|
||||||||
Network with open ports for remote device access |
 |
|
|
Thread Tools | Search this Thread |
29-02-2016, 20:30
|
#1 |
|
Forum Member
Join Date: Mar 2012
Posts: 148
|
Network with open ports for remote device access
Hopefully somebody can help me with an issue i am having with EE datasim.
I have a remote building with a CCTV network video recorder which i would like to access remotely. The recorder is connected to a TP-Link router with a 4G sim slot. This is a desktop router not a mifi device. I can connect wirelessly and surf the internet no problems. The issues arise when i try to connect to the recorder via the ports 554,80 and 8000 over the internet. It would appear despite port forwarding setup, the network is blocking the ports. canyouseeme.org confirms i have no access to these ports. Do all mobile operators block ports or some allow more access than others? |
|
|
|
Please sign in or register to remove this advertisement.
|
|
29-02-2016, 20:38
|
#2 |
|
Forum Member
Join Date: Mar 2000
Location: This forum
Posts: 3,392
|
Quote:
Do all mobile operators block ports or some allow more access than others?
You can try a Three data SIM as they used to have public addresses. Alternatively you may need to pay a bit more and ask EE, Vodafone or O2 for a non-NAT service. |
|
|
|
|
29-02-2016, 20:40
|
#3 |
|
Forum Member
Join Date: Mar 2009
Posts: 14,577
|
Do you actually have your own IP or is it just part of a NAT pool, that's probably the problem. On a business connection you can usually buy a public IP and then you could use some form of DynDNS to make sure you've got a hostname which is updated when the IP changes (assuming you can't get static).
|
|
|
|
|
29-02-2016, 20:43
|
#4 |
|
Forum Member
Join Date: Oct 2004
Posts: 14,645
|
Quote:
The networks aren't blocking, they're sharing their public IP addresses with all the users (known as Carrier grade NAT). You can see that the IP address assigned to your device is not the same as that given if you visit a website that shows the IP you are connecting from.
You can try a Three data SIM as they used to have public addresses. Alternatively you may need to pay a bit more and ask EE, Vodafone or O2 for a non-NAT service. |
|
|
|
|
29-02-2016, 21:51
|
#5 |
|
Forum Member
Join Date: Mar 2012
Posts: 148
|
Thanks for the replys guys. Looks like testing out a three sim then! I will post back results.
|
|
|
|
|
02-03-2016, 12:38
|
#6 |
|
Forum Member
Join Date: Mar 2014
Posts: 118
|
When I was on Orange I used the APN "internetvpn" which assigned public IP addresses. No idea whether it's still available or not.
|
|
|
|
|
03-03-2016, 08:08
|
#7 |
|
Forum Member
Join Date: May 2011
Posts: 475
|
We had the same issue with EE SIMs. I can confirm that all the 3UK MBB SIMs we use work as you want (we are using them for CCTV too).
The key to watch out for is carrier grade NAT (CGNAT), this cannot provide full inbound ports and usually doesn't provide any. M2M SIMs are what you require on EE, though I've not been able to get access to these to test (we're reseller EE corp rather than direct and no one seems to know anything about them at my reseller). |
|
|
|
|
03-03-2016, 19:38
|
#8 |
|
Forum Member
Join Date: Mar 2015
Posts: 74
|
There is of course a flip side to this conversation. If you're on Three, your device(s) are open to more risks than on other networks.
|
|
|
|
|
03-03-2016, 19:41
|
#9 |
|
Forum Member
Join Date: Oct 2004
Posts: 14,645
|
Quote:
There is of course a flip side to this conversation. If you're on Three, your device(s) are open to more risks than on other networks.
|
|
|
|
|
03-03-2016, 19:41
|
#10 |
|
Forum Member
Join Date: Mar 2009
Posts: 14,577
|
Quote:
There is of course a flip side to this conversation. If you're on Three, your device(s) are open to more risks than on other networks.
Only 1 APN gives you a public IP and that is designed for and issued only to mobile broadband customers, just like home broadband of which all providers give public IP's. All of the mobile broadband mifi's would NAT to a private IP on those devices and have port forwarding and other security options on the device's web UI, just like any other router. There may be an argument with USB dongles but the Windows firewall shouldn't allow unsolicited packets from the internet and will recognise the dongle as being a 'public network' not part of a LAN. |
|
|
|
|
03-03-2016, 20:51
|
#11 |
|
Forum Member
Join Date: Mar 2000
Location: This forum
Posts: 3,392
|
Quote:
There may be an argument with USB dongles but the Windows firewall shouldn't allow unsolicited packets from the internet and will recognise the dongle as being a 'public network' not part of a LAN.
Most ISPs will be wanting to issue CGNAT in the next few years for IPv4 anyway, and I've not yet seen any mobile ISP provide IPv6 yet. |
|
|
|
|
03-03-2016, 21:04
|
#12 |
|
Forum Member
Join Date: Mar 2009
Posts: 14,577
|
Quote:
Tablets are the interesting edge case, anyone know if Android or iOS tablets have firewalls?
Most ISPs will be wanting to issue CGNAT in the next few years for IPv4 anyway, and I've not yet seen any mobile ISP provide IPv6 yet. I don't think any form of iptables or anything runs on Android by default but surely it is very uncommon to have services running and listening on ports on Android. I'm not that knowledgable on the Android OS, but I'm sure somebody will know. I guess the messenger and VOIP apps listen, but usually they open the connection themselves as the client, not the server. |
|
|
|
|
03-03-2016, 22:46
|
#13 |
|
Forum Member
Join Date: Oct 2004
Posts: 14,645
|
Quote:
Most ISPs will be wanting to issue CGNAT in the next few years for IPv4 anyway, and I've not yet seen any mobile ISP provide IPv6 yet.
(their wired ISPs are also better than ours at IPv6 rollout too - it's only in the last half of 2015 that our big ISPs have suddenly realised they should look into it) |
|
|
|
|
|
All times are GMT. The time now is 05:56.