3G Routers are typically wireless access points with built in firewall and virtual server capability that take a SIM card and operate on high-speed 3G mobile networks. They can be used in a variety of scenarios to fulfil a number of different roles:
When used as an Internet router, the device connects to the 3G mobile network and shares its connection to devices sat 'behind' it, either via Ethernet or WiFi, or both. Acting as a DHCP server, clients can be granted access automatically, and a level of security can be added by restricting access to known network adapter MAC addresses as well as using WEP and WPA wireless encryption standards.
It is when these devices are used for inbound access that the devices become more 'interesting' from a geek perspective, and where a little extra knowledge is required about the type of mobile service required to enable this functionality.
When assigned a public IP address, connected 3G Routers can be accessed from any other machine on the Internet. Using their port-forwarding capabilities, multiple devices sat behind the 3G Router can be accessed on an individual application port without the need for multiple public IP addresses. This could be useful for a remote site where one or many device(s) has/have been deployed that need(s) to be monitored on a regular basis to retrieve sensor readings, for example.
Most 3G Routers also feature VPN functionality to provide site-to-site connectivity and add a layer of security to data sent across the Internet.
It is important to understand that in order for this remote connectivity to be possible, the SIM card in the 3G router must be assigned a public IP address. By default, when connecting to the Internet APN offered by the mobile operator, devices will be assigned a private IP address and a process known as NAT (Network Address Translation) occurs at the Internet gateway node. I have looked at this process in more detail in my article on Virtual Private Networks - http://ukblog.im-mobility.com/what-do-you-need-your-mobile-operator-set-... [1]
This means that while connections to the Internet are possible if initiated by the mobile device, it is not possible to establish an unsolicited connection to that mobile device from another node on the Internet because it does not have an address on the Internet.
There are two principle ways of obtaining a public IP address. As we saw in my article on establishing a VPN from a mobile device, most network operators provide an APN for corporate users that assigns devices public IP addresses. There is no cost to use this service, but it does have to be requested specifically from customer services in some cases.
The one issue with this approach is that whilst the address assigned to you is public, and therefore accessible across the Internet, the address assigned to you will be one of a range addresses and therefore not always the same. This is not practical if you need to connect to a specific device on a specific address at any given moment.
Most 3G Routers therefore support a service called Dynamic DNS, or DynDNS (http://www.dyndns.com [2]).
DNS is the Domain Name Service: the system that maps 'friendly names' such as www.bbc.co.uk [3] to their corresponding IP address understandable by PCs and routers (212.58.251.195 in the case of www.bbc.co.uk [3]). Normally these records are static and only change very infrequently. What Dynamic DNS does is to offer a similar service, but to addresses that are constantly changing.
A user would register for a free DynDNS account and will be assigned a unique 'friendly name' of 'myaccount.dyndns.com'. A piece of software on the 3G Router connects to the DynDNS service each time the device connects to the Internet and sends details about its IP address. Therefore, regardless of what address you have ben assigned, all you need to know in order to connect to the device across the Internet, is the friendly name of 'myaccount.dyndns.com'.
Should you require a permanent single IP address, another option is to purchase an address from a service provider such as WirelessLogic (http://www.wirelesslogic.co.uk [4]). This service allows you possess a dedicated, real-world IP address on your Orange, Vodafone or O2 SIM for a flat monthly rate on top of your existing operator tariff. You can use your SIM to connect to the operator's own Internet APN for regular usage, or you can connect to WirelessLogic's own APN and be assigned the public IP address assigned to your SIM card by that APN. Very clever stuff.
Port Forwarding
Port Forwarding is the feature supported by all 3G Routers offered by Brightpoint that allows you to access multiple devices behind the router using the same single public IP address.
Rules can be configured on the router to forward requests on specific ports to specific 'internal' address on the local network behind the router.
Therefore, if you are assigned a public IP address of 62.189.60.254 you might access a web server behind the router by typing in http://62.189.60.254 [5] in your web browser. This would require a rule on the router to forward incoming requests on port 80 (HTTP) to the internal address of the web server.
To access the Windows-based web server itself sat behind the router via Microsoft's Remote Desktop protocol, you would type 62.189.60.254 in the remote desktop client. This would require a rule on the router to forward requests on port 3389 to the same server.
This principle can be extended to any number of hosts and ports as required, be it VNC (5900), SSH (22), FTP (21), HTTPS (443), etc etc etc.
For more details on the range of 3G routers offered by Brightpoint, visit the
sections of the blog.
If you're interested in a low-cost VPN solution for mobile or temporary sites, then OpenVPN (http://ukblog.im-mobility.com/openvpn [10]) or an SSH-based solution (http://ukblog.im-mobility.com/deploying-ssh-based-vpn-solution [11]) may be suitable.
Contact Brightpoint's expert sales team today on 0870 849 0225 if you're interested in learning more on anything you have read here, or use the CONTACT FORM [12] to request a callback.
Links:
[1] http://ukblog.im-mobility.com/what-do-you-need-your-mobile-operator-set-vpn-connection
[2] http://www.dyndns.com
[3] http://www.bbc.co.uk
[4] http://www.wirelesslogic.co.uk
[5] http://62.189.60.254
[6] http://ukblog.im-mobility.com/option
[7] http://ukblog.im-mobility.com/digi
[8] http://ukblog.im-mobility.com/huawei
[9] http://ukblog.im-mobility.com/novatel
[10] http://ukblog.im-mobility.com/openvpn
[11] http://ukblog.im-mobility.com/deploying-ssh-based-vpn-solution
[12] http://ukblog.im-mobility.com/contact-form
[13] http://ukblog.im-mobility.com/category/blog/3g-router
[14] http://ukblog.im-mobility.com/category/blog/digi
[15] http://ukblog.im-mobility.com/category/blog/digicom
[16] http://ukblog.im-mobility.com/category/blog/huawei
[17] http://ukblog.im-mobility.com/category/blog/option
[18] http://ukblog.im-mobility.com/category/blog/sarian