Telemetry link on Vodacom's network

[JacoV]

Hi there,

What would be the best way of setting up a point-to-point telemetry link using Vodacom's network? What I basically want to do is to transfer information from one PC (connected to Vodacom's network via a GPRS module) to another PC (also connected to Vodacom's network via a GPRS module). I am using Winsock and C++ to create a TCP client and a TCP server (as well as a UDP client and UDP server). Using the client and server, I can successfully transmit a file (data) using the Ethernet ports and a cross-connect Ethernet cable. However, when I try the same setup over the GPRS network, I run into problems (I tried both the "internet" and "internetVPN" APNs). I can ping the one machine from the other and vice versa on both APNs, but it seems like somewhere in Vodacom's network, the outgoing TCP/UDP data is blocked. I confirmed this using a sniffer (Ethereal).

I have to admit, I am not at all clued up with security. What precautions should I take with the above setup? Will the Firewall coming with Windows suffice?

I also noticed a TCP connection to another machine (172.x.x.x, can't remember the precise IP address). Is this the connection to the DHCP router?

Your time, effort and suggestions will be greatly appreciated
Jaco Versfeld

 

[vodacom3g]

Hi there,

What would be the best way of setting up a point-to-point telemetry link using Vodacom's network? What I basically want to do is to transfer information from one PC (connected to Vodacom's network via a GPRS module) to another PC (also connected to Vodacom's network via a GPRS module). I am using Winsock and C++ to create a TCP client and a TCP server (as well as a UDP client and UDP server). Using the client and server, I can successfully transmit a file (data) using the Ethernet ports and a cross-connect Ethernet cable. However, when I try the same setup over the GPRS network, I run into problems (I tried both the "internet" and "internetVPN" APNs). I can ping the one machine from the other and vice versa on both APNs, but it seems like somewhere in Vodacom's network, the outgoing TCP/UDP data is blocked. I confirmed this using a sniffer (Ethereal).

I have to admit, I am not at all clued up with security. What precautions should I take with the above setup? Will the Firewall coming with Windows suffice?

I also noticed a TCP connection to another machine (172.x.x.x, can't remember the precise IP address). Is this the connection to the DHCP router?

Your time, effort and suggestions will be greatly appreciated
Jaco Versfeld

PM me your contact details and I'll talk you through it.

Basically all incoming ports are blocked on the Vodacom network, primarily to protect you against port-attacks.

What you need to do is to put the one PC that must accept the incoming connections on the 'unrestricted' apn. All other PC's connecting to it can be on the 'internet' apn. Try and ensure that data only flow from the clients to the sever, i.e. no polling from the server. Or at least let the clients open the TCP session. With UDP you'll have to ensure a server-centric architecture.

Just remember you're exposing the 'unrestricted' PC to the internet community so make sure you protect it well. For the same reason, don't put all the client nodes on this apn.

Maybe the connection you saw was to 127.0.0.1, the local loopback? If so, you can probably ignore it.

PM me. I'm keen to hear what you're up to. We don't have enough telemetry systems in this country!

 

[ic]

...
I have to admit, I am not at all clued up with security. What precautions should I take with the above setup? Will the Firewall coming with Windows suffice?
...

Unfortunately not, the builtin Windoze firewall is really shoddy.

If it weren't for the GPRS modem modules you're using, I would have suggested considering using the Linksys WRT54G3G router at both ends - it should have much better firewalling than the Windoze firewall.

 

[rehd]

Yeah I would also be very interested in the actually configuration of this setup. If you could let me know as well would be appreciated..

 

[JacoV]

Thanks to all who helped. I sorted out most of the bugs, and the system is working.

Thanks again,
Jaco