Remote access question - Canadian TV, Computing and Home Theatre Forums
Reply
 
LinkBack Thread Tools Search this Thread Display Modes

post #1 of 78 (permalink) Old 2013-04-21, 09:21 PM Thread Starter
 
Join Date: Apr 2013
Posts: 57
Remote access question

Guys, I want to access my home network from a remote location but I'm kind of lost, and don't even know if it's possible from what I've read.

My ISP is Bell and I have a Netgear mvbr1210c Turbo Hub on the cellular network. My visible ip starts with 184.xxx.xxx.xxx. The ip in my router (Turbo Hub) is 10.xxx.xxx.xxx (Wireless Broadband Port). Then my devices have ip's on my local network, 168.xxx.xxx.xxx. Is there any way I can access my home network from the outside. Thanks for any help.

Glen
Muskoka is offline  
Sponsored Links
Advertisement
 
post #2 of 78 (permalink) Old 2013-04-22, 10:40 AM
 
Join Date: Mar 2006
Posts: 55
If your just trying to remotely control a computer on your home network, Google TeamViewer. If is a great program for remote access to a computer from anywhere. Very easy to setup, and gets through any firewall setting. Free for non-business use.
spuggy68 is offline  
post #3 of 78 (permalink) Old 2013-04-22, 11:55 AM
Veteran
 
Join Date: May 2009
Location: Mississauga
Posts: 7,868
That depends on what you're trying to do. If you want to access some server on your local network, you have to set up port forwarding on your firewall for that server. The next issue is what address to use. If your public IP address is DHCP, then you may find that IP address no longer connects to your system. So, you'll need some sort of DNS service that can handle DHCP addresses. I'm on Rogers. While they use DHCP to provide addresses, they also provide a long host name, based on my modem and firewall MAC addresses. This host name will never change, unless I change the hardware.

If you want general access to your home network, one possibility is to set up a Virtual Private Network (VPN) to your home network. One thing I have done, which allows me to connect to my home network is set it up for IPv6. This gives me my own subnet (with 2^72 addresses or about a trillion times the entire IPv4 address space) with static addresses. I then can access those IPv6 from elsewhere, by running 6in4 tunnel software on my notebook computer. That software enables carryinng IPv6 traffic over the IPv4 network. There are a few different ways to obtain an IPv6 subnet. Some ISPs are now providing IPv6 subnets, with 2^64, or more, addresses to their customers. Failing that, you can connect to a "tunnel broker" to obtain a subnet and software for transporting IPv6 over IPv4. I also use a publicly available DNS server to provide access to my IPv6 addresses and also to create an alias to convert that long MAC based IPv4 address into something sensible.

I haven't lost my mind. It's around here...somewhere...
JamesK is online now  
 
post #4 of 78 (permalink) Old 2013-04-22, 12:43 PM Thread Starter
 
Join Date: Apr 2013
Posts: 57
Thanks guys...

James, way over my head. I have a solar system and I want to be able to access / track the charge controllers remotely. I have a raspberry pi I would like to use due to it's low power, and normally it wouldn't be an issue, I would use Teamviewer, but the rpi has a arm processor, and Teamviewer will not work on arm.

I tried setting up dyndns and couldn't get it to work. I don't understand (at all) how to set it up, although I have read enough to last a year.

How do you forward ports or set it up when you have different ip addresses. I'm assuming the 10.xxx.xxx.xxx ip in my router is my address "to" Bell, and the 184.xxx.xxx.xxx is how the internet sees me "from" Bell. It's really confusing to me and I can't see how to get around it. You may have given me an option James, but it was way over my head. Thanks guys....

Glen
Muskoka is offline  
post #5 of 78 (permalink) Old 2013-04-22, 12:55 PM
 
Join Date: Jun 2008
Location: Whitby, Ontario
Posts: 372
@JamesK.... Seriously???

If the OP is simply looking for Remote Access, you've gone into far, far too much detail of a setup 99.9% of us won't bother to use for a home LAN.

@Muskoka. Either www.teamviewer.com or www.logmein.com will get it done for you. Both are free, require no remote VPN client, and no firewall port forwarding. No configurations at all, other than a secure password. Both are very secure in their transport (256-bit). Both only authenticate with their service. After that, your interacting directly with your PC. Both use remote Web Clients, so all you need is a browser.

EDIT: Didn't realize you were trying to use a Pi. Completely different ball game. Why not simply use a Windows machine? The power consumption issue is vastly overrated and using a Pi won't really save you much at all.
cambo is offline  
post #6 of 78 (permalink) Old 2013-04-22, 02:01 PM Thread Starter
 
Join Date: Apr 2013
Posts: 57
Ya, I could use my laptop but I bought the rpi specifically for this, and didn't realize at the time it wouldn't run Teamviewer. It doesn't get much easier than Teamviewer, they need to get this ported to arm. Just checked with my kill-a-watt meter and the raspberry uses 3 watts, my laptop is 18-20. I know it's not a big deal, just kind of a waste of a laptop just sitting there sending data. The rpi would be perfect for this. Suppose I could make my own headless system to run Teamviewer on.

