Accessing Private Cellular Networks from the Internet

Moxa White Paper

Scott Suen, Assistant Manager, Software R&D [email protected]

Overview

Due to the limited number of public IP addresses, most cellular service providers only offer private IP addresses for mobile devices to connect to the Internet. However, the nature of private IP addresses can make accessing your cellular devices from a public network a living nightmare. Fortunately, there are already solutions, such as Virtual Private Networks and OnCell Central Manager, available in the market today that address the problem of dynamic private IP addresses so you can access your private cellular networks from the Internet.

The Problem with Private IP Addresses

How does the inability to obtain a public IP address for your cellular devices affect your application? The answer to this question depends on whether you are setting up a “mobile originated application” or “mobile terminated application.”

Mobile originated applications do not require using public IP addresses for your remote devices. This is because the devices themselves initiate each connection, similar to connecting to the Internet from a private LAN such as the one in your office. You can connect to public hosts on the Internet, but the same hosts will not be able to initiate a direct connection to your office computer.

Mobile terminated applications generally require configuring each of your remote devices with a unique public IP

Released on March 26, 2009

Copyright © 2009 Moxa Inc. All rights reserved. Moxa manufactures a wide array of device networking products for industrial automation. Information about all Moxa products, which include embedded computers, Ethernet switches, wireless solutions, serial device servers, multiport serial boards, media converters, USB-to-serial converters, embedded device servers, video networking products, and industrial I/O solutions, is available on Moxa's corporate website at www.moxa.com. How to contact Moxa Tel: 1-714-528-6777 Fax: 1-714-528-6778 This document was produced by the Moxa Technical Writing Web: www.moxa.com Center (TWC). Please send your comments or suggestions Email: [email protected] about this or other Moxa documents to [email protected].

Moxa White Paper

address. However, if a device is configured with a private IP address, the host computer in your control center won’t be able to find the private IP address on the Internet. However, it is extremely difficult to set up a “mobile terminated application” because cellular service providers usually only offer private IP addresses for users to connect their mobile devices.

Solutions

The good news is that cellular device vendors are working hard to develop solutions that allow you to deploy “mobile terminated applications” without having to obtain public IP addresses for your remote cellular devices. Two effective solutions available to system integrators include (1) using a VPN (Virtual Private Network) and (2) OnCell Central Manager Software on Moxa’s OnCell IP modems and IP gateways.

A VPN allows a computer to use an IP address that is not its actual one to access the Internet. Instead of running across a single private network, some of the links between nodes in a VPN use open connections or virtual circuits in a larger network, such as the Internet. With the help of VPNs, cellular devices acting as a VPN client can initiate a connection with a VPN server. Once the connection is established, cellular devices can communicate with other network devices on the same private network. However, VPN solutions generate more overhead as they need to encrypt data for security purposes. Since cellular networks have limited bandwidth, VPNs may not always be the best solution.

OnCell Central Manager

If you’re looking to save valuable network bandwidth, Moxa’s OnCell Central Manager offers an alternative solution to VPNs. Most cellular devices only have private IP addresses so they cannot act as servers for other network devices on the Internet. However, they have the ability to connect to any servers on the Internet as long as those servers are visible to other network devices on the Internet. This means that if the

Moxa White Paper

servers are equipped with public IP addresses, any network device can communicate with them directly.

Assume a user application on a host PC wants to access a service provided on an OnCell IP gateway that uses a private IP address. The user application cannot access the OnCell IP gateway directly since the OnCell IP gateway is located in a private network. But by installing and running OnCell Central Manager onto a computer with a public IP address, the user application can communicate with the OnCell IP gateway in the private network, as described in the following steps: 1. First, the user installs and runs OnCell Central Manager on a host PC, which is equipped with a public IP address. 2. The user enters the IP address or the host name of the PC running OnCell Central Manager onto the OnCell IP gateway. 3. Whenever the OnCell IP gateway is powered on, it connects to the OnCell Central Manager automatically. Once the connection is established, a user port will be used by a newly created TCP server on the host PC that is running OnCell Central Manager. This allows the OnCell IP gateway to be accessed by the user application (which may be running on a host PC in a private network).

Basically, when the OnCell IP gateway acts as the TCP server, it cannot be accessed from a host PC outside its private network. By moving the TCP server function to a host PC with a public IP address that has OnCell Central Manager installed, any host PC connected to the Internet can access OnCell Central Manager—solving the private IP address problem.

Moxa White Paper

Summary

Both VPNs and Moxa’s OnCell Central Manager can be used to solve the problem of dynamic private IP addresses for cellular devices. But the drawback of using VPNs is that they expand raw data, eating up more network bandwidth in the process. OnCell Central Manager offers a more bandwidth-saving alternative, which not only minimizes programming effort, but also resolves the dynamic private IP address problem without requiring any modifications to the host network.

Disclaimer This document is provided for information purposes only, and the contents hereof are subject to change without

notice. This document is not warranted to be error-free, nor subject to any other warranties or conditions,

whether expressed orally or implied by law, including implied warranties and conditions of merchantability, or

fitness for a particular purpose. We specifically disclaim any liability with respect to this document and no

contractual obligations are formed either directly or indirectly by this document. This document may not be

reproduced or transmitted in any form for any purpose, without our prior written permission.