Skip to main content
Forum FAQ's
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

This page is no longer active

close

   

For up-to-date information and comments, search the EE Community or start a new topic.

EE 4G Sim + Router

ND0724
Investigator
Investigator

‎08-07-2021 01:43 PM

Hello,

 

I recently bought a TP-LINK MR200 router to utilise in a remote area. The plan was to use this with the OpenVPN server on the router to connect to a LAN remotely. 

 

When I use my EE sim card I am able to connect to the internet when directly connected to the router (i.e. LAN). However, if I try and access remotely it is as if all ports are blocked to incoming traffic. 

 

I have enabled remote management and ICMP echos from remote in the settings. I have a public IP address with the EE sim card and have set up a DDNS server which is working. 

 

Out of curiousity, I tried the router with my three mobile sim card and I made a slight adjustment to the APN and everything worked perfectly after that and as expected.

 

I was wondering if anyone has come across this issue and if they managed to resolve it on the EE network?

 

Best regards,

 

N

0 Helpful
9 REPLIES 9
XRaySpeX
Grand Master
Grand Master

‎08-07-2021 01:57 PM

@ND0724 : You may be finding yourself up against a limitation of EE's mobile network. The EE mobile network uses Carrier Grade NAT (CGNAT) resulting in a double NAT, which means that you don't get your own public IP address but share it with other users. So you can't be uniquely id'ed on the Net & therefore your LAN cannot be addressed from outside for unsolicited accesses. This is unlike fixed BB.

 

If this occurs there is nowt you can do to avoid it.

If you think I helped please feel free to hit the "Thumbs Up" button below.

To phone EE CS: Dial Freephone +44 800 079 8586 - Option 1 for Mobile Phone & Mobile Broadband or Option 2 for Home Broadband & Home Phone

ISPs: 1999: Freeserve 48K Dial-Up => 2005: Wanadoo 1 Meg BB => 2007: Orange 2 Meg BB => 2008: Orange 8 Meg LLU => 2010: Orange 16 Meg LLU => 2011: Orange 20 Meg WBC => 2014: EE 20 Meg WBC => 2020: EE 40 Meg FTTC => 2022: EE 80 Meg FTTC (no landline number)
0 Helpful
ND0724
Investigator
Investigator
In response to XRaySpeX

‎08-07-2021 02:13 PM - edited ‎08-07-2021 02:14 PM

@XRaySpeX 

 

Thanks for the prompt reply. If I've understood correctly, a double NAT would leave me with a private up address. My router page shows a public IP address which matches what I see when I Google or visit a site that shows my public IP address.

 

Would you agree with the above and hence does that rule out your suggestions.

 

Thanks again,

 

N

0 Helpful
XRaySpeX
Grand Master
Grand Master
In response to ND0724

‎08-07-2021 02:23 PM

Yes, I would expect the router itself to see its public IP addy to start with 10. if CGNAT was in operation.

If you think I helped please feel free to hit the "Thumbs Up" button below.

To phone EE CS: Dial Freephone +44 800 079 8586 - Option 1 for Mobile Phone & Mobile Broadband or Option 2 for Home Broadband & Home Phone

ISPs: 1999: Freeserve 48K Dial-Up => 2005: Wanadoo 1 Meg BB => 2007: Orange 2 Meg BB => 2008: Orange 8 Meg LLU => 2010: Orange 16 Meg LLU => 2011: Orange 20 Meg WBC => 2014: EE 20 Meg WBC => 2020: EE 40 Meg FTTC => 2022: EE 80 Meg FTTC (no landline number)
0 Helpful
ND0724
Investigator
Investigator
In response to XRaySpeX

‎08-07-2021 02:25 PM

Thanks, this doesn't appear to be the problem then.

 

Lost for ideas. I'm going to speak to EE directly and see if they have any suggestions.

