Help with connection settings for mobile broadband modem (Huawei B618)

Discussion in 'Networking & Security' started by shadowlord, Jan 8, 2019.

  1. shadowlord

    shadowlord 2[H]4U

    Messages:
    2,892
    Joined:
    Jan 6, 2005
    I kindly like to ask for some help with my mobile broadband modem setttings.

    Here is what i like to do:
    Use a mobile broadband modem (Huawei B618s-22d) connected to a energymonitoring datalogger to remote access the datalogger.
    The datalogger is connected via lan cable to the modem. For the modem i bought a SIM card with fixxed IP address(100.117....)

    Unfortunately i only have basic network skills.

    I set the datalogger to a IP address within the modems range. 192.168.....
    I can connect to the datalogger when i connect my device to the second lan port on the modem, but i cant access it from outside this network. I tried it with the fixxed SIM card IP and the with dataloggers IP address.

    Any idea how to setup the huawei modem to enable access to the datalogger from the outside ?

    Best regards
    Chris
     
  2. Cmustang87

    Cmustang87 [H]ardness Supreme

    Messages:
    4,351
    Joined:
    Oct 4, 2007
    100.64.0.0/ is CGNAT which encompasses your 100.117.x.x subnet on your 4G LTE modem. CGNAT is dedicated private IP address space assigned to carriers only. Think 192.168.0.0/16, 10.0.0.0/8 and 172.16.0.0/12 but for carriers only. Your real public IP address is shared amongst your carrier's customers. Because of this, you cannot port forward or host any public services on your own equipment. You either need a static IP address, request your carrier to get you off CGNAT, or you'd need some kind of outside VPN service your datalogger connects to and you access it via that same VPN from an outside device.

    Essentially by default, when you are on CGNAT you are already double-NAT'd.

    https://kb.netgear.com/30186/What-is-Double-NAT

    https://en.wikipedia.org/wiki/Carrier-grade_NAT

    https://tools.ietf.org/html/rfc6598

    https://tools.ietf.org/html/rfc6264
     
  3. Haven

    Haven I Only Post Important Stuff

    Messages:
    6,050
    Joined:
    Oct 11, 2002
    After doing some searching on this device, you need to setup either the DMZ or Virtual Server. This will allow you to connect to the device inside the network, if your ISP allows this type of thing.