Go Down

Topic: Yun access from other networks (Read 2379 times) previous topic - next topic

Hi there.
Please somebody help me. I m trying to connect with my arduino yun via my mobile 4g internet connection but nothing happens.
The connection between my arduino and any other device in the same home network works perfectly
The sketch that i m trying is the "Bridge"

So when i m on the same home network i give orders to my yun like
192.168.1.70/arduino/digital/13/1 or /0 and the led on pin 13 works.

When i m trying access from my mobile while first i have configured a port forwarding for ex. 5555 giving the order 192.168.1.70:5555/arduino/digital/13/1 nothing happens

I have followed all the procedure "port forwarding" for my router.

My router is the Technicolor TD5136v2

I configure a port forwading step by step as this guide in the link below describes.
(https://support.zen.co.uk/kb/Knowledgebase/Broadband-Technicolor-TG-582-Configure-Port-Forwarding)

I have tried many differents ports like 5555, 80,24

i also have tried to turn off my windows firewall when i make the test but nothing again..

Pleaseeeeee somebody help me !!!!

i dont like to use any external service like dyndns etc...
 

ShapeShifter

When i m trying access from my mobile while first i have configured a port forwarding for ex. 5555 giving the order 192.168.1.70:5555/arduino/digital/13/1 nothing happens
You are still using your Yun's private address: any address that starts with 192.168... is a private address and will not / can not be routed over the Internet.

When trying to access your networked devices from the Internet, you need to use your home network's public address (the address assigned to your router's WAN port.) Then, you set up the router to forward incoming connections on a specific port to a specific computer on your local network.

Odds are that you set up the port forward so that incoming connections on port 5555 are routed to 192.168.1.170. In that case, all you need to do to access it from the public Internet is to use your public address instead of 192.168.1.170.

Keep in mind that there are some risks/limitations with this technique:
  • The Yun's address can change in the future, and you will have to update the port forwarding rule to point to the new address. (Giving the Yun a static address can solve that.)
  • Your router's public address can change in the future, requiring you to determine the new address and use that instead. (A dynamic DNS service can solve that.)
  • You will be exposing your Yun to the public Internet, bypassing your router's firewall. If a hacker gains access to your Yun, and compromises it's limited security, he could use it as a vector to gain access to the rest of your network.

thank you sooooo much for the quick response !!!!

i tried what you suggest me but still nothing ...
 
please can somebody take a look to the following attached screenshots to check if i have to make any changes in the configuration of my arduino yun board network settings....


ShapeShifter

check if i have to make any changes in the configuration of my arduino yun board network settings....
Are these screen shots of the Yun's configuration? If so, you don't need to make any changes to the Yun, and shouldn't set up port forwarding on the Yun. As long as you can access the services you want from the local network, the Yun's configuration is good and does not need to be changed. In fact, setting up a port forward on the Yun itself could break the configuration so that it no longer works even on the local network.

You need to set up the port forwarding rules on the router that serves as the bridge between the Internet and the network to which the Yun is attached. Basically, your router (not the Yun!) acts as the gatekeeper between the Internet and your private network. It lets any traffic go through from your private network to the Internet, and lets responses to that traffic come back from the Internet to your private network, but any other traffic that originates from the Internet is normally blocked and not let through.

If a computer on the Internet tries to access your public IP address, that request goes to the router. Normally, it will block it. What the port forward is doing is telling your router that when traffic comes in on a specific port (like 5555 that you mentioned in your first port) it should accept the connection and pass it on to your local network, sending it on to a specific computer (in your case, port 80 on your Yun at 192.169.1.170.) Your Yun will receive the request and process it, just like it would if it were a local request from your private network.

Now, some caveats - even if you set up the router properly, there is still a chance that it won't work. It all depends on your Internet Service Provider (ISP) and what rules they impose. Some ISPs will allow incoming connections on any port. Some will block a few ports, some will block most ports, and some will block all ports.

