from No-IP called DUC to access your hosted service using DDNS
*Points to remember
-You can't allot static local IPv6 address to each device because the term local IPv6 doesn't exist as it is made for eliminating NAT.
-IPv6 address will change for every devices once you restart their internet connection.
-By default the lease time of IPv6 address is set for 2 days (There's a setting which we have to change to increase the lease time, I will tell you later because I m exhausted now, If you ask I will reply)
-Only IPv6 users can access your game server or whatever you host on IPv6.
-Keep the Destination IP address and Source IP Address type in Any because your system's IPv6 address change whenever you restart your internet or system
*Drawbacks
-Jio doesn't provide static IPv4 as well as IPv6 address for home users which means your system's IPv6 address will be refreshed whenever you restart your system or once within 7 days
-Most of the local ISPs don't support IPv6 infra cause it doesn't make any value to their business. Like people won't buy static IP addresses from them once they found that they got public IPv6 for each of their home devices.
-If you use any DDNS services like NO-IP then you have to manually update the IPv6 address
I recently hosted a test FTP server and tried to use RDP using IPv6 address.
To host service you just need to add a custom service first
-log in to your Jio Router's Web UI
192.168.29.1
Username:- admin
Password:-Jiocentrum (if you didn't change)
-Go to Security tab--->Firewall
-Select IPv6 Firewall rules
-Click on +Add New tab
Rule Type- Inbound
Service- ANY
Action- Allow Always
Schedule- No Schedule
Source IP Address- Any
Destination IP Address- Any
-Save
It takes few seconds
Note:- It will completely turn off the Router level firewall for all ports and to be secure it is advisable to strengthen your PC and all the devices connected to the network firewall setting before doing this settings on your JIO Fiber router. Ex. No unnecessary ports are open on PC's Firewall
Voila!! You have now disabled your IPv6 Firewall on router level
You can use this site Open Port Checker Tools to check your forwarded ports on IPv6.
Now you can access your PC remotely using Remote Desktop Protocol on Windows or you can access your FTP server or you can host a webserver
Now to set this thing securely
-On firewall setting go to Custom Services
-Click on +Add New icon
Name:-(Set it according to you) in my case I will set it as RDP
-Type:- (Depends on you which type of connection you want to establish TCP, UDP or ICMP) In my case I will use UDP because it is best for services like this which contains screen sharing
-Port type:- I will use Multiple ports. Because RDP uses only single port. If you want to open multiple ports in range system then you can choose Port Range.
-Ports :- 3389 (You can enter whatever port you want to open)
If you select Port Range then
Start Port :- (Enter your start port)
End Port :- (Enter you end port)
-Now Save all the settings.
Now go back to IPv6 Firewall rule
-Click on +Add New tab
Rule Type- Inbound
Service- (Select the service you just created -you can find your custom service on last line- In my case I named the service RDP, so I will select that)
Action- Allow Always
Schedule- No Schedule
Source IP Address- Any
Destination IP Address- Any
-Save
Congrats!! you have now successfully forwarded the specific port you want
If you want to use DDNS service like No-IP
Then you have to select AAAA type and have to update your IPv6 address whenever it change.
(Always use the IPv6 address from whatismyipaddress site cause the IP shown in your Windows' network setting tab is not the public IPv6 address, it's kinda NAT-ted by your system, but don't worry you can easily host anything on IPv6 despite you have different IP on system's network setting or shown different on whatsmyipaddress site)
Then you have to install the dependency from No-IP called DUC to access your hosted service using DDNS
*Points to remember
-You can't allot static local IPv6 address to each device because the term local IPv6 doesn't exist as it is made for eliminating NAT.
-IPv6 address will change for every devices once you restart their internet connection.
-By default the lease time of IPv6 address is set for 2 days (There's a setting which we have to change to increase the lease time, I will tell you later because I m exhausted now, If you ask I will reply)
-Only IPv6 users can access your game server or whatever you host on IPv6.
-Keep the Destination IP address and Source IP Address type in Any because your system's IPv6 address change whenever you restart your internet or system
*Drawbacks
-Jio doesn't provide static IPv4 as well as IPv6 address for home users which means your system's IPv6 address will be refreshed whenever you restart your system or once within 7 days
-Most of the local ISPs don't support IPv6 infra cause it doesn't make any value to their business. Like people won't buy static IP addresses from them once they found that they got public IPv6 for each of their home devices.
-If you use any DDNS services like NO-IP then you have to manually update the IPv6 address