Moxa White Paper

Released on March 25, 2009 Copyright © 2009 Moxa Inc. All rights reserved. Moxa manufactures a wide array of device networking products for industrial automation. Information about all Moxa products, which include embedded computers, Ethernet switches, wireless solutions, serial device servers, multiport serial boards, media converters, USB-to-serial converters, embedded device servers, video networking products, and industrial I/O solutions, is available on Moxa's corporate website at www.moxa.com. How to contact Moxa Tel: 1-714-528-6777 Fax: 1-714-528-6778 Web: www.moxa.com Email: info@moxa.com

This document was produced by the Moxa Technical Writing Center (TWC). Please send your comments or suggestions about this or other Moxa documents to twc@moxa.com.

Accessing Private Cellular Networks from the Internet Scott Suen, Assistant Manager, Software R&D

support@moxa.com

Overview Due to the limited number of public IP addresses, most cellular

service providers only offer private IP addresses for mobile

devices to connect to the Internet. However, the nature of

private IP addresses can make accessing your cellular devices

from a public network a living nightmare. Fortunately, there are

already solutions, such as Virtual Private Networks and OnCell

Central Manager, available in the market today that address

the problem of dynamic private IP addresses so you can access

your private cellular networks from the Internet.

The Problem with Private IP Addresses How does the inability to obtain a public IP address for your

cellular devices affect your application? The answer to this

question depends on whether you are setting up a “mobile

originated application” or “mobile terminated application.” Mobile originated applications do not require using public

IP addresses for your remote devices. This is because the

devices themselves initiate each connection, similar to

connecting to the Internet from a private LAN such as the one

in your office. You can connect to public hosts on the Internet,

but the same hosts will not be able to initiate a direct

connection to your office computer. Mobile terminated applications generally require

configuring each of your remote devices with a unique public IP

Moxa White Paper

Copyright © 2009 Moxa Inc. Page 2 of 4

address. However, if a device is configured with a private IP

address, the host computer in your control center won’t be able

to find the private IP address on the Internet. However, it is

extremely difficult to set up a “mobile terminated application”

because cellular service providers usually only offer private IP

addresses for users to connect their mobile devices.

Solutions The good news is that cellular device vendors are working hard

to develop solutions that allow you to deploy “mobile

terminated applications” without having to obtain public IP

addresses for your remote cellular devices. Two effective

solutions available to system integrators include (1) using a

VPN (Virtual Private Network) and (2) OnCell Central Manager

Software on Moxa’s OnCell IP gateways and IP gateways. A VPN allows a computer to use an IP address that is not its

actual one to access the Internet. Instead of running across a

single private network, some of the links between nodes in a

VPN use open connections or virtual circuits in a larger

network, such as the Internet. With the help of VPNs, cellular

devices acting as a VPN client can initiate a connection with a

VPN server. Once the connection is established, cellular devices

can communicate with other network devices on the same

private network. However, VPN solutions generate more

overhead as they need to encrypt data for security purposes.

Since cellular networks have limited bandwidth, VPNs may not

always be the best solution.

OnCell Central Manager If you’re looking to save valuable network bandwidth, Moxa’s

OnCell Central Manager offers an alternative solution to VPNs.

Most cellular devices only have private IP addresses so they

cannot act as servers for other network devices on the

Internet. However, they have the ability to connect to any

servers on the Internet as long as those servers are visible to

other network devices on the Internet. This means that if the

Moxa White Paper

Copyright © 2009 Moxa Inc. Page 3 of 4

servers are equipped with public IP addresses, any network

device can communicate with them directly. Assume a user application on a host PC wants to access a

service provided on an OnCell IP gateway that uses a private IP

address. The user application cannot access the OnCell IP

gateway directly since the OnCell IP gateway is located in a

private network. But by installing and running OnCell Central

Manager onto a computer with a public IP address, the user

application can communicate with the OnCell IP gateway in the

private network, as described in the following steps:

1. First, the user installs and runs OnCell Central Manager on

a host PC, which is equipped with a public IP address.

2. The user enters the IP address or the host name of the PC

running OnCell Central Manager onto the OnCell IP

gateway.

3. Whenever the OnCell IP gateway is powered on, it connects

to the OnCell Central Manager automatically. Once the

connection is established, a user port will be used by a

newly created TCP server on the host PC that is running

OnCell Central Manager. This allows the OnCell IP gateway

to be accessed by the user application (which may be

running on a host PC in a private network). Basically, when the OnCell IP gateway acts as the TCP server, it

cannot be accessed from a host PC outside its private network.

By moving the TCP server function to a host PC with a public IP

address that has OnCell Central Manager installed, any host PC

connected to the Internet can access OnCell Central

Manager—solving the private IP address problem.

Moxa White Paper

Copyright © 2009 Moxa Inc. Page 4 of 4

Summary

Both VPNs and Moxa’s OnCell Central Manager can be used to

solve the problem of dynamic private IP addresses for cellular

devices. But the drawback of using VPNs is that they expand

raw data, eating up more network bandwidth in the process.

OnCell Central Manager offers a more bandwidth-saving

alternative, which not only minimizes programming effort, but

also resolves the dynamic private IP address problem without

requiring any modifications to the host network.

Disclaimer

This document is provided for information purposes only, and the contents hereof are subject to change without

notice. This document is not warranted to be error-free, nor subject to any other warranties or conditions,

whether expressed orally or implied by law, including implied warranties and conditions of merchantability, or

fitness for a particular purpose. We specifically disclaim any liability with respect to this document and no

contractual obligations are formed either directly or indirectly by this document. This document may not be

reproduced or transmitted in any form for any purpose, without our prior written permission.