Now, some caveats - even if you set up the router properly, there is still a chance that it won't work. It all depends on your Internet Service Provider (ISP) and what rules they impose. Some ISPs will allow incoming connections on any port. Some will block a few ports, some will block most ports, and some will block all ports.

i realy didnt know that. I have to check it out .... Thank you so much for your time !!!!!!!!!!!!!!!!!!
thanks thanks thanks....

sonnyyu

Yun/Yun shield as DMZ host:

In computer security, a DMZ or demilitarized zone (sometimes referred to as a perimeter network) is a
physical or logical subnetwork that contains and exposes an organization's external-facing services to a
larger and untrusted network, usually the Internet. The purpose of a DMZ is to add an additional layer of security to an organization's local area network (LAN); an external network node only has direct access to equipment in the DMZ, rather than any other part of the network. The name is derived from the term "demilitarized zone", an area between nation states in which military operation is not permitted.




Setup Yun/Yun shield as static IP address for DMZ:

Method I:

Set static ip at lan (Wifi port)


Method II:

Set static ip at wan (ethernet port)

Method III:

Address Reservation:

The choice between DHCP and static addressing basically boils down to convenience vs. control, but with a DHCP feature called address reservation, you can have the best of both worlds: You get automatic assignment and management of IP addresses without giving up the ability to assign specific addresses set aside for the exclusive use of specific devices. When a network device requests an IP address in a standard DHCP configuration, the DHCP server simply issues the first one available in its address pool. Later on, when the device comes back for an address renewal, it may or may not get the same address. But address reservations allow you to associate a device's unique MAC address with a particular IP address. Therefore, when that device requests an IP address, its MAC address is recognized by the DHCP server, which in turn issues the specific IP address set aside for it.



sonnyyu

#6
Dec 14, 2015, 01:35 pm Last Edit: Dec 14, 2015, 04:35 pm by sonnyyu
...
Now, some caveats - even if you set up the router properly, there is still a chance that it won't work. It all depends on your Internet Service Provider (ISP) and what rules they impose. Some ISPs will allow incoming connections on any port. Some will block a few ports, some will block most ports, and some will block all ports.
It is ture. But it is seem all the ISPs (exclude satellite ISP , might be cell phone one) leave port 22 or 2222 open since they need them to manage their own equipment on network.





ShapeShifter

It is ture. But it is seem all the ISPs leave port 22 or 2222 open since they need them to manage their own equipment on network.
I have also personally run into the situation where a cellular Internet device was issued a private (non-routable) address from the ISP. Outbound connections could be made, and I'm sure the ISP could make inbound connections to the device using the private address that their router hands out, but I could never make an inbound connection on my own to the device - to do so, I would've had to have access to the ISP's upstream router and create a port forward on that router: something I clearly could not do.

My point wasn't to dwell on details, but only to point out that in some situations you can set everything up properly, and still not be able to make an incoming connection. In the case of the cellular Internet device just mentioned, that was the Internet access method for the whole house, so during the few years I had that device I could never make any sort of incoming connection.

sonnyyu

#8
Dec 14, 2015, 04:35 pm Last Edit: Dec 14, 2015, 04:36 pm by sonnyyu
I have also personally run into the situation where a cellular Internet device was issued a private (non-routable) address from the ISP. Outbound connections could be made, and I'm sure the ISP could make inbound connections to the device using the private address that their router hands out, but I could never make an inbound connection on my own to the device - to do so, I would've had to have access to the ISP's upstream router and create a port forward on that router: something I clearly could not do.

My point wasn't to dwell on details, but only to point out that in some situations you can set everything up properly, and still not be able to make an incoming connection. In the case of the cellular Internet device just mentioned, that was the Internet access method for the whole house, so during the few years I had that device I could never make any sort of incoming connection.
from time to time I use LTE (4G), It is seem not block port 22?

VPN or Reverse SSH tunnel is definitely help here.



vkjuju

#9
Apr 19, 2018, 06:01 am Last Edit: Apr 19, 2018, 10:26 am by vkjuju
I hit the same situation, yun on home wireless router works fine, but when it connected to my 4g mobile phone(hotspot), tools->serial port ->greyed out , any solution on it ? thanks

Go Up