How to setup my Blynk local server so that I can use it from out side my local network

I can use my Blynk sever using local network(using my wifi-router) , but I want to use my Blynk server from long distance using cellular network. I have already forwarded the ports 8443,8442,8441,9443 what else to do? please tell me in details.

OS: Ubuntu 18.04
Blynk sever version 0.40.2

@amitkray31: Maybe, this helps:

1 Like

I have generated my WAN ip and I can connect to local Blynk server locally using that WAN ip but I can not access it worldwide.
I have forwarded the ports on router but still when I check the ports on ** it showing that “Port 8443 is not open. In order to connect, you will need to open the port in your router by Port Forwarding.

Please help me in this


hardware ssl port

hardware plain tcp/ip port

#http port

#web sockets ssl port

#web sockets plain tcp port

#https port

#application ssl port

1 Like

Well, ports changed awhile ago… so old web tutorials and documentation is probably incorrect. Thus the Application port is 9443… and the Hardware port is 8080

This sounds contradictory to me… if a port scanner says the pot is not open, then you didn’t forward it properly. Google for the how to on your router if need be as it is not Blynk specific. But remember using the correct current ports are Blynk specific.

please send me the modified code and tell me which port to forward.

What modified code?? there is no code involved in your issue, just server setup and port forwarding.

As for which ports… I already said… 9443 for App and 8080 for Hardware (ESP, Arduino, etc.), just point both (coming from the WAN side) to your RPi’s IP (on the LAN side).

ok, thanks.

> #Hardware ssl port
> hardware.ssl.port=8080
> #application ssl port
> app.ssl.port=9443
> #by default server uses embedded in jar cert to simplify local server installation.
> #provide either full path to files either use '.' for specifying current directory. For instance "./myfile.crt"
> server.ssl.cert=./server_embedded.crt
> server.ssl.key=./server_embedded.pem
> server.ssl.key.pass=
> #Blynk server allows to use 2 hosts for same IP, below properties for second host
> server2.ssl.cert=./server_embedded.crt
> server2.ssl.key=./server_embedded.pem
> server2.ssl.key.pass=
> client.ssl.cert=
> client.ssl.key=
> #by default System.getProperty("")/blynk used
> data.folder=
> #folder for logs.
> logs.folder=./logs
> #log debug level. trace|debug|info|error. Defines how precise logging will be.
> log.level=info
> #defines maximum allowed number of user dashboards. Needed to limit possible number of tokens.
> user.dashboard.max.limit=10
> #defines maximum allowed widget size in KBs as json string.
> user.widget.max.size.limit=10
> #user is limited with 100 messages per second.
> user.message.quota.limit=100
> #in case of consistent quota limit exceed during long term, sending warning response back to exceeding channel
> #for performance reason sending only 1 message within interval. In millis
> user.message.quota.limit.exceeded.warning.period=60000
> #maximum allowed number of notification queue. Queue responsible for processing email, pushes, twits sending.
> #Because of performance issue - those queue is processed in separate thread, this is required due
> #to blocking nature of all above operations. Usually limit shouldn't be reached.
> notifications.queue.limit=10000
> #Number of threads for performing blocking operations - push, twits, emails, db queries.
> #Recommended to hold this value low unless you have to perform a lot of blocking operations.
> blocking.processor.thread.pool.limit=5
> #this setting defines how often we can send mail/tweet/push or any other notification. Specified in seconds
> notifications.frequency.user.quota.limit=60
> #maximum size of user profile in kb's
> user.profile.max.size=128
> #period in millis for saving all user DB to disk.
> #period in millis for saving stats to disk.
> stats.print.worker.period=60000
> #specifies maximum period of time when application socket could be idle. After which
> #socket will be closed due to non activity. In seconds. Default value 600 if not provided.
> #leave it empty for infinity timeout
> app.socket.idle.timeout=600
> #specifies maximum period of time when hardware socket could be idle. After which
> #socket will be closed due to non activity. In seconds. Default value 15 if not provided.
> #leave it empty for infinity timeout
> hard.socket.idle.timeout=15
> #Enables native socket transport for Linux using JNI. Should be turned on only if you 100% sure.
> #may not work on some environments. Used to increase server performance. Performance boost is ~20-40%.
> enable.native.epoll.transport=false
> #Enabled native openSSL support for SSL handlers. Should be turned on only if you 100% sure.
> #may not work on some environments. Used to increase server performance. Performance boost is ~16%.
> #For more details see -
> enable.native.openssl=false
> #mostly required for local servers setup in case user want to log raw data in CSV format
> #from his hardware
> #size of async logger ring buffer. should be increased for loads >2-3k req/sec
> async.logger.ring.buffer.size=8192
> admin.rootPath=/admin
> #administration https port
> administration.https.port=7443
> #reset pass port
> reset.pass.http.port=7444
> #host for reset pass redirect. by default current server IP is taken. could be replaced with more friendly hostname.
> #it is recommended to override this property with your server IP to avoid possible problems of host resolving
> #comma separated list of administrator IPs. allow access to admin UI only for those IPs.
> #you may set it for to allow access for all.
> #you may use CIDR notation. For instance,
> allowed.administrator.ips=
> #comma separated list of users allowed to create accounts. leave it empty if no restriction required.
> allowed.users.list=
> #Enable raw data
> enable.db=true

