Issue
The Socket fails to establish a DTLS tunnel to the Cato Cloud when connected to LTE/5G providers such as AT&T Mobility, despite having active internet access through the ISP.
Environment
- Physical Socket
- LTE/5G Provider
Troubleshooting
- Refer to Socket Site Tunnel Connectivity Troubleshooting to gather detailed connectivity information and PCAP captures from the Socket WebUI.
- Verify that the Socket can successfully ping well-known public IP addresses (e.g., 8.8.8.8) via the WAN port.
- Ensure that there is bidirectional DTLS traffic over port UDP/443 on the WAN connection. This can be checked in the PCAP capture obtained in the first step.
- Further, analyze the PCAP capture for any signs of interference from the ISP during the DTLS handshake. Look for carrier-specific data (e.g., APN information) within the packet payload.
Solution
Some LTE/5G providers might interfere with DTLS connections on port UDP/443. To resolve this issue, change the DTLS port to UDP/1337 via the Socket WebUI as explained in Setting a Different Port to Connect to the Cato PoP
0 comments
Please sign in to leave a comment.