WAN IP from E3372S in HiLink mode - Help needed for a script on RT-AC68U

[WillyTP]

Hello everybody!

I've found a way to get public WAN IP from E3372s 4G dongle in HiLink mode,
however I need help from someone more skilled than me in order to make everything's working

As we know, using E3372S in modem mode on RT-AC68U allows us to skip NAT troubles and to get public WAN IP; however, at least in my tests, it only connects in legacy mode / PPP (NCM-NDIS doesn't work) and, other than being slower in theory, seemes to be slower for real.

In HiLink mode everything runs smoother, however it gets problematic to obtain WAN IP due to the dual NAT.

Let's go to the point: I've an RT-AC68U (latest Merlin FW) connected to the Internet through a Huawei E33372 in HiLink mode, modded firmware E3372s-153_Update_22.300.09.00.00_M_AT_05.10 which allows me to telnet into it.

In the following mode, I'm able to get my public IP:

WillyTP@RT-AC68U-WMPP:/tmp/home/root# telnet 192.168.8.1

Entering character mode
Escape character is '^]'.


# busybox telnet telnetmyip.com
telnet: bad address 'telnetmyip.com'
# busybox telnet 18.217.148.211
{


"comment": "##     Your IP Address is 5.170.244.61 (63538)     ##",


"family": "ipv4",
"ip": "5.170.244.61",
"port": "63538",
"protocol": "telnet",
"version": "v1.2.0",
"website": "https://github.com/packetsar/checkmyip"
}
Connection closed by foreign host

What I'm doing:

1. SSH to my RT-AC68U router (192.168.1.1)
2. telnet to E3372s dongle (192.168.8.1)
3. from there, with "busybox telnet 18.217.148.211" command (18.217.148.211 is the ip of telnetmyip.com) I get my WAN IP (now, my dynamic WAN IP is 5.170.244.61).

What I want to do at the end, it to make an automated script, to be run on RT-AC68U, in order to get WAN IP and update a DDNS client.

Any hint?

Thanks everyone for helping!

 

[ColinTaylor]

It's not apparent to me why you need to telnet into the E3372 to get your WAN IP address. Why can't you go to telnetmyip.com or whatismyip.com on the router?

https://github.com/RMerl/asuswrt-merlin/wiki/Custom-DDNS#using-a-ddns-with-double-nat
https://github.com/RMerl/asuswrt-merlin/wiki/DDNS-Sample-Scripts

 

[WillyTP]

It's not apparent to me why you need to telnet into the E3372 to get your WAN IP address. Why can't you go to telnetmyip.com or whatismyip.com on the router?

https://github.com/RMerl/asuswrt-merlin/wiki/Custom-DDNS#using-a-ddns-with-double-nat
https://github.com/RMerl/asuswrt-merlin/wiki/DDNS-Sample-Scripts

Hi @ColinTaylor
Such script doesn't work for me, since I've set RT-AC68U to connect on startup as a VPN client.
Hence, the script returns me the VPN IP, not the WAN IP.

Is there any workaround?

Thank you!

 

[ColinTaylor]

OK. Maybe there's a way around it. Perhaps you could explain a bit more about what you're trying to achieve.

If your router is setup to route ALL traffic through its VPN client connection there would seem to be no point in setting up a DDNS with its real IP address because it could never be used for anything. What am I missing here?

 

[WillyTP]

My final achievement is the following:
I want to be able to connect to my home network from "outside" .

Little sum up:
RT-AC68U connected via Hilink on e3372s, VPN client running on router in order to guarantee my privacy while browsing and so on (using nordvpn)

Away from home, I want to connect to my home network. On RT-AC68U, I'll be running an OpenVPN *server* to which I want to connect in order to access my files and so on from remote.

Thanks for helping!

 

[ColinTaylor]

I don't use the VPN client so I might be wrong here, but have a look at the second picture in this post:

https://www.snbforums.com/threads/a...t-to-openvpn-nordvpn.47920/page-2#post-422429

At the bottom there are two policy rules. One redirects all LAN traffic through the VPN. The second is an exception for the router itself so that it can update DDNS, synchronise its clock with NTP, etc.

This person was attempting the same thing as you, also with NordVPN. Although he was having issues it did appear to be updating his DDNS correctly. Would this work for you? It would be a lot simpler than writing scripts.

 

[WillyTP]

Hi again @ColinTaylor
I made some experiments, with the following configuration under VPN Client, DDNS updater script works:

Redirect Internet traffic: Policy Rules
Descrizione    Source IP    Destination IP    Iface
DDNS Updater    192.168.5.1    67.215.92.215    WAN
All Traffic    192.168.5.0/24    0.0.0.0    VPN

Obiouvsly 192.168.5.0 is my home network, while 67.215.92.215 is the IP of DNS-o-Matic.

However, nevertheless now I've the public IP at my disposal,
I cannot do anything, probably due a CGNAT run by my mobile operator.

Mission failed.