Accessing Arduino from Internet


Problem Description:

I am trying to access my arduino from internet using Ethernet Shield. Everything works fine when i try to access it from my local network. But there is a problem when i try to access it outside my network using public IP of my router.


I have reserved an IP for my arduino
I have forwarded the port to router at which my arduino is listening
I have made sure that the port is open by disabling the firewall

Now when i try to access it from my local network ex: it is working.
but when i do the same using internet ex: PUBLIC_IP_OF_ROUTER:Port_NO it is not working. error code displayed by the browser is ERR_CONNECTION_REFUSED

Please help me out, Thanks in advance

you have a static or dynamic connection to internet?

dynamic one

I have do something like you with an arduino yun board.

Try to read this from page 14 to page 21. Is possible you have forgot something.

Please sen me the step with your router so i can improve my guide

Have a look at...

.. and various things at sheepdogsoftware, qsg, arunet you can get to if you follow links from there. Sorry the material isn't better organized, and that some of the older, weaker pages haven't been pruned... but, if I don't miss my guess, everything you need is in there somewhere.

Top guesses: dyndns, router, anti-malware issues.

The "answers" are not (very) hard... but diagnosing WHICH thing you still need can be tricky. Look out, in the pages cited, for "get this bit working first" stuff. The fact that you have it working on your LAN is a HUGE, and important "first step". By comparison, the rest is "details".

Thanks for your help guys. I have solved the issue. It was nat loopback issue. Now working on Dynamic DNS for my router.

More on NAT Loopback(copied from wiki):

NAT loopback, also known as NAT hairpinning or NAT reflection,[6] is a feature in many consumer routers[7] which allows a user to connect to his/her own public IP address from inside the LAN. This is especially useful when, for example, a website is hosted at that IP address. The following describes an example network:

Public address: (this is the address of the WAN interface on the router)
Internal address of router:
Address of the server:
Address of a computer:
If a packet is sent to the public address ( by a computer at, the packet would normally be routed to the default gateway (the router), unless an explicit route is set in the computer’s routing tables. A router with the NAT loopback feature detects that is the address of its WAN interface, and treats the packet as if coming from that interface. It decides based on DNAT (port forwarding) rules on the destination for the packet. For example, if the data were sent to port 80 and there is a DNAT rule for port 80 directed to, then the host at that address will receive the packet.

If no applicable DNAT rules are available, the router’s firewall drops the packet. An ICMP Destination Unreachable reply may be sent. If any DNAT rules were present, address translation is still in effect; the router still rewrites the source IP address in the packet. The computer ( sends the packet as coming from, but the server ( receives it as coming from When the server replies the process is identical as for an external sender. Thus, two-way communication is possible between hosts inside the LAN network via their public IP address.

NAT loopback is especially useful when the server hosts a domain name that resolves to a public address. When the router does not perform NAT loopback, any connection attempts to that IP address fail.

I would argue... what do you think, folks, that while loopback is "clever", and a marvel... it is actually generally unhelpful to the sort of situation that is usually discussed here.

Yes, it will make the Arduino server "work", sort of... but only from the place where you might as well go to the Arduino by its local IP address!

I can go to my Arduserver either by its local address, on the LAN here, or, using the wonderful services of my dyndns provider, using...


When I do it that way, I am "seeing" what someone NOT on the LAN here would see.

Using loopback gives you a false sense of security. It LOOKS like your server can be reached. But it can't. Unless you are on the same LAN as the server.

Wasn't the point to be able to access it from NOT on the same LAN?