How do you "securely" access the M1G via Internet?

[DotNetDog]

According to the Elk's web page for the RMS software, they do not provide a secure connection to the M1G system over the Internet.

"IMPORTANT: ElkRM does not currently support SSL (encrypted) secure connections. As such, ElkRM cannot be used outside the local network without opening (port forwarding) the non-secure, unencrypted port. Connecting to ElkRM outside the local network using the non-secure port is STRONGLY DISCOURAGED, due to the obvious security issue this presents."

So how do you guys access your M1G over the Internet? I want to be able to use my cell phone (not a iPhone nor a Droid) as I return from vacation. I may want to set the thermostats so the house will be comfortable when we walk in the door.

 

[wuench]

According to the Elk's web page for the RMS software, they do not provide a secure connection to the M1G system over the Internet.

"IMPORTANT: ElkRM does not currently support SSL (encrypted) secure connections. As such, ElkRM cannot be used outside the local network without opening (port forwarding) the non-secure, unencrypted port. Connecting to ElkRM outside the local network using the non-secure port is STRONGLY DISCOURAGED, due to the obvious security issue this presents."

So how do you guys access your M1G over the Internet? I want to be able to use my cell phone (not a iPhone nor a Droid) as I return from vacation. I may want to set the thermostats so the house will be comfortable when we walk in the door.

You could always use the telephone interface or maybe look into a VPN setup if your phone supports that. Other than that, there is not a whole lot you can do, unless you want to open the non-secure port on your router then anyone can find your Elk with a Google search and access it.

 

[DotNetDog]

According to the Elk's web page for the RMS software, they do not provide a secure connection to the M1G system over the Internet.
...
So how do you guys access your M1G over the Internet? I want to be able to use my cell phone (not a iPhone nor a Droid) as I return from vacation. I may want to set the thermostats so the house will be comfortable when we walk in the door.

You could always use the telephone interface or maybe look into a VPN setup if your phone supports that. Other than that, there is not a whole lot you can do, unless you want to open the non-secure port on your router then anyone can find your Elk with a Google search and access it.

Well, obviously I am not going to open up an unsecure connection. I've been comparing the Elk to the OmniProII. The OmniProII can do secure connections via WebLinkIII (running on Home Server). I'm just trying to see how Elk users accomplish remote/Internet access into their M1G systems. Anyone?

 

[fcwilt]

You can always get a router the supports VPNs (virtual private networks). This puts the security into the connection from the remote VPN client (usually a piece of software or driver that runs on the remote PC, device, etc) to the router.

The connection from the router to whatever (in this case the ELK M1G) can be unsecured without worries.

 

[Lagerhead]

Anyone?

Since you asked -- on topic, but probably irrelevant for most readers...

Behind the firewall, my M1 talks to my Barionet, and all of my off-premises interaction with the M1 is through the Barionet, using a browser interface with a fair amount of custom code. As documented elsewhere, this makes sense for my situation and maybe not for others, but it is an effective solution that largely protects the M1. Fallback -- which I have never used other than testing -- is telephone dial-in.

Don't most off-the-shelf PC-based HA systems provide similar capability (i.e. as a secure intermediary)?

 

[Steve]

As mentioned I use a VPN connection from my iPhone to DD-WRT. No ports are open t all, I just need to start the VPN session before I run any of the apps.

 

[electron]

What phone do you have? I personally connect with an SSH client to my network at home, and use tunneling in order to get secure remote access. I did this on my Windows Mobile phone, and I am now doing this on my Droid as well (see the ElkDroid video on the front page for an example). VPN is probably the easiest way of doing this, you just need a router which supports it.

 

[apostolakisl]

Another option is to use remote desktop. I have vpn, but I also have an i phone and that silly old crazy Steve Jobs refuses to support Java so I can't view the Elk console natively on the phone. Instead I use remote desktop to bring up my computer at home and then view the Elk console through that. It works quite well, it can be sluggish, but mostly the system responds in a split second.

There are also the dedicated Elk control applications for smartphones, but I have decided to hold off on that until I see what ISY integration looks like and how the ISY phone applications work in the control.

 

[pete_c]

I use SSH tunneling also; works well. Initially it was based on my software FW; but recently have set it up with DD-WRT. Its basically two pieces with creating the SSH tunnel and then various profiles for individual clients. What is convenient is that you don't really need to do anything with the M1G as all of the work is being done with the router.

 

[DotNetDog]

My phone is a Samsung Reality. It is a simple web-capable phone but not a "smart" phone or PDA. So while I have web access via a browser, it does not support VPN. Bummer! So I would need to look at a 3rd party software solution.

 

[Steve]

Maybe it would be easiest to look into upgrading your phone

 

[DotNetDog]

Maybe it would be easiest to look into upgrading your phone

I'm afraid that darned Murphy and his stupid laws already struck. We upgraded out phones last month. I'll either find a simple solution or just write my own. The benefits of being a software developer.