 

Thanks for your help though,

 

N

0 Helpful
mikeliuk
Ace Contributor
Ace Contributor
In response to ND0724

‎08-07-2021 05:34 PM

Hi @ND0724 ,

 

If you check your WAN IP address on your router you will find it to be of the form 100.x.x.x or 10.x.x.x (or some other private range) and it will not match the IP address you see when you visit online what-is-my-IP services. Those services will show your exit point to the internet but you will share that exit point with many people.

 

To get around CGNAT, you can use a commercial VPN service to obtain a publicly routable address but this would defeat the point of running a VPN server at home, otherwise you can use a commercial solution with a matcher service such as https://www.draytek.com/solutions/vpn-matcher/

-- 
Contract SIM: Plan | Data | Usage | Check Status | Abroad | Chat | SMS | APN | PM
Wired: Check Speed | Test Socket | Faults | fast.com | speedtest.net
0 Helpful
XRaySpeX
Grand Master
Grand Master
In response to mikeliuk

‎08-07-2021 05:36 PM

@mikeliuk : Even tho' the OP states otherwise?

If you think I helped please feel free to hit the "Thumbs Up" button below.

To phone EE CS: Dial Freephone +44 800 079 8586 - Option 1 for Mobile Phone & Mobile Broadband or Option 2 for Home Broadband & Home Phone

ISPs: 1999: Freeserve 48K Dial-Up => 2005: Wanadoo 1 Meg BB => 2007: Orange 2 Meg BB => 2008: Orange 8 Meg LLU => 2010: Orange 16 Meg LLU => 2011: Orange 20 Meg WBC => 2014: EE 20 Meg WBC => 2020: EE 40 Meg FTTC => 2022: EE 80 Meg FTTC (no landline number)
0 Helpful
ND0724
Investigator
Investigator
In response to XRaySpeX

‎08-07-2021 05:39 PM

@mikeliuk 

 

Hi Mike!

 

Thanks for your suggestions. I can definitely confirm that I have both WAN IP and "what's my IP" IP matching & both public.

 

Thank you for your suggestions on other routes around this issue though, much appreciated.

 

I actually plugged in my three sim card and changed the APN from three.co.uk to 3internet and everything worked like a charm. I'll maybe just opt for another service provider as it seems to be the path of least resistance.

 

Thanks though,

 

N

0 Helpful
mikeliuk
Ace Contributor
Ace Contributor
In response to ND0724

‎08-07-2021 06:27 PM - edited ‎08-07-2021 06:29 PM

Hi @ND0724 ,

 

That sounds good! A routable IPv4 address is one of the things I miss most about Three.

 

I would be really interested in how you get EE to assign a routable IP address onto your 4G LTE WAN interface on a consumer (not business) contract. Obviously you can't just take the value from what-is-my-ip and just assign it to the WAN interface (it must be put there by EE's infrastructure) as it will listen to traffic addressed to that IP but the service provider will never route any incoming traffic to you (unsolicited incoming traffic to that IP will be blocked at the perimeter as it is unknown whose WAN interface it should go to).

 

I currently have DDNS running under OpenWRT which is updating a domain name to point to my exit point address but even if I were to assign that exit point IP address to my WAN I could never receive any unsolicited traffic to it.

-- 
Contract SIM: Plan | Data | Usage | Check Status | Abroad | Chat | SMS | APN | PM
Wired: Check Speed | Test Socket | Faults | fast.com | speedtest.net
0 Helpful
ND0724
Investigator
Investigator
In response to mikeliuk

‎08-07-2021 09:37 PM

@mikeliuk 

 

I don't know the specific reason I've ended up with a proper public IP address assigned. It's not a SIM only contract, I bought it with one of their WiFi hotspot products which maybe triggers the difference?

 

Either way, it's still not working. I can only think that they've closed ports for security purposes for some unknown reason. I'm going to give them a call tomorrow to see if they can assist with that and perhaps open them on their end. 

 

N

0 Helpful