By-passing a Cellular Carriers Network without a static IP address

Accessing your local devices remotely without port forwarding or router changes

What is CG-NAT?

CG-NAT is a network address translation technique that extends the IPv4 networks on a considerable scale and allows ISPs (internet service providers) to conserve their acquired public IPv4 pool. Every online user has two IP addresses, a public (eg. 83.24.73.243) and a private one (eg. 192.168.1.12.) When a user intends to communicate online, the standard NAT protocol translates their private IPv4 address to a public one. But with CGNAT (LSN or NAT 444), an extra layer of address translation is added. The unique private IP addresses are translated into public IPs shared by multiple users. And this is how ISPs prevent their public IPv4 pool from exhaustion.

What does that mean exactly for me?

While it is excellent from a security standpoint and is great for cellular ISPs it can be frustrating from a network operations standpoint when attempting to reach equipment inside a private network behind a cellular router. Typically how this is dealt with is to buy the use of one of the ISPs static public facing IP addresses that by-passes their internal IPv4 CG-NAT for a direct line of sight to the internet. This of course costs more money which the average home or small business user doesn’t want to deal with. This is where a Reverse Proxy comes into play.

What is a reverse Proxy?

A reverse proxy is a server that sits in front of web servers and forwards client (e.g. web browser) requests to those web servers. Reverse proxies are typically implemented to help increase security, performance, and reliability.

How could this benefit me?

Normally with CG-NAT traditional port forwarding won’t work like it would on a landline based ISP (eg. Cable, DSL, Fiber) since you are behind the cellular carriers NAT. This is a work around to this issue.

Here are a few use cases for a reverse proxy that would make it attractive to an average user. (Note: Prerequisite for these scenarios is a PC will be required; It can be just a little Raspberry Pi or other PC. I used a Raspberry Pi 4 and a service called LocalXpose for all of these instances.)

Scenarios

A. I need to see a camera at a remote location on a cellular router.

B. I have T-Mobile home internet but want to access my Plex Server remotely.

Scenario A – Remote Camera exposure:

I have an IP camera mounted at a remote cabin connected to a cellular router in the woods. I want to be able to see the video feed from my home. We find the local LAN ip address of your IP camera, in this example I’m going to use 192.168.1.2. Once I know my camera’s IP address I test the feed with VLC Player I open the feed url (rtsp://username:password@192.168.1.2:554) and I see a live feed of the camera. I then jump over to my PC with LocalXpose installed on it. In my case I’m using Linux for the operating System. I use the following command to route my camera feed to one of localxpose’s external URLs:

./loclx tunnel tcp –port 10554 –to 192.168.1.2:554

This will create a url similar to us.loclx.io:10554. We can plug this URL into VLC player on a computer outside the network (in this case at our home) like so:

rtsp://username:password@camera.loclx.io:10554 and we will see the same live feed we did as if we were on the local network.

Scenario B – Plex Server exposure

This is a similar scenario as with the camera except we are dealing with a different type of device. Plex is an application for sharing media locally (eg. Home videos or music libraries.) In my case I have T-Mobile Home Internet but I want to be able to access my Plex library from outside my local LAN. Much the same way I did with the camera setup, I first get the IP address and port number the Plex server uses (I’m going to use the default port in this case.) My Plex server has an IP address of 10.0.0.12 and the port is 32400. Normally at home I put http://10.0.0.12:32400 into my web browser on my PC and I’m greeted with the login screen for my plex server. Again just like the camera we use a command to forward the traffic but I also want to specify the port:

./loclx tunnel tcp –port 32400 –to 10.0.0.12:32400

This will generate a url similar to this: http://us.loclx.io:32400. We can now put this URL into the browser of a PC (or phone/tablet) outside our home network and access the media on our Plex server.

As you can see in these two examples, a reverse proxy can be extremely useful when you’re behind the bars, so to speak of CG-NAT. I would also like to note that I didn’t go into the fine grain details of using this particular service as it was my goal to give a general example of how it could be used in a compact short read.

If you’re interested in us going into more detail about this type of service, email sales@5gstore.com.

April 13, 2023 By: David W.

April 13, 2023By valerie 5G 5gstore, carrier NAT, cellular carrier, CG-NAT, port forwarding, remote access, reverse proxy, Static IP

What Data Plans are Available at 5Gstore?

Are you looking for an affordable cellular data plan for your failover or primary Internet service? 5Gstore.com is currently offering 4 different data plans, all with one of the nation’s biggest cellular providers, Verizon Wireless. These data plans will accommodate users needing either 4G LTE or 5G service. Here’s a breakdown of each plan:

4G LTE Failover plan
- $10/mo (includes 1GB)
- $10 Per Additional GB
- For fixed or mobile use
4G LTE Failover plan with Static IP address
- $12/mo (includes 1GB)
- $10 Per Additional GB
- For fixed or mobile use
5G Unlimited with Static IP address
- $84.99/mo
- No overage fees
- No throttling
- Fixed Access ONLY – Requires Confirmation of Address Before Ordering
4G LTE Standard plan with Static IP
- $84.99/mo (includes 300GB)
- $10 Per Additional 5GB
- For fixed or mobile use

You might be asking why the 5G plan requires address verification while the others do not. This is because the 5G service is limited to fixed wireless access (FWA). This 5G service includes access to Verizon’s C-Band frequencies, which provide some of the fastest bandwidth speeds. The speeds at this time will generally be around 100-150 Mbps down and 10-15 Mbps up.

