Networks, APNs and IP Addressing
eSIM changes how profiles are delivered, but the mobile network still decides coverage, roaming, APN behaviour, IP addressing, data routing and remote access options.
Roaming versus local profiles
Roaming profiles are attractive because they can simplify procurement and improve coverage choice. Local profiles may be better for cost, latency, regulatory reasons or network features. The right choice depends on where the devices are deployed and what failure mode matters most.
Public IP, private IP and CGNAT
Remote access is often where IoT SIM projects get messy. A public IP can make access simple, but it can also expose services if the router is poorly configured. Private IP SIMs and CGNAT are safer by default but usually require VPN, private APN routing or a managed access platform.
| Approach | Benefit | Risk |
|---|---|---|
| Public fixed IP | Simple direct access. | Can be risky if firewalling and credentials are weak. |
| Private fixed IP | Better controlled access model. | Needs VPN, private APN or provider routing. |
| CGNAT/dynamic IP | Common and often cheaper. | Inbound access usually needs a platform or outbound tunnel. |
| Private APN | Controlled routing and segmentation. | More operational complexity. |
Where SGP.32 may help
SGP.32 can make profile control more flexible, but it does not decide the network architecture. A profile switch can change the operator relationship; it cannot fix a badly planned APN, poor antenna placement or a missing remote access strategy.
Practical network questions
- Which networks are actually available at the site?
- Does the provider use roaming or a direct local profile?
- Is inbound access required or can the device call out?
- Who controls the APN and routing?
- How is the router reached if the main profile fails?