Sandstorm security model restricts outgoing and incoming connections. A hack exists to proxy connections, but the 'powerbox' feature will soon enable applications to selectively request the user authorization to perform such connections.
In the described setup this is not implemented. Therefore, only Node-RED interactions without a network are possible.