Verizon is also only allowing a certain number of 5G Unlimited plans to be sold per cell tower. Once each of the 5G “nodes” are sold, they cannot sell any more. With this being a first come, first served situation, it’s best if you act quickly!

But what if your address is not currently in a 5G C-Band area (also called Ultra Wideband)? Not to worry! All you need to do is wait. After you submit your address once, we will continue to check periodically for coverage. Only after we receive confirmation that there is coverage, will we contact you to let you know.

Not interested in a 5G plan? Take a look at our 4G LTE plans instead. Keep in mind that there is limited data usage included and overage fees. If you’re not sure how much data you will need, follow our guide for assistance and check out our data usage calculator as well.

How about a static IP address? Do you need one? How might a static IP help you? There are of course pros and cons to everything, including static IP addresses. Find out more about static IPs before you decide.

If you’re still uncertain about what data plan you require, contact the experts at 5Gstore.com for assistance. We’re available Monday thru Friday, 9am to 6pm CT via phone, email, or chat!

April 5, 2023By valerie 5G 5G, C-Band, Cellular, data plan, LTE, Static IP, unlimited, Verizon

Why having a Static IP Address on your cellular failover improves email deliverability

A static IP address on a failover cellular connection can be a valuable tool for improving email deliverability. We are going to explore the reasons why having a static IP address is important for this. We’ll also look at how it can benefit businesses that rely on email communication. Lastly, we’ll show you an example configuration using GoDaddy.

What is Failover?

A failover cellular connection is a backup internet connection that is used when the primary connection fails. This is important for businesses that rely on the internet to operate, as it ensures that they can continue to operate even if their primary internet connection goes down. Failover cellular connections are often used in conjunction with routers or other networking equipment that can detect when the primary connection is down and automatically switch to the cellular connection.

Why a Static IP?

When sending emails, the recipient’s email server checks the IP address of the sender to determine if the email is legitimate. If the email is coming from a dynamic IP address, which is common for cellular connections, it can raise a red flag for the recipient’s email server. This is because dynamic IP addresses are often associated with spam or other malicious activity.

By contrast, a static IP address provides a consistent and reliable source for email traffic. It allows email servers to easily verify the sender’s identity and ensure that the email is legitimate. This can greatly improve email deliverability and reduce the chances of emails being flagged as spam or blocked altogether.

In addition to improving email deliverability, a static IP address on a failover cellular connection can also provide other benefits for businesses. It can make it easier to manage network traffic and allow for more advanced networking configurations. It can also help to improve network security, as static IP addresses are less susceptible to hacking or other malicious activities.

Configuration Tip

As an example, let’s say you’re hosting your DNS with a provider like GoDaddy. Configuring your DNS to use a secondary static IP address can help to improve email deliverability and reduce the chances of your emails going into the spam folder. Look below for step-by-step directions specifically for GoDaddy. Note that other providers’ directions may differ.

Step 1: Log in to your GoDaddy account

Step 2: Navigate to your domain management

Once you have logged in, click on the “My Products” option in the top-right corner of the screen. Then, select “Domains” from the drop-down menu.

Step 3: Select the domain you want to configure

From the list of domains, select the one you want to configure for the secondary static IP address.

Step 4: Access DNS management

On the domain management page, scroll down to the “DNS” section and click on the “Manage DNS” button.

Step 5: Add an “A” record

In the DNS management page, scroll down to the “A (Host)” section and click on the “Add” button. For the “Host” field, enter the name of your email server (e.g., “mail.yourdomain.com”). In the “Points to” field, enter the secondary static IP address for your email server. Then, set the “TTL” value to the desired duration (e.g., 1 hour).

Step 6: Verify changes

Once you have added the “A” record, make sure to verify the changes by checking that the new record is displayed correctly in the “DNS Management” page.

Step 7: Wait for propagation

DNS changes can take up to 48 hours to propagate fully, although it typically happens much faster. Be patient and allow some time for the changes to take effect.

Step 8: Test your email deliverability

After the changes have propagated, test your email deliverability by sending a test email to a few different email addresses (e.g., Gmail, Yahoo, etc.). Check the spam folder to see if the email was flagged as spam or if it was delivered to the inbox.

Remember to always monitor your email deliverability and make necessary changes as needed to ensure your emails are being delivered successfully.

March 6, 2023By valerie 5G email, Failover, GoDaddy, Static IP