I just want to verify which ports are open on my mobile device when it's connected to the internet over 4g, but simply netcatting or even pinging it on it's "4g ip" address doesn't work. When connected over wifi, the ping & netcat to it's internal ip address work fine, and I'm also able to ping external ip addresses, so the issue doesn't lie with my own connectivity.
$ ping 192.168.1.100
PING 192.168.1.100 (192.168.1.100) 56(84) bytes of data.
64 bytes from 192.168.1.100: icmp_seq=1 ttl=64 time=248 ms
64 bytes from 192.168.1.100: icmp_seq=2 ttl=64 time=32.6 ms
Got the phones ip address from whatismyip.com, and pinging it, I get
$ ping -4 82.132.xxx.xxx
PING 82.132.xxx.xxx (82.132.xxx.xxx) 56(84) bytes of data.
^C
--- 82.132.xxx.xxx ping statistics ---
23 packets transmitted, 0 received, 100% packet loss, time 22532ms
Just showing that pinging google works fine:
$ ping -v -4 google.com
ping: socket: Permission denied, attempting raw socket...
PING google.com (216.58.204.46) 56(84) bytes of data.
64 bytes from lhr25s12-in-f14.1e100.net (216.58.204.46): icmp_seq=1 ttl=53 time=3.71 ms
64 bytes from lhr25s12-in-f14.1e100.net (216.58.204.46): icmp_seq=2 ttl=53 time=3.07 ms
I'm guessing it's not possible to simply get routed to any mobile device even if you know it's IP address, so are there any other alternatives?
Many mobile operators implement CGNAT, and the external address seen by websites does not belong to the device – it belongs to the NAT gateway run by the ISP. So don't trust the address unless you see it on the device itself.
On top of that, most mobile operators do not provide dedicated IP addresses – they perform "1:many" NAT, not just 1:1 NAT, and the external address is simultaneously used by multiple customers (just like your home router shares your external addresses between all LAN devices).
Even those operators which do dedicate an address per customer (whether direct or 1:1 NATed) frequently put it behind a firewall which blocks all incoming connections. This has two purposes – it prevents the customer from hosting services on their 4G connection (which is usually not allowed by their terms of service), and it prevents various botnet scans and unsolicited connections from draining the device's battery.
and I'm also able to ping external ip addresses
Most of the time, you're only pinging the NAT gateway, not the device itself.
Collected from the Internet
Please contact [email protected] to delete if infringement.
Comments