Saturday, November 01, 2014

Testing for Port Blocking on our 4G Internet Connection




Well, it is Saturday night and whilst the cool kids are no doubt out dressed as ghouls, smoking dope and terrorising members of the public ....

Meanwhile Marcus and Agata, the Geek Kids,  have their thinking caps on trying to debug what seems to be closed TCP connections to our webserver.

We know how to have a good time ...

The Problem Stated
We are experimenting with using a mobile 4G Internet connection.

Outbound surfing seems to work just fine.

TV Services like Zattoo , fine.

But what about other people on the Internet surfing into a Webserver that sits behind the 4G Internet connection.


How do you test it?


This provides a ready made Wiki and Apache Server and PHP.  We configured it to be listening on port 8800

  • Checked that it is really listening with netstat -an

  • From the local PC connect to the Wiki and enter some text, thus proving that the whole system is functioning






  • Find the public IP address

  • Make sure the Virtual Server of the Huawei E5372 is configured to point to the IP of the test PC


  • Now retry the Wiki from a different workstation using a different Internet Connection



What are the results so far

The following hold true for the 2 4G , Swiss Telecoms network SIMS that we are testing

First the Orange, Surf Unlimited 4G SIM, operating on the Orange Network

Second the Lebara,  3G Surf Plan 4G SIM, operating on the Sunrise Network





  • A portscan shows all ports seem closed



  • Traceroute to the target address fails
  • From home we can surf, or make any Internet connection we choose outbound.  Example from home to a HTTP port 80 or HTTPS port 443 site without issue
  • For Orange SIP communications don't work.  In that the destination phone number can be dialled and when answered  they can hear me, but I cannot hear them.  Unbelievable!



  • Our Home IP address cannot be pinged

  • Our Wiki Webserver operating on port 8800 cannot be reached
Summary
Thus far it seems impossible to reach and internal Webserver when the Internet connection is made via a 4G Orange or Lebara 4G SIM.