Usage

Napter can be easily accessed directly from the User Console. While Napter provides secure remote access to your device, Napter cannot resolve any connection issues, such as a device being powered off, located in an area without cellular coverage, missing authentication information, or other device-side problems. Before enabling remote access, ensure that your device is properly configured beforehand.


Enabling Remote Access

Enabling Remote Access will incur fees. Refer to the Pricing & Fee Schedule for more information.

  1. Login to the User Console. From the Menu, open the SIM Management screen.

  2. From the list of subscribers, click the for the SIM you want to remotely access.

  3. Click the Actions menu, then select On-demand Remote Access.

    https://console.soracom.io

    Napter

  4. Enter the following connection settings:

    Napter

  1. Click the OK button to enable secure remote access.

By clicking the OK button, your account will incur the Napter usage fee. Please refer to the Pricing & Fee Schedule for more information.

Once remote access has been enabled, the connection settings will be displayed.

Napter

You can then use the IP address or hostname, and port, to establish a connection to your device.

For your convenience, common connection templates are provided to help you quickly start a connection.


Connect to your Device

Use the IP Address, Hostname, and Port information to connect remotely to your device.

For example, if connecting via SSH, simply initiate an SSH connection using the appropriate information.

ssh -p 12345 3-12-34-56.napter.soracom.io -l user

Depending on your device's SSH settings, you may need to specify the local username or provide authentication credentials as part of the SSH command.

The same connection information can be used for other protocols, including RDP, VNC, and HTTP/HTTPS.


Disabling Remote Access

If you have finished using your remote access connection, you can manually delete the connection.

  1. Login to the User Console. From the Menu, open the SIM Management screen.

  2. From the list of subscribers, click the for the SIM you want to remotely access.

  3. Click the Actions menu, then select On-demand Remote Access. Your currently enabled connections will be listed:

    Napter

  4. Click the Remove button for the connection you want to disable.

Note that once you remove a connection, it will be deleted and cannot be recovered. If you create a new connection, it will receive new IP Address, Hostname, and Port settings.


Troubleshooting Connections

In some situations, you may be unable to connect to your device even if Napter has successfully established an on-demand connection.

The Audit Logs log data can help in troubleshooting potential connection problems.

For example, if the Audit Logs indicate the ACCESS and CONNECTED events, then Napter has successfully received the incoming connection request, and also successfully forwarded the request to the device. Any connection difficulty is therefore likely due to the device not responding to the connection request, such as an unresponsive service, an improperly configured firewall, or bad traffic routing within the device.


Programmatic Usage

You can also enable and disable remote access programmatically in order to integrate Napter directly in your device management workflow.

Soracom API

To access the Soracom API, first use the auth API to obtain an API Key and Token. Refer to the API Reference Guide for instructions on how to use the API Key and Token in API requests.

Then, use the createPortMapping API to start a new on-demand remote access connection:

curl -X POST \
>  -H 'X-Soracom-API-Key: <MY-API-KEY>' \
>  -H 'X-Soracom-Token: <MY-TOKEN>' \
>  -H 'Accept: application/json' \
>  -H 'Content-Type: application/json' \
>  -d '{
>        "destination": {
>          "imsi": "<IMSI>",
>          "port": 22
>        },
>        "duration": 3600,
>        "tlsRequired": false
>      }' \
>  https://g.api.soracom.io/v1/port_mappings

The API will return a JSON response containing the following data:

{
  "ipAddress": "12.34.56.78",
  "port": 12345,
  "hostname": "12-34-56-78.napter.soracom.io"
}

You can then use these values to establish a remote access connection to your device.

To list current on-demand remote access sessions for all subscribers or for a specific subscriber:

And to end an on-demand remote access session, pass the ipAddress and port into:

Soracom CLI

To use the Soracom CLI, you must first configure it to authenticate with your account information, authorization key, or SAM user credentials.

Then, run the following command to start a new on-demand remote access connection:

soracom port-mappings create --body '{ "destination": { "imsi": "<IMSI>", "port": 22 }, "duration": 3600, "tlsRequired": false }' --coverage-type g

The CLI will return a response similar to the API example above. You can then use a command like jq to parse the response in order to pass the ipAddress or hostname and port values into another command.

SSH Example

You can combine soracom to create an on-demand remote access session, jq to parse the remote access details, and awk to format the details as command arguments in order to create a one-liner SSH connection command:

ssh `soracom port-mappings create --body '{ "destination": { "imsi": "295050012345678", "port": 22 }, "duration": 3600, "tlsRequired": false }' | jq -r '[.hostname, .port] | join(" ")' | awk '{print "-p " $2 " pi@" $1}'`

To list current on-demand remote access sessions, use the following commands to list for all subscribers or for a specific subscriber:

  • soracom port-mappings list
  • soracom port-mappings get

And the following command to end an an on-demand remote access session:

  • soracom port-mappings delete