Remote http access to raspberry pi via LTE dongle

Question

What I want to do:

I have built a Raspberry Pi based robot I'm building for a robot competition.

The robot can be controlled through an http webpage hosted inside the Raspberry Pi itself. It uses websockets and streams a real time feed from the raspicam attached on the Raspberry Pi itself. The client is any web browser on any client on the locak network currently.

Because of the current Human Malaware situation, I want to add the option to pilot the robot remotely from the internet, rather than locally through Wi-Fi. To do so, I bought a Huaway E3372h LTE dongle. The dongle is configured and allows the Raspberry to access the internet.

PROBLEM:

While I have access from the robot to the internet, I do not know how to access the webserver hosted inside the Raspberry Pi from the internet.

I would like to access the webpage hosted inside the robot from a web browser like this: http://{Robot Public IP Address}:8080

I would like to do so, using no software inside the client, just a regular web browser.

Looking at other answers, I understand this to be a NAT problem, but I do not understand how to solve it. I saw people suggesting setting up a VPN, which would either require a middle man server or software inside the client, which I would like to avoid. Another suggestion was to contact the carrier to configure the NAT on their side.

SPECIFICATIONS:

I measured the bandwidth:

• Robot -> Client Bandwidth: 2.4Mb/s
• Client -> Robot Bandwidth: 49.6 Kb/s
• Data usage: 0.87h/GB
• Target Latency: 100ms to 150ms

QUESTION:

Is there another simple solution to just allow http traffic on port 8080 to be visible from the internet or another solution worth considering?

UPDATE:

I'm still researching the topic, It's not a problem with a straightforward solution. Techniques under consideration:

• IoT SIM: Static IP, but premium cost. About 50€/Month/GB.
• openVPN: Looks promising, requires a static server for negotiation, I'm not clear on how to implement it clientside with just a javascript running in a browser. Also, latency and performance is unknown, it might not handle remote controls.
• TCP Hole Punching: This technique should allow a direct TCP channel behind NAT by using a fixed point for just negotiation. It's used in peer-to-peer networks.

Answer 1

Much of this will depend on your wireless provider. As you've stated if the LTE device gets a private (RFC1918) address from the provider then they are definitely NAT-ing and you won't be able to access the Pi. In many cases even if a wireless provider gave public IP addresses to their subscribers they are most likely still behind a firewall, which is there to simply protect their Radio Access Network (RAN) as opposed to their subscribers.

The easy workaround would be to talk to your provider and see if they offer a static public IP address add-on to your service. This typically involves a small up-charge on the account and some providers will not filter/firewall that IP, which means you can access your Pi the way you are wanting. You will want to verify with your provider first before committing to the extra service charges.

The other options you mentioned such as a VPN can work, but would require more configuration and is not as simple as you'd like.