I have to send a command from the internet to a device in a WLAN, which is listening to the port 9999.
The device itself is only assigned local IP.
I also have n (2-100+) number of devices with the same program (listening to port 9999).
I know all the devices' local IPs, and I know which IP to send command to.
How can I send the command from external network (cloud/mobile device) to a specific local IP through the gateway router?
I understand that it can be achieved with a server running inside the WLAN, or a dedicated gateway device. But I am interested to know if this possible with the wireless router only.
76 Answers
It needs something else than a router
A router, both by definition and common usage, routes packets based on the indicated destination address and port, and not other factors.
Whatever tech you're using to send it, by the time a single TCP/IP packet arrives from an outside connection to the router, the router must decide what to do with that single packet, to which of the hundreds of your internal devices it should be sent - and it needs information to do that.
It cannot use the IP address information, since in your setup you'd have only a single external IP address, and that would be the address of the router - the same for all packets which you'd want to route differently.
It could use the TCP port information for that, as suggested in other answers, but it's apparently not acceptable.
It could use the packet payload, but it won't do that. The commonly used consumer wireless routers will not do inspection of each packet payload to decide their routing in whatever way. You could make a custom device or code to handle that, which would in effect be the same as "a server running inside the WLAN" which is apparently also not acceptable.
There is no other information - a router might make some decisions based on other fields in the IP packet header but those fields are either not usable at all for your needs or impractical - e.g. you might set up routing based on the source IP address and send packets with spoofed source addresses, but it would have all the same configuration problems as simply using ports for that.
3Enter n port mappings (port forwardings) into the NAT gateway settings on the wireless router. For convenience' sake, maybe make the public ports correlate to the client's internal IP address (the host number part) plus a prefix (say, 50000).
So let's say you've got client machines on private addresses 10.0.0.2 through 10.0.0.202. Enter port mappings like this:
[wireless router public IP]:50002 -> 10.0.0.2:9999 [wireless router public IP]:50003 -> 10.0.0.3:9999 … [wireless router public IP]:50202 -> 10.0.0.202:9999
Now, in your client software, to reach each host, you always specify the public IP address of your NAT gateway (your wireless router), but you vary the port you specify based on which client you wanted to get to.
Most client software lets you specify a port, either by encoding it in the URL like , or by specifying it as a command-line argument, often after a -p or -P option. Check the man page for your tool.
You have two options to accomplish your task
- Using VPN access to WiFi router - in that way your external device need to use some of vpn protocols available around (for example PPTP) in that way the device will have route to internal Wifi network, then you can connect directly to each IP.
- Using Socks - you need to find wifi router that have socks-proxy support.
The first way is more easy to be accomplish without change your application code. You can use DD-WRT or Mikrotik based Wifi routers for both options. For me Mikrotik is more easily to setup as VPN server. Here is more info about Socks implementation.
0You can use port forwarding on your router, of course. But there are security risks associated with it.
If you are able to run OpenVPN on your devices, I suggest you create a VPN. With all your devices and your cloud/mobile also on the VPN, you can access them as if they were physically on the same network. Plus, all the communication would be encrypted.
1You can open a port forwarding rule on the router, stating that anything received on the public interface and port 9999 must be forwarded to the IP of your device and the same port.
The router will send the external requirements to the device and port specified and the other devices will be unaware of this traffic.
4You'd need to setup NAT/port forwarding on your wireless router. Since you didnt specify what router you have, I can't help you further. Also many consumer wireless routers have low end feature sets, it may limit the number of manual port forwards.
Edit because i can't respond to comments for whatever dumb reason
No you cant map a single port to multiple IPs without a load balancer. You'd have to set different ports on the external interface of your router, to map to the various IP/port combinations of the devices on your internal network.
1
