What's new

Solved Double NAT Problem — Verizon 5g Home Internet Gateway (LVSKIHP)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

JTnola

Regular Contributor
Is anyone familiar with the “new” Verizon 5g home internet gateway (LVSKIHP)??

They seemed to have gone to great lengths to limit user access on the device’s web GUI. There’s no option to put the device into bridge mode. There’s no pass through. DMZ seems only to bypass certain router functions (maybe the firewall?), but not NAT itself. And though I’ve yet to try my luck with port forwarding, (I’m not well versed enough in that arena and I’m exhausted from trial and error in other areas only to figure out that what limited customization we’re given access to doesn’t end up behaving in ways that comport to our expectations )

Does anyone have a good resource you can point me to that explains the basics of port fwding or provides instructions on port forwarding to resolve double NAT issues?

or does anyone know how to SSH into this gateway who could tell me what I need to do to force the thing into bridge mode?

or other suggestions? (Are there other Verizon 5g mmW modems that allow you to switch to bridge mode? Customer service is useless. Their big suggestion is to google answers to my issues. Or call the sales people if I want to compare modem tech specs. Yikes.)

Apparently, an earlier version of this gateway’s firmware had allowed you to switch to bridge mode. But then they locked that ish down in the latest updates. (?)

I’m in my 30 day free trial period right now. And I’d love to be able to keep this, because it’s blazing fast and plans are cheap (especially if you have a Verizon cell phone too) and right now my rate is locked in for 10 YEARS if I keep it.

thank you!!
 
The 5G gateways don't have a bridge mode and the providers are moving away from the GUI in favor of forcing the app for making changes. Besides this they're also using cgnat or ipv6 and not giving ipv4.

You won't be able to use the sim with your own modem. I tested my TMobile one with my phone using the same apn info of the gateway and it seems they're binding them to the IMEI of the gateways.

SSH isn't an option but, I haven't explored using a console cable for access. There's a 2nd USBC port on the TMobile gateway that seems to possibly be a way into sit but I haven't seen any programming sequence to get it to pick up a signal from the port. Since the updates come from ota there might be some tool that's used to program them or trigger a configuration mode.
 
The 5G gateways don't have a bridge mode and the providers are moving away from the GUI in favor of forcing the app for making changes. Besides this they're also using cgnat or ipv6 and not giving ipv4.

You won't be able to use the sim with your own modem. I tested my TMobile one with my phone using the same apn info of the gateway and it seems they're binding them to the IMEI of the gateways.

SSH isn't an option but, I haven't explored using a console cable for access. There's a 2nd USBC port on the TMobile gateway that seems to possibly be a way into sit but I haven't seen any programming sequence to get it to pick up a signal from the port. Since the updates come from ota there might be some tool that's used to program them or trigger a configuration mode.
This one apparently USED to have a bridge mode. But it was removed in a firmware update.

Allegedly, there’s a PoE port concealed under the outer cover, but I haven’t gotten a strong enough confirmation to dare risk opening it up. Also, I’m haven’t gotten solid confirmation that the gateway will function in “mode #2” (like a bridge — modem only) if connected to PoE.

this is crazy. Especially with so many people working from home and needing various forms of network segregation, I can’t understand how they can be SO INFLEXIBLE.
 
Also, i came across this: https://tifan.net/blog/2021/04/01/enable-bridge-mode-on-verizon-5g-home-router-lv55-lvskisp/

not sure if anyone on here is willing to make sense of it for me

Enable Bridge Mode on Verizon 5G Home Router (model LV55 / LVSKIHP)

Thu 01 April 2021
Just Use IPv6
This is the most simple solution. Log in to the router, use the following code to enable IPv6, and call it a day. Trust me, you don't want to spend more time on it.
WNC.DM.set({
args: {
"Object":"Device.DHCPv6.Server.",
"Operation": "Modify",
"X_WNC_RA_management":"Stateless",
"Enable": 1,
},
success: function s(objs, status) {
console.log("success: ", status, objs)
},
error: function s(objs, status) {
console.log("error: ", status, objs)
},
})

Even if you're still behind NAT, having a public IPv6 address is still much better than nothing. Also, you'll get an extra Wi-Fi hotspot for guests. The built-in Wi-Fi is actually quite good.

Enable DMZ

Unfortunately, IPv4 is still a thing, and pure-IPv6 network doesn't quite work for most people.
Enable DMZ mode and point that to your router. DMZ can be configured directly from the GUI.

Disable Firewall

Use the following code:
WNC.DM.set({
args: {
Object: "Device.Firewall.",
Operation: "Modify",
Config: "Advanced",
},
success: function s(objs, status) {
console.log("success: ", status, objs)
},
error: function s(objs, status) {
console.log("error: ", status, objs)
},
})


Enable Bridge Mode

It is possible to enable bridge mode with some effort. The MTU on cellular network is smaller than 1500, and my test concludes that 1400 is a good number.
Paste the following to inspector console:
$('#restart-modal').data('action', { url: modeswitch_url, msg: "Click YES", data: {mode: "Bridge"}, count: 150000, refresh: false }).modal('show');

