Configuring Public Network Access
Last updated:2026-01-30 14:55:28
Scenarios
When your client cannot access the VPC network, such as clients like sensors, vehicle-mounted terminals, or smart home appliances, which are in large quantity and widely distributed; clients are mobile devices; or hybrid cloud and cross-cloud environments without high-speed channels or dedicated lines. You can connect to the MQTT server via the public network. Cross-network production and consumption can be achieved by enabling public network routes. If public network access is enabled, it is recommended to configure a secure access policy to strictly limit access IPs and ensure data security.
This document introduces the directions for enabling public network routes, adjusting public network bandwidth configuration, and deleting public network bandwidth in the TDMQ for MQTT console.
Restrictions and Limitations
After enabling public network access, you need to pay extra fee. For specific price, see billing overview.
A cluster supports creating only one public network route.
Operation Steps
Enabling Public Network Access and Configuring Security Policy
1. Log in to the TDMQ MQTT console.
2. Select Resource > Cluster in the left sidebar. After selecting a region, click the ID of the target cluster to enter the cluster basic information page.
3. If you have enabled public network access, you can see the specific public network bandwidth in the Access Information module. If you haven't enabled public network access, see procedure 4.
4. In the Access Information module, click Enable next to public network.
5. In the pop-up window, after enabling public network bandwidth, select the required Public Network Bandwidth size and configure the public network security policy.
The public network security policy supports filling in IPs and IP ranges. If no security policy is set, it will default deny all IP access. If a new rule duplicates an existing rule, the last added entry will be priority match.
Note:
IP address source supports the following formats:
Single IP address: such as 192.168.0.1
CIDR: such as 192.168.1.0/24
Entering 0.0.0.0/0 will permit access from all addresses. Exercise caution when you use this setting.
6. Click Submit and pay, then return to console. The public network will show as enabling. Wait for the public network to complete enabling.
7. After enabling, in the client access module, you can see the public network access address already shows public network bandwidth and IP information, etc. You can enable or disable access points for certain protocols in the operation bar.
8. You can confirm network connectivity by the following command:
curl -v http://mqtt-xxxx-sh-public.mqtt.tencenttdmq.com/status/check
Among them, mqtt-xxxx-sh-public.mqtt.tencenttdmq.com is an access point that requires verification.
If connected, you will see output similar to the following:
Adjusting Public Network Bandwidth Configuration
1. On the cluster management page, click Adjust Network Bandwidth in the operation bar.
2. Modify the public network bandwidth in the pop-up window, click Confirm to complete the bandwidth configuration adjustment.
Disabling Public Network (Delete Public Network Route)
1. On the cluster list page, click Adjust Network Bandwidth in the operation bar.
2. Disable public network access in the pop-up window, and the public network will be disabled after submission.
Was this page helpful?
You can also Contact Sales or Submit a Ticket for help.
Yes
No
Feedback