[SOLVED]Can´t reach a port listening vía rmnet0 interface

I have developed a Modbus Server and is listening on port 502.
I have added the INPUT rule for the tcp protocol, port etc.
I have also added sometimes an output rule

Then I have put all in ACCEPT policies. INPUT, FORWARD and OUTPUT…like “iptables -P INPUT ACCEPT” and so on. But it still does not work.

I can establish connection with 502 port when I acces vía USB ECM, iptables works fine when is related to usb ecm interface, but it seems that does not take effect when is related to rmnet0 interface

I have tried with almost 3 WP85 different modules.

I have 2 SIM cards with public and static IP, this lines are working fine in a Sierra Wireless OpenAT Q26 module with a similar Modbus/TCP server. So the problem is not the data connection

WP85 are getting the static IP, and I can send and receive data if I start comunication from WP85. But it is imposible to reach 502 port from outside, only via usb ecm

module= WP85; firmware=18.6.4

probably your SIM card is not having public IP address
Or maybe the network operator blocks on this port 502

Ye it has. and is comunicating with our servers. I HAve also checked it with “cm data”

it is communicating with your server → this is TCP client only.

But you are now holding a TCP server on port 502 on module, so there is chance that the network blocks this port 502, or the IP address is not exposing to public.

BTW, have you tried other port like 80 or 21?
Can your PC ping the module’s pubic IP address?

Our app has several ways of communication. It connects with our severs, but we also can configure a Modbus TCP Server

They do not respond to ping when I PC ping to the public static IP

They only respond ping via USB, when I ping

then it seems your network does not allow to do so

I do not think network is blocking 502 port, becase I checked the same with a SierraWireless OpenAT Q26 and is working fine

is it only working on 2G network?

You can capture wireshark log and see if there is any clue.

Thanks!! for your Quick responses…I’m going to try with 2G, trying to use wireshark and read that post

BTW, when you work with 2G network with Q26, is that your PC can ping the module with public IP address?

I think the first step is to let outside PC to ping the module with public IP address

Yes in that case my PC can ping Q26 with public IP adress.

Yes!! I am going to try to ping WP85 as first step

I have installed tcpdump and I can see ICMP packets that are arriving

IPTABLES is ALL enabled

But I do not get ping response.
I have tried to connect to 502 port, and I also have seen the packets. But the app client in my PC couldn´t connect.

You also need to disable the firewall of module:

iptables -I INPUT -j ACCEPT

You can also try this TCP server application:

Or you can download the nc binary here:

Transfer to the WP module, and then type the following for TCP server:
root@swi-mdm9x28:/tmp# chmod 777 ./nc
root@swi-mdm9x28:/tmp# ./nc -l -p 1234

My TCP Server is running and accepting conncections via USB ECM.
I´ve compared my code with fwupdate and is almost the same, with identical config FLAGS…etc
I have put this rule iptables -I INPUT -j ACCEPT, but there is no way.
I still cannot ping via rmnet0

I´m going to try nc application, it´s pretty interesting

if you cannot ping the module’s IP , there is no way the TCP server to work on module

yeah, that is true. I think there is something that is blocking rmnet0 data and it has nothing to do whith iptables, but I do not know what could be.

Althoug it seems there is nothing wrong in my code, I cannot discard to do whatever Test, because a small detail in my code could be the problem.

I´m going to uninstall my app and open a port using nc, and I will see

BTW, are you trying 2G network which is the same technology as Q26 module?

Yes, I tried that yesterday, but with the same results.

I will try later again

OK, please try the same 2G network with same APN

These are my results with nc

The client app view

and iptables

NAT tables and other tables of iptables are all in ACCEPT

It is not my application, I think it has nothing to do with iptables either. I´m really lost.

I´m going to upgrade from LEgato R16.1-18.6.4 to R17-18.6.4 and see what happens