Click Yes.
Alternatively, run the following command (replace CSRF Token and Cookie with yours).
curl 'http://192.168.0.1/cgi-bin/luci/verizon/home/changeidumode' \
-H 'Accept: */*' \
-H 'X-CSRF-TOKEN: XXXX' \
-H 'X-Requested-With: XMLHttpRequest' \
-H 'Content-Type: application/x-www-form-urlencoded; charset=UTF-8' \
-H 'Origin: http://192.168.0.1' \
-H 'Referer: http://192.168.0.1/cgi-bin/luci/' \
-H 'Cookie: sysauth=XXXX' \
--data-raw 'mode=Bridge' \
--insecure \
--verbose

The router should then reboot. Wait for a few minutes (it might take a few hours, just wait patiently). Eventually, you'll see an IPv4 address DHCP'ed to you. To access the router's consumer facing GUI, visit http://10.0.0.2.
That should be it!

Enabling Bridge Mode (alternative method)

The router can be powered by PoE. Pry off the bottom cover, remove the 4 screws, and pry off the bottom panel to remove the window mount. Use PoE to power the previously hidden port. Do NOT use the AC adapter.
That's probably the easiest way to enable bridge mode, but it's impossible to mount the router on the window with ethernet cable connected, unless if someone 3D prints a bracket.
The PoE port supports 5GBASE-T, and it's possible to reach to ~3Gbps speed with it.

Dumping TR069 Config Files

To dump TR069 config, use the following code:
WNC.DM.encr_get({
args: {
"Object":"Device.DHCPv4",
},
success: function s(objs, status) {
console.log("success: ", status, objs)
},
error: function s(objs, status) {
console.log("error: ", status, objs)
},
})
 
Last edited:
@JTnola

It comes down to keeping it dumb and not having to support people that deviate from simple. It costs them too much to support other options that prosumers want to use. If they keep it locked down the number of support calls / agents needed stays low because if a power cycle doesn't fix it then that's the end of the call.

I think there's probably some sort of a httpd hack that can be pursued as there's some URL variations on the TM side that give better diagnostic info than the default splash page.

https://192.168.12.1/TMI/v1/gateway?get=all - on TM this gives me more info on the DB levels / cell site / APN and so on. There's another one that lets me reboot it remotely w/o having to pull the USBC cable.
 
I can’t even make my model’s admin web GUI connect over httpS. (And I mean, as just an option — I’m not even talking about restricting the admin web GUI to https!) So you’re ahead of the game !

please give a shout if you come across anything useful about any of this. I’ll come back to update the post if I come across anything myself.

Thanks!!
 
I FOUND (by endless comments scrolling on a different site) A WORKABLE SOLUTION TO THE “LVSKIHP ——> PUT IN BRIDGE MODE” PROBLEM. And it works. I’ve had the The gateway in bridge mode for days — works great, double NAT solved, no need for fancy, under the hood software alterations or DIY hardware re-tooling. …

connect over BLUETOOTH. (You get the Passcode from the Gateway’s BLE log on the admin WEBUI — the passcode will show in your BLE log after you try a few failed, Aka Blank, attempts to connect by Bluetooth)

Note that after you complete the process, the new admin WEBUI private IP is 10.0.0.2 (accessible over WAN Interface — Not when you are using a VPN interface)

see screenshots from instructions from forum comments









 

Attachments

  • 56D31D1B-15CF-47E0-9CDD-C327507EF5F6.jpeg
    56D31D1B-15CF-47E0-9CDD-C327507EF5F6.jpeg
    89.1 KB · Views: 358
  • 304AF907-88B4-48F6-97BC-3914568936E8.jpeg
    304AF907-88B4-48F6-97BC-3914568936E8.jpeg
    80.3 KB · Views: 361
  • 2C559D99-404F-446F-B35F-D13C0657AAC3.jpeg
    2C559D99-404F-446F-B35F-D13C0657AAC3.jpeg
    81.1 KB · Views: 355
Hmm... There is a Bluetooth option for the TMobile gateway and this is insightful for hacking it as well. However I don't get logs off the device as is. I didn't bother scanning it with BT though figuring it wouldn't lead to anything eventful.
 
I know this thread is about 7 months old, but I've been dealing with this same problem since April and finally got around to trying to fix it today and so I wanted to share my fix.

I found it via Verizon's website and essentially all you need to do is go to the router's IP address, sign in, go to "Nat Forwarding", select your Router and turn on "DMZ" after that retest your nat and it should appear open.

You can also disable the WiFi Verizon's site as well, so you only see your 3rd party router.

 
I know this thread is about 7 months old, but I've been dealing with this same problem since April and finally got around to trying to fix it today and so I wanted to share my fix.

I found it via Verizon's website and essentially all you need to do is go to the router's IP address, sign in, go to "Nat Forwarding", select your Router and turn on "DMZ" after that retest your nat and it should appear open.

You can also disable the WiFi Verizon's site as well, so you only see your 3rd party router.

Thank you.

(I’m not sure which VZW device you’re referencing.)

Just the same, VZW recently pushed new firmware for the LVSKIHP 5g Home Internet Gateway, which restored the “bridge mode” option in the GUI — no fancy work-around required. Thank you!
 
Similar threads
Thread starter Title Forum Replies Date
H Any way around double NAT? Other LAN and WAN 15

Similar threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top