Monday, August 5, 2013

Using static IP's on Verizon 4G

First a little background info on IP addresses and cellular data service. 3G data connections use publicly accessible valid internet IP addresses. While this is nice if you want remote access to a device it does needlessly use up increasingly valuable IPv4 addresses. When carriers rolled out their next generation 4G service they switched to using private 10.x.x.x networks and NATed the traffic out to the internet somewhere within their network. It is possible to get publicly accessible static IP's from Verizon but they don't make the process very easy.

Requesting static IP's

I am using Verizon 4G service with Cradlepoint routers as a backup internet connection at my remote offices. I wanted to use static IP addresses so I could get access to these offices if the primary internet connection went down. We have a Verizon business sales rep and he was the person that handled our static IP request. Verizon charges a one time $500 dollar fee to add static IP's to your account. First step was to authorize the one time $500 charge. My accounting department handled that and then my Verizon sales rep sent the request somewhere deep into the bowels of the Verizon bureaucracy. A month later we were approved. Next someone from Verizon called to ask what 'sub-group' or 'level' we wanted these static IP's to be attached to. It took a while on the phone to figure out what exactly they were asking. Turns out we have our Verizon devices setup in two different groups. One group is devices with phone and data service and the other group is data only (things like iPads, hotspots or Cradlepoints). So we applied the static IP's to our data only group of devices. From the conversation I had on the phone with this Verizon person my understanding is that we would need to pay $500 bucks for each group of devices.

Assigning static IP's to 4G devices

It would be really nice if there was some sort of website to assign static IP's to devices but sadly there is not. The process for attaching a static IP to a certain device is to e-mail your Verizon business sales rep the device IMEI and/or the phone number assigned to the device. The sales rep then handles assigning the static IP and will e-mail back the static IP address once one has been assigned to the device.

Configuring 4G devices to use static IP's

This is where information got really nebulous. I asked my Verizon sales rep if I needed to do any configuration to my Cradlepoint router for the static IP. He said "nope, it should just work". Well that is definitely not the case. To be able to use static IP's you must change a setting for something called the APN. The APN is used to identify what network the device should attach to. The ability to change the APN of a device varies depending on the carrier. My AT&T iPhone does not present any options to change that setting but this Apple knowledge base document shows the option does exist. On Cradlepoint routers this option is easily accessible because it is a somewhat common thing to modify on those devices. The APN menu location on Cradlepoints depends on the device but it is usually under either modem settings or the Connection Manager.
Now what should the APN be set to for Verizon devices? Well this took a bit of searching. I found a few blog posts that said it should be set to "mw01.vzwstatic". I tried this and the modem kept dropping it's connection with an error saying carrier rejected. So after more searching I found this list of Verizon APN's:

1. ne01.vzwstatic (NorthEast)
2. nw01.vzwstatic (NorthWest)
3. so01.vzwstatic (South)
4. mw01.vzwstatic (MidWest)
5. we01.vzwstatic (West)

The correct APN depends on where you are in the country. I did not find any more specific information than this and since Texas spans a few different regions I wasn't exactly sure which one I should use. I took a guess at so01.vzwstatic and it turned out to be the correct one. After setting this option the Cradlepoint 4G modem cap restarted and it grabbed the correct static IP from Verizon. Success!


If you switch back to dynamic IP's you should use the APN "vzwinternet" or use the default setting for the device. I found once my device was assigned static IP service and I restarted the modem I could not use vzwinternet. Seems like the APN has to match whatever Verizon has assigned on their backend or they will reject the device.


11 comments:

  1. Matt, what is your thoughts about some test showing Verizon 4G LTE static IP's being MUCH slower the 4G LTE with a dynamic IP?

    ReplyDelete
    Replies
    1. Robert, Interesting... I haven't done any before and after performance testing when switching over to static IP's. I wonder if Verizon is doing something different with the static ip traffic that is causing additional latency. If I get an opportunity I will do some testing and write up a blog post.

      Delete
  2. So if you want a static ip address assigned to your 4g phone would they let you do that? Or is this option only reserved for the 4g modems?

    ReplyDelete
    Replies
    1. The only thing that would prevent you from using a static ip with a 4g phone would be access to the APN settings menu. Verizon doesn't seem to care what the device is. I just send my Verizon rep the IMEI number of the device and they assign it a static ip.

      Delete
  3. Thanks for this! On firmware 5.3 you need to go to Internet | Connection Manager, highlight the connection | click Edit button | click SIM/APN/Auth Settings then click Default overide button and type in the APN. on 5.2 you had to select the manual button.

    another tip is to make sure your 4G antennas are attached too... i've made the mistake of unboxing before and not attaching and kept getting no carrier errors.

    ReplyDelete
  4. Another thing, be sure to have IMS enabled

    ReplyDelete
  5. I think this is super old, but does anyone know if Verizon will assign you multiple static IPs for one device? For example, could I have a block of 5 IPs that I can assign to one IP to the WAN interface of the cradlepoint router and us other IPs in the block to do port forwarding? I need to be able to host multiple servers on the same port (443 for example) from the Verizon WAN connection.

    ReplyDelete
  6. Hey Mike.
    I am searching for the same answer... Did you have any luck?
    Thanks
    Trent

    ReplyDelete
  7. For fair access policies VZ only allow a single static IP for business accounts. Additionally are migrating to making static IP special use. IPv4 addresses are becoming scarce. Internal policy was that IP addresses were assigned on first come first serve basis. I believe this is changing nationally.

    Devices like the CradlePoint support IPSEC tunnels. So getting your static IP addresses from us may not be your best move. If you move to a different region of the country you will have to readdresses your network.

    A better move would be to have a tunnel from your CradlePoint to a VPN or hosting provider who can give you all the static IP addresses you need. With a little bit of technical know how, you can get all of the static IP addresses you need, as the tunnel would be transparent.

    Running high volume services like a mail server, public web server etc maybe a ToS violation depending on your contract. You may want to check on this.

    -- some vz person

    ReplyDelete
  8. Hi, I was hoping you could help. I have a CBA750B with a U620L, the 620 has a sim with static IP. It works fine in my PC, but the cradlepoint wont connect to the verizon network. I've tried setting the APN which is so01.vzstatic. I always get a carrier reject message. One thing I have noticed is when I insert it back into the PC, after trying to configure it in the cradlepoint the U620L goes from automatic connect to manual. I'm not sure what I'm missing

    ReplyDelete
  9. I've been looking into a similar solution as an emergency backup for our new office in central PA. This was very helpful, so thank you for posting and thanks to everyone else for their comments!

    ReplyDelete

Please note all comments are moderated by me before they appear on the site. It may take a day or so for me to get to them. Thanks for your feedback.