Port forwarding via 3G problem
Hello Experts,
#########################
The system includes
Server
IP: 10.99.200.97
OS: Win2012R2
3G router (VPN SIM Card)
Interface ppp0 IP: 10.1.0.1
Interface usb0 IP: 192.168.1.1
OS: ARM Linux
Client PC
LAN IP: 192.168.1.100
#########################
3 of them connect by
Server <---> 3G router <----> PC Client
#########################
The 3G Router is basic linux with nothing but iptables command. I tried several command option but did not work so far.
Such as,
/mnt/nand1-1/ap/iptables -t nat -A PREROUTING -p tcp -i ppp0 --dport 21 -j DNAT --to-destination 10.0.0.100:21
PS. PC client can Ping 3g Router IP: 10.1.0.1 but cannot Ping 10.99.200.97
Will you have any ideas?
Thank you.
#########################
The system includes
Server
IP: 10.99.200.97
OS: Win2012R2
3G router (VPN SIM Card)
Interface ppp0 IP: 10.1.0.1
Interface usb0 IP: 192.168.1.1
OS: ARM Linux
Client PC
LAN IP: 192.168.1.100
#########################
3 of them connect by
Server <---> 3G router <----> PC Client
#########################
The 3G Router is basic linux with nothing but iptables command. I tried several command option but did not work so far.
Such as,
/mnt/nand1-1/ap/iptables -t nat -A PREROUTING -p tcp -i ppp0 --dport 21 -j DNAT --to-destination 10.0.0.100:21
PS. PC client can Ping 3g Router IP: 10.1.0.1 but cannot Ping 10.99.200.97
Will you have any ideas?
Thank you.
ASKER
I agreed. Is it possible to NAT from LAN IP to WAN (ppp0).
At least 3G router can ping the server.
At least 3G router can ping the server.
mmmmmm
let me see
there is something missing in your description
Are you sure the 3g router can ping the server and not something else?
try some traceroute from:
pc client to server
3g router to server
server to pc client
server to 3g router
Does your server know the route for your pc lan ip ?
let me see
there is something missing in your description
Are you sure the 3g router can ping the server and not something else?
try some traceroute from:
pc client to server
3g router to server
server to pc client
server to 3g router
Does your server know the route for your pc lan ip ?
You need to get a 3G sim that has a real public IP address, or you're never going to be able to sort out inwards access. Most SIMs use a carrier-NAT service that you have no access to so can't map across.
ASKER
Hello David,
I cannot test tracert right now but I can answer your question by trying to ping before
Server ping 3G router success
3G router ping PC client success
Server ping PC client success
PC client ping 3G router success
3G router ping server success
PC client ping server Failed
Thisvshould be some config to make PC client reaches server.
I cannot test tracert right now but I can answer your question by trying to ping before
Server ping 3G router success
3G router ping PC client success
Server ping PC client success
PC client ping 3G router success
3G router ping server success
PC client ping server Failed
Thisvshould be some config to make PC client reaches server.
ASKER
Additionally server's IP and PC client's IP are static. 3G's IP is dynamic.
ASKER
Let me correct some point.
Server ping PC client is not tested but I success forward port 88 so server can see port 88 on PC client by 10.1.0.1:88 (forward using iptables)
Thanks
Server ping PC client is not tested but I success forward port 88 so server can see port 88 on PC client by 10.1.0.1:88 (forward using iptables)
Thanks
Interface ppp0 IP: 10.1.0.1 <=== it's private ip that means you can't see it from outside.
there is something you are not explaining there. is there a vpn between that 3g router and a router on server site?
there is something you are not explaining there. is there a vpn between that 3g router and a router on server site?
ASKER
Yes it is VPN making for my project. Not a conventional 3G SIM card
try a traceroute from pc client to server and server to pc client.
Server ping PC client is not tested but I success forward port 88 so server can see port 88 on PC client by 10.1.0.1:88 (forward using iptables) <=== did you test the port forwarding from your server side?
Server ping PC client is not tested but I success forward port 88 so server can see port 88 on PC client by 10.1.0.1:88 (forward using iptables) <=== did you test the port forwarding from your server side?
ASKER
I didn't test port forward at server side. I have no idea on how to do it. I will try tracert tomorrow. Will go to bed now :) see you soon and thanks a lot for discussion.
Cheers
Cheers
@trazadone: this looks like your previous question https://www.experts-exchange.com/questions/29021081/Allow-offline-access-point-to-have-internet.html
Having an external-facing network interface with a dynamic local IP address is completely normal, as I (hope I) explained in that Q.
You are still welcome to my scripts to implement this, just say if you would like me to post them.
Having an external-facing network interface with a dynamic local IP address is completely normal, as I (hope I) explained in that Q.
You are still welcome to my scripts to implement this, just say if you would like me to post them.
ASKER
Hello Duncan,
This is slightly different from my previous question. Regarding this question I need to FTP files from my laptop to server via port 21. Appreciate if you can share your script.
Thanks
This is slightly different from my previous question. Regarding this question I need to FTP files from my laptop to server via port 21. Appreciate if you can share your script.
Thanks
Server ping 3G router success
3G router ping PC client success
Server ping PC client success
PC client ping 3G router success
3G router ping server success
PC client ping server Failed
is it possible for you to disable the firewall on pc client and server to test if it's not a firewall issue.
Can you try pinging the router on server side from pc client and 3g router as well ?
3G router ping PC client success
Server ping PC client success
PC client ping 3G router success
3G router ping server success
PC client ping server Failed
is it possible for you to disable the firewall on pc client and server to test if it's not a firewall issue.
Can you try pinging the router on server side from pc client and 3g router as well ?
ASKER
Firewall is disabled on both PC and Server
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks Duncan. Let me try.
ASKER
Hello,
Sorry for the delay. I have just had chance to work on this embedded system again. I will keep you update.
Sorry for the delay. I have just had chance to work on this embedded system again. I will keep you update.
The EE neglected question mechanism has kicked in.
There should be enough here for the Author to get the network going. Otherwise he can ask a new Q
There should be enough here for the Author to get the network going. Otherwise he can ask a new Q
that's normal, you aren't getting public ip from your 3g access.
so you can't port forward :)
Usually 3g provider give private ip to the router which has the SIM card. and they do nat .