Hey Frank, Thanks for the suggestion on this. That sounds like a decent plan and something I'd be keen to test and explore.
One thing I have found here is a 3rd party company here which is issuing 3G SIMMs based on the Vodafone network which have a static IP, they're about an additional £10 a month though so I'd rather avoid that if possible ;-) however that would allow me to connect directly to the systems :-) Can you explain what you mean by 'hub'? Let's say I have a few tech support guys here, in a couple of different locations, how could I ensure that they all have availability to connect via SSH? Thanks my man, Rob -----Original Message----- From: Frank Parker [mailto:[email protected]] Sent: 22 May 2009 19:16 To: Robert Rawlins - Think Blue Cc: voyage-linux Subject: Re: [SPAM] Re: [Voyage-linux] Huawei E160 Rob, You didn't say how you are trying to connect to the remote voyage boxes, but if it's SSH you could reverse your thinking. You could have a cronjob on the remotes that connect to the hub via certificate-based SSH and use -R to setup reverse tunnels. I use this trick a lot for on far flung routers and it works great. --parker On Fri, May 22, 2009 at 1:14 AM, Robert Rawlins - Think Blue <[email protected]> wrote: > @ Natale, sorry for getting your name wrong, I'd had my contact lenses in a > little too long I think, misread your name ;-) I'll have a look around the > providers today and see if anyone provides non-NATed addresses, I don't need > them to be static as they call home to the server once a minute and I can > grab the IP they're using, it just needs to be real and not masked in any > way :-) > > @ Gustin, thanks for that suggestion, it's looking more and more like this > idea of some kind of tunnel is going to be the best option, just one I > didnt really want to get into :-( > > We have a fair number of these little clients and the network is continually > growing, I just don't want to get bogged down in configuring port > forwarding, the main reason we're considering the move to a mobile network > is so we don't have to configure routers at client locations, it'll kind of > void the point of moving if we still get bogged down in that kind of thing, > y'know? I want a hassle free life style ;-) Maybe it's time for a career > change haha > > However, it looks rather inevitable that we'll have to take that route which > is a shame, let's see what happens today when I speak with the providers. > :-) > > Thanks, > > Rob > > -----Original Message----- > From: > voyage-linux-bounces+robert.rawlins=thinkbluemedia.co...@list.voyage.hk > [mailto:voyage-linux-bounces+robert.rawlins=thinkbluemedia.co...@list.voyage > .hk] On Behalf Of Natale Vinto > Sent: 21 May 2009 20:03 > To: voyage-linux > Subject: Re: [SPAM] Re: [Voyage-linux] Huawei E160 > > You're welcome Robert but my name is Natale,I'm a male :) > Anyway public IP costs to carriers..! So I think you should choose > some of the first mobile carrier that has bought IPs, for example here > in Italy only TIM has public IPs because it was the first and only > mobile carrier so it could buy them with no problems :) Here > Vodafone,H3G and Wind has NAT, cheap and safe! > > 2009/5/21 Robert Rawlins - Think Blue <[email protected]>: >> Thanks Natalie. >> >> I spoke with my service provider (o2) this afternoon and got told off for >> using my phone SIM in the dongle :-( they suggested that this was perhaps >> causing the problem. I went to the store this afternoon and picked up a >> proper mobile broadband SIM, topped it up with credit and have just >> connected and still get NATed. >> >> I'll try and speak with their technical department tomorrow but something >> tells me that this will be a pain. >> >> I've been talking with Wayne about setting up a tunnel, we'll see if that >> works for us, we just have a fair number of these systems going out the > door >> and I don't want to get caught up in too much administration so the > simpler >> we can keep things the better. >> >> Cheers, >> >> Rob >> >> -----Original Message----- >> From: >> voyage-linux-bounces+robert.rawlins=thinkbluemedia.co...@list.voyage.hk >> > [mailto:voyage-linux-bounces+robert.rawlins=thinkbluemedia.co...