is the setup for server okay now?

Those are for the SSL ports, not the TCP ones

Just follow the main install directions…

…and in there you will find a small link for an example file

Open ports 9443 (for app and hardware with ssl), 8080 (for hardware without ssl)
Do you know how to do that on Ubuntu 18.04?
please tell me the commands and process.
I forwarded the ports on my router, but unable to open port with ssl

@amitkray31 Try netstat -ant on the console and share the result.
Then you can at least see if the ports are open on the server side.

Btw: On my local server I’ve set force.port.80.for.redirect=false

tcp6 0 0 ::1:631 :::* LISTEN
tcp6 0 0 :::8440 :::* LISTEN
tcp6 0 0 :::9443 :::* LISTEN
tcp6 0 0 :::8080 :::* LISTEN
output is like this

@amitkray31 Where in your forwarding rules is the IP address of the server defined? I don’t see it in the screenshot in one of the previous posts.

In my route I’ve set something like e.g.
incoming port: 8080 // forwarded to: port 8080

You mean this

in internal ip section I put the local ip of my machine(ipV4 address)

Try disabling IPv6 on that interface as it’s not listening on IPv4… if you don’t know how to do it use THIS link.


This is a bit more complicated, as may some people think. So I am here to guide you trough this process, but there are some requirements you (your internet connection/your ISP) need to meet. I will not be explaining the whole thing as it is, because it is unnecessary and time consuming. I will go with you trough setup step - by - step.

So, first requirement is: You have to have PUBLIC ip (not to confuse with STATIC ip, as this is another thing). How to find out if you do have public IP? Well:

  1. Go to some website that will show you your IP for example:
  2. Open your router settings (navigate to 192.168.x.1 - usually), and look for something like “Internet address” or “Gateway IP” or if you will be not sure wich one is that right, just post screenshot here.
  3. If your router internet IP matches IP displayed by whatismyip website, then you very likely meet first requirement, IF NOT, then it is very likely that you are behind double NAT - read - screwed.

After this I will tell you what is your next options - good luck!

P.S. This has nothing to do with ports, or your sketches for now.


yes I have got my public ip. what next?

Okay, so, if your router internet IP and your actual public IP matches, then you should have public IP. Now we need to know whether you have dynamic or static IP. Does your agreement with ISP say anything about it? Or perhaps description of your internet program? Try to find out.

My router’s internet IP and Public IP didn’t matches together. I have created a WAN IP with the help of and using it I can connect to my server locally but not worldwide.

please forward the 8080 and 9443 port on your router. if you already forwarding ports then test the port if its really opened: