I have static set 192.168.0.100 can I access using port forwarding or dmz to get to device from any internet??
interesting 
have you tried yet?
I think I need the ports to forward to my internal lan address, no clue what of if chrome access uses a port??
have added 192.168.0.100 to dmz zone and am ready to port forward if we discover any ports for this purpose…
you mean via chrome http? could that be port 80 or 8080???
or do you want the android app to connect via internet ? that i dont know
let me restate my idea… If I can access my device on my lan, can I get to it via wan or outside my wan. I do this w video cameras, they have a lan address/port and I can port forward to this video camera and can access it outside my wan or the internet in general. There is usually a port that is forwarded? 80 or 8080 is likely all web traffic, would or could be more specific?
Welcome @mfendt !
It should be possible to access the node on LAN (home) from WAN (Internet).
You can use https://client.meshtastic.org/ or by accessing the web interface of the node. It is necessary to do a couple of adjustments to your Internet router (port forwarding and dynamic DNS).
This should allow you to send, and receive, messages on your Meshtastic mesh.
@garth and @mc-hamster should be able to tell you the ports to be forwarded. There might also be some features in the iOS and Android apps for connecting directly with nodes through IP-network?
1 Like
That’s how I access a remote node with Internet access: I’ve set up WireGuard both in the LAN and on my Android phone so that local IPs are tunnelled (not exposed by forwarding). This gives me the ability to make the node IP accessible by the Android app.
I’m using WireGuard, but I guess any VPN will do.
1 Like
I strongly advise against opening up your Meshtastic node directly to the internet. afaik it has no access security, which means anyone on the internet could find your node, and do all sorts of things with it. Getting your WiFi password for instance, is trivial with the device.
@ IZ1IVA has a good solution: using a VPN to your home network would be the safest route. Some routers offer a VPN endpoint; if you’re not familiar with running your own server, that might be the least-difficult solution.
Alternatively, you could set up a reverse proxy which handles authentication, or use remote administration over MQTT.
3 Likes
If you have a local computer, you can put up an nginx proxy that can handle authentication and secuirity, then use a cloudflare argo tunnel.
2 Likes
I found the simplest zero config way is using Tailscale, then advertise your local subsets on the Tailscale network and then access your Meshtastic device using its local IP.
I initially tried using a domain name, but you can’t.add.a domain name in the app only an IP address.
Ok, so I’ve managed to get WireGuard working between my Android phone and my home server but… how do I get the Android Meshtastic app to talk to my meshtastic device please?
First, find the IP address of your Meshtastic device, then launch the app, open the settings tab and input the IP in the IP address field. Tap on the radio button “IP address:” immediately above and you’re done!
Yes, you can access your device outside your local area network (LAN) by setting up remote access or using a virtual private network (VPN). Remote access solutions such as port forwarding or dynamic DNS can enable access to devices from anywhere with an internet connection. Additionally, VPN services offer secure and encrypted connections for accessing devices remotely while maintaining privacy and security.
To answer your original question, the port is TCP 4403 to connect from the android app to a meshtastic node, but I also opened 80 and 443 to allow the web client too.
It’s not mentioned in the user documentation but it is in the python documentation meshtastic.tcp_interface API documentation
I use Tailscale with ACLs (this gives your firewall like control) to lock down the tailnet traffic, so I needed to know this port to create the rule (pasted below). As already mentioned, it’s not a good idea to open ports from a device to the internet.
{
"action": "accept",
"src": ["tag:<tagname>"],
"dst": ["<meshtasticnode>:80,443,4403"],
},
Hi @Nucleus7681,
I have various AIS ahd ADSB raspberry pi “opened up” via port forwarding on my network. So far i have not ran into any security issues that im aware of. However , against better advice i enabled 4403 on my router and can connect the meshtastic app (Lenovo Android 9 Tablet) to my TBeam when away from home , which is handy.
That being said , i am a little conscious of 4403 and i am wondering how i setup this method youve chosen, ive installed the Tailscale app from Fdroid store and added my tablet. I am thinking i somehow have to add the Tbeam mesh device to that as well?
Any help appreciated .
Thanks in advance
Regards
You need to install tailscale on a device inside your network, the raspberry pi for example. Then you can set it as a “subnet router” and your android tablet will then be able to connect with the internal ip of your tbeam.
Don’t worry about ACL restrictions yet, that’s completely optional. The tailscale documentation is excellent and has step by step instructions for setting up subnet routers on Linux.
1 Like
Hi @Nucleus7681 ,
Thanks so much for your speedy response . I had an idea it could be achieved that way.
Enjoy the rest of your day
Best Regards
Any help on getting Tailscale to work on a Windows + Android. Do I have to map the node to the network somehow in Win pc to be able to see share it to Android device?
Hi Steve, Do you mean you want to use your windows device to act as a subnet router to allow your android to connect to your node when you’re not at home?