Remote acces and port forwarding issues with ES450 and AT&T

Hello,

I am attempting to set up remote access to a DVR with 4 cameras at a remote location. The AirLink is operating normally, it passes internet traffic without an issue. I have set up port forwarding for the 3 ports necessary to provide remote viewing. However, I cannot access either the DVR or the AirLink remotely. I am also using DDNS one for the AirLink and one for the DVR. The DNS is being updated for both the DVR and the AirLink. When I attempt to access either of the devices using the URL the page times out. I have attempted to access from a Comcast network, an AT&T network and a Verizon network with the same results on each.

I have noticed that the AirLink reports as having a private IP 10.55.xxx.xxx. When I do an nslookup on either of the DDNS they report back a public IP similar to 166.177.XXX.XXX and 166.137.XXX.XXX. I have had no luck in accessing these devices using any port. However, DDNS is being updated and ACEManager is able to connect and push templates.

I guess my question is, does AT&T have some type of NAT set up to where I cannot access my devices or pass specific ports to devices behind my mobile gateway or I have the ES450 configured incorrectly.

The DVR is connected directly to the ES450 Ethernet port.

Settings in a nutshell:
DHCP
All Hosts Use Private IPs
DMZ Disabled
Port forwarding enabled
Public start port Public End Port Protocol Host IP Private Start Port
80 80 TCP&UDP 192.168.13.101 0
Rinse repeat for remaining ports.
AceManager enabled set for default ports
All other settings are at default.

Here is a traceroute to the AirLink

C:\WINDOWS\system32>tracert somename.ddns.net

Tracing route to somename.ddns.net [xxx.xxx.xxx.xxx]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms 10.52.52.1
2 5 ms 9 ms 10 ms xxx.xxx.xxx.xxx-Memphis.hfc.comcastbusiness.net [xxx.xxx.xxx.xxx]
3 14 ms 20 ms 29 ms 96.120.32.73
4 20 ms 19 ms 17 ms te-9-3-ur01.northshrvprt.la.malt.comcast.net [68.86.244.153]
5 13 ms 14 ms 14 ms te-0-0-0-10-ur03.mainshrvprt.la.malt.comcast.net [68.85.203.17]
6 24 ms 24 ms 27 ms te-0-4-0-7-ar02.dannythomas.tn.malt.comcast.net [162.151.12.13]
7 32 ms 39 ms 29 ms be-22258-cr02.dallas.tx.ibone.comcast.net [68.86.93.93]
8 44 ms 41 ms 37 ms be-16-pe02.1950stemmons.tx.ibone.comcast.net [68.86.83.118]
9 30 ms 36 ms 34 ms as7018-pe01.1950stemmons.tx.ibone.comcast.net [75.149.230.162]
10 50 ms 38 ms 49 ms cr1.dlstx.ip.att.net [12.123.16.86]
11 35 ms 54 ms 34 ms 12.83.179.193
12 33 ms 39 ms 39 ms 12.249.2.2
13 50 ms 39 ms 39 ms 172.17.32.37
14 44 ms 60 ms 38 ms mobile-xxx.xxx.xxx.xxx.mycingular.net [xxx.xxx.xxx.xxx]

and one to the DVR

C:\WINDOWS\system32>tracert somename.no-ip.org

Tracing route to somename.no-ip.org [xxx.xxx.xxx.xxx]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms 10.52.52.1
2 4 ms 8 ms 9 ms Memphis.hfc.comcastbusiness.net [xxx.xxx.xxx.xxx]
3 23 ms 19 ms 21 ms 96.120.32.73
4 16 ms 18 ms 19 ms te-9-3-ur01.northshrvprt.la.malt.comcast.net [68.86.244.153]
5 17 ms 24 ms 30 ms te-0-0-0-10-ur03.mainshrvprt.la.malt.comcast.net [68.85.203.17]
6 26 ms * 39 ms te-0-4-0-4-ar02.dannythomas.tn.malt.comcast.net [162.151.12.1]
7 39 ms 27 ms 49 ms be-22258-cr02.dallas.tx.ibone.comcast.net [68.86.93.93]
8 32 ms 34 ms 39 ms be-16-pe02.1950stemmons.tx.ibone.comcast.net [68.86.83.118]
9 40 ms 50 ms 38 ms as7018-pe01.1950stemmons.tx.ibone.comcast.net [75.149.230.162]
10 41 ms 40 ms 38 ms cr1.dlstx.ip.att.net [12.123.16.86]
11 51 ms 41 ms 38 ms 12.83.179.193
12 40 ms 39 ms 39 ms 12.249.2.2
13 33 ms 37 ms 30 ms 172.17.32.37
14 55 ms 57 ms 67 ms mobile-xxx.xxx.xxx.xxx.mycingular.net [xxx.xxx.xxx.xxx]

Trace complete.

C:\WINDOWS\system32>

Hi,
Seems like better to can contact your reseller/distibutor…

-Alex

I have contacted AT&T and have just contacted my distributor. So if that is the case, what are these forums used for?

Thanks,

Drew

I think you are having the same problem that I discovered after receiving my ES450 for Verizon Wireless. It’s called Carrier Grade NAT, or Large Scale NAT. The carriers are putting users behind these NAT’d private networks while rolling out IPV6. I’ve got a similar post that spells out the problem a little differently.
https://forum.sierrawireless.com/t/es450-not-working-now-that-verizon-is-using-large-scale-nat/8502/1

Sierra Wireless was nice enough to contact me about my problem and informed me that I can contact Verizon Wireless and request a public IPV4 address. They were correct, and Verizon is in the process of making that change for us at no additional cost.