@list.voyage >> .hk] On Behalf Of Natale Vinto >> Sent: 21 May 2009 18:53 >> To: voyage-linux >> Subject: Re: [SPAM] Re: [Voyage-linux] Huawei E160 >> >> You are NATted, if you want public IP try to use another mobile >> carrier or try to use IPv6 with a tunnel ( but your clients then have >> to work in ipv6 ) >> >> 2009/5/21 Robert Rawlins - Think Blue > <[email protected]>: >>> Thanks Parker and Wayne, >>> >>> I thought that 80.x address looked a little suspect. I tried grabbing my >>> external IP as suggested parker and it's different to both the addresses >>> listed in the ppp interface and as expected doesnt allow me to connect >> :-s >>> >>> Well, at least I know it's the service provider which needs to be spoken >> to >>> now to see if there is anything they can do about it, if not then I'll >> have >>> to take my business elsewhere ;-) >>> >>> Thank you guys for your help! >>> >>> Rob >>> >>> -----Original Message----- >>> From: Frank Parker [mailto:[email protected]] >>> Sent: 21 May 2009 16:00 >>> To: Robert Rawlins - Think Blue >>> Cc: voyage-linux >>> Subject: Re: [SPAM] Re: [Voyage-linux] Huawei E160 >>> >>> You are getting a 10.0.0.0 address which is RFC1918, so yes it is being >>> NAT'd. >>> >>> Check your address as it appears to the outside world, like this: >>> >>> curl http://checkip.dyndns.org >>> >>> If you don't have curl installed. Try wget: >>> >>> wget -qO /tmp/checkip.html http://checkip.dyndns.org && cat >>> /tmp/checkip.html >>> >>> --parker >>> >>> >>> >>> On Thu, May 21, 2009 at 7:41 AM, Robert Rawlins - Think Blue >>> <[email protected]> wrote: >>>> Hi Wayne, >>>> >>>> The local and public IP's on the interface are both different to that >>> which >>>> is displayed on the remote sites as my IP when I'm hitting them. The ppp >>>> interface looks like this: >>>> >>>> ppp0 Link encap:Point-to-Point Protocol >>>> inet addr:10.90.235.192 P-t-P:10.64.64.64 > Mask:255.255.255.255 >>>> UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 >>>> RX packets:21 errors:0 dropped:0 overruns:0 frame:0 >>>> TX packets:23 errors:0 dropped:0 overruns:0 carrier:0 >>>> collisions:0 txqueuelen:3 >>>> RX bytes:2498 (2.4 KiB) TX bytes:1359 (1.3 KiB) >>>> >>>> Hopefully the provider isn't nating the service, are you able to tell >> from >>>> those details or will I need to contact them? >>>> >>>> I've not made any modifications to the IP tables myself, this is a >>>> completely clean voyage 0.6.0 build with just wvdial installed, I've not >>>> made any changes to configurations outside of that. >>>> >>>> Thanks mate, >>>> >>>> Rob >>>> >>>> -----Original Message----- >>>> From: Wayne Lee [mailto:[email protected]] >>>> Sent: 21 May 2009 15:09 >>>> To: Robert Rawlins - Think Blue >>>> Subject: Re: [SPAM] Re: [Voyage-linux] Huawei E160 >>>> >>>> On Thu, May 21, 2009 at 2:47 PM, Robert Rawlins - Think Blue >>>> <[email protected]> wrote: >>>>> OK Seems like I now have this working! :-D >>>>> >>>>> Seems that it was connecting just fine but the reason I couldn't ping >>>>> anything was because I was connected via Ethernet to the box and the >>>> default >>>>> route wasn't being set properly when the GPRS ppp connection was >>>>> established. >>>>> >>>>> I edit /etc/ppp/peers/wvdial and added the option 'replacedefaultroute' >>>> and >>>>> now when the connection is established I can ping and wget using the > ppp >>>>> connection :-) >>>>> >>>>> One thing I have been unable to do though is connect inbound via SSH >>> using >>>>> the ppp connection, I can still only connect using the Ethernet. I've >>> done >>>> a >>>>> wget on an URL which gives me the boxes remote IP address on the ppp >>>>> connection however trying to connect via SSH on that IP from another >>>> system >>>>> doesn't seem to work. >>>>> >>>>> Any suggestions on what I might need to do to get those inbound >>>> connections >>>>> working? >>>> >>>> Some of the 3g providers NAT your connection so inbound services will > not >>>> work >>>> >>>> What is the IP on your ppp interface ? >>>> >>>> Also do you have iptables blocking inbound ssh ? >>>> >>>> >>>> _______________________________________________ >>>> Voyage-linux mailing list >>>> [email protected] >>>> http://list.voyage.hk/mailman/listinfo/voyage-linux >>>> >>> >>> >>> _______________________________________________ >>> Voyage-linux mailing list >>> [email protected] >>> http://list.voyage.hk/mailman/listinfo/voyage-linux >>> >> >> >> >> -- >> Natale Vinto >> http://www.gotext.org >> >> _______________________________________________ >> Voyage-linux mailing list >> [email protected] >> http://list.voyage.hk/mailman/listinfo/voyage-linux >> >> >> _______________________________________________ >> Voyage-linux mailing list >> [email protected] >> http://list.voyage.hk/mailman/listinfo/voyage-linux >> > > > > -- > Natale Vinto > http://www.gotext.org > > _______________________________________________ > Voyage-linux mailing list > [email protected] > http://list.voyage.hk/mailman/listinfo/voyage-linux > > > _______________________________________________ > Voyage-linux mailing list > [email protected] > http://list.voyage.hk/mailman/listinfo/voyage-linux > _______________________________________________ Voyage-linux mailing list [email protected] http://list.voyage.hk/mailman/listinfo/voyage-linux
