Remote Access Need Static IP?
- Thread starter 5artist5
- Start date
An update service can provide a URL that is kept up to date with the changes to a dynamic IP, avoiding the need for a static one providing your system (router, alarm etc.) supports it. I have been using the below free service for my setup. My ISP requires a business account at a greatly increased price in order to obtain static IP's.
https://www.dyndns.com/
https://www.dyndns.com/
A service like DynDNS is definitely the way to go. You either need to run the helper program on a computer which dials into DynDNS regularly and gives the current IP address, or use a router that supports DNS services directly. That is what I do, I use a router flashed with Tomato (but DD-WRT works too and perhaps others) and it will update DynDNS with the current IP address.
To access your system, you just type in a address like http://my_name.dyndns.org and it will connect to your router regardless of the ip address.
DynDNS has lots of addresses to choose from too.
To access your system, you just type in a address like http://my_name.dyndns.org and it will connect to your router regardless of the ip address.
DynDNS has lots of addresses to choose from too.
HAI_fjh
Active Member
To access your Omni from a remote location you will need to setup port forwarding in your router and you will need to have either a static IP address or a DDNS host name.
For more information I suggest you consult the HAI Knowledge Base (kb.homeauto.com) and search for terms like "remote access", "dynamic DNS", etc. There are several helpful articles.
For more information I suggest you consult the HAI Knowledge Base (kb.homeauto.com) and search for terms like "remote access", "dynamic DNS", etc. There are several helpful articles.
Is there a VPN client for the Ipod touch or Iphone? That would be cool.
There is a built in VPN client. It does PPTP or IPSec. PPTP is not considered secure, and can be bruteforced (I've done it). If you use PPTP, make sure you have the most complex line-noise looking password you can come up with. IPSec is the way to go, but I think the iPhone client only works with the OSX Server VPN server, or Cisco devices. I tried to get it working with a Juniper firewall awhile back, and couldn't get it working.
This is above my beginner level in many of the pertinent areas, but if he has HS, CQC, or something similar with a web interface at home interfacing with the HAI Omni, can he then use SSL VPN on the iPhone to access the system via a web browser?
Yes.
PPTP is going to be better than exposing the stuff to the net, but given a motivated attacker, they will be able to get your credentials unless you make the password nearly impossible to brute force. The person doesn't even have to be motivated, just bored. I've sniffed PPTP challenge-response in hotels when traveling and brute forced them our of sheer boredom. And I've done it for clients during assessments.I haven't researched IPSec on the iPhone lately. I just know that a couple of years ago when I tried to make it work with a Juniper firewall, I couldn't get it working because there was some non-standard shenanigans going on. You might have a look at this though:
http://www.jacco2.dds.nl/networking/freeswan-panther.html
The document is a bit old, but it does describe how to get it working with a linux box acting as the VPN gateway. If the VPN gateway resides behind your firewall, you'll need to forward UDP/500 and tcp/4500 to the linux box. It should get the required traffic there, as the ESP and AH should be encapsulated in the port 4500 packet. If not, you'll also need to forward IP protocols 50 and 51 (note that these are NOT ports), and most crappy little home routers do not give you the capability to do port forward anything other than TCP, UDP, and ICMP (if that).
Similar threads
- Question
