Unable to reach TCP server externally (from internet)
Fellow iot enthusiasts,
I’m trying to set up a tcp server on my embedded device so that I can connect to it from the internet. My setup consists a HL7800 modem (running zephyr) and a starterkit configured as “Via the public internet”.
it seems like everything works well, it fetches an ip-address through DHCP (10.207.152.99) and I’m able to connect to 188.8.131.52:53 without any problems. When configuring the modem as a TCP server however it seems like i’m blocked by a firewall or something.
I tested the TCP server by letting the modem connect to itself, which works perfect, but I’m not able to reach my device from the internet.
Anyone who can help me out with this?
@Reinier-Hasper are you very sure you are using the APN m2m.public.nl?
If I look at your IP address it really looks like you are using one of the other APNs.
Based on the logs I’m quite sure we’re using the right aan:
[00:00:10.720,367] <dbg> modem_hl7800: on_cmd_atcmdinfo_ipaddr: IP info: 1,5,"m2m.public.nl.mnc040.mcc901.gprs",10.207.80.32.255.255.255.192,10.207.80.1,10, [00:00:10.742,797] <dbg> modem_hl7800: on_cmd_atcmdinfo_ipaddr: IPv6 DNS addr: 2a01:598:7ff:0:10:74:210:210
I am not sure, but I think a lot (if not all) provider use some kind of corporate NAT. That means 10.207.152.99 is not an IP reachable from the Internet.
In my experience APN m2m.public.nl allows the modem to reach a server on the Internet, but not the other way round.
Can you ping 10.207.152.99 from the Internet?
As a test you could try to make a TCP connection (as client) from your modem to a TCP sever on the Internet and then check the client IP address in the log of the TCP server. If it is different from the above IP address then you know your provider is using a corporate NAT.
hi @Reinier-Hasper , generally speaking, you cannot be reached from the internet even with the public apn. That is how basically all mobile carriers work, you are effectively behind a private network and thus cannot be reached from the external world.
Hope this clarifies,
@MarcoPeli So there is no way this can be done? only with lets say reverse tcp?
@Reinier-Hasper yes exactly, your device under mobile connectivity can open a tcp socket with the remote server and have a bidirectional channel in this way, but not viceversa