Glen
Muskoka is offline  
post #7 of 78 (permalink) Old 2013-04-22, 05:20 PM
Veteran
 
Join Date: May 2009
Location: Mississauga
Posts: 7,868
Quote:
How do you forward ports or set it up when you have different ip addresses.

All TCP/IP services, whether TCP or UDP use port numbers. for example ftp uses tcp port 20 & 21, ssh uses 22, telnet 23 etc. So, if you had an telnet server, you could configure your firewall to pass port 23, coming in on your public address to whatever local address your server is on. The only way you could have two or more computers offering telnet would be to use a different port number for them and configure your firewall accordingly. So, if all those devices use the same port number, then you can't use just port forwarding. If you can configure them to use different port numbers, then you can forward each port number to the appropriate device. If you can't then you have to use some other method, such as a VPN or IPv6, as I described.

Quote:
If the OP is simply looking for Remote Access, you've gone into far
If he's trying to remotely access multiple devices, then I haven't. The usual port forwarding won't work with multiple devices if they're all configured to use the same port number.

One other thing, how are those devices accessed? If via something like ssh or telnet, then you can use ssh to reach a computer on your home network (don't even dream of using telnet here) and then from that computer fire up a ssh or telnet (here it's safe) connection to access those devices.

I haven't lost my mind. It's around here...somewhere...
JamesK is online now  
post #8 of 78 (permalink) Old 2013-04-22, 06:08 PM Thread Starter
 
Join Date: Apr 2013
Posts: 57
Maybe it's my lack of understanding, but I think something is getting lost here with the setup, perhaps the way I described it?

To the outside world my ip address is 184.xxx.xxx.xxx (whatismyipaddress) for example. (Bell to the internet)

In my Netgear router the ip is 10.xxx.xxx.xxx for the Wireless Broadband Connection, I have a Cellular Turbo Hub. (Me to Bell)

Then inside my local network my devices have ip's of 192.xxx.xxx.xxx.

So, how do I route traffic through 184.xxx.xxx.xxx then 10.xxx.xxx.xxx then to my local devices 192.xxx.xxx.xxx.

Sorry to be a bother, I just don't understand how to make it work, if it's even possible. Teamviewer works fine, but is not an option with the raspberry, so I'm looking for an alternative, without buying more hardware.

Glen

Last edited by Muskoka; 2013-04-22 at 09:13 PM.
Muskoka is offline  
post #9 of 78 (permalink) Old 2013-04-22, 07:22 PM
 
Join Date: Mar 2006
Location: Calgary - Shaw phone/internet, OTA attic / Pigeon Lake - CCI Wireless, VoIP.ms, OTA, FTA, LTSS
Posts: 810
From my own experience with a Rogers RocketHub I have to agree with JamesK, this is not a plug and play project. If you want to search for some of my other posts on here about the Rocket Hub that may help give you an idea of what you can do, and some of the challenges.

Cellular hubs are a lot messier than regular cable or DSL for incoming access. The cellular provider does not generally give you an incoming route between the exposed internet ip address (your 184.xxx.xxx.xxx) and your Turbo Hub on their internal network (your 10.xxx.xxx.xxx) unless you pay for a static IP or VPN. Incoming requests just get lost in the Bell cellular cloud. The 10.xxx.xxx.xxx is a private address for your Turbo Hub on the Bell network. With Shaw or Telus or other ISPs the 184.xxx.xxx.xxx would be the address for your local router.

If the device you want to talk to on your internal network has an embedded web server and the ability to report to a dynamic DNS service you may be OK. If the web server can keep an outgoing port open that your incoming request can always get in on, maybe that will serve your purpose.

The first thing I would do is see if you can get a Dynamic DNS client running on whatever OS you plan to use on the Pi. I haven't started playing with a Pi yet, but if you do a search for Dynamic DNS Raspberry Pi there are lots of links to give you some idea what you have to do.

Then, see if you can hit it from another another machine outside your Bell cellular network. Testing this is a pain. You can confirm the web server is active when you are on your internal network, but you really can't confirm you are accessing it from the outside world unless you are connecting from the outside world.
envirogeek is offline  
post #10 of 78 (permalink) Old 2013-04-22, 07:55 PM Thread Starter
 
Join Date: Apr 2013
Posts: 57
Thanks for the feedback. I have been trying to get dyndns working with no luck. To me it would be easy with just the 184.xxx.xxx.xxx address but I also have to route through the 10.xxx.xxx.xxx address as well. Teamviewer takes care of all that, but no go on a raspberry. I was using my Android cell phone not connected to my wifi to test? That should work if it was set up properly? Whatever I've tried, I can see anything on my local network.

Did you say above that other Canadian isp's don't have that other layer on cellular turbo hubs, 10.xxx.xxx.xxx? One more year on this contract, perhaps it's time for a change, and hurry up Teamviewer, it's time for the ARM version.

Glen
Muskoka is offline  
post #11 of 78 (permalink) Old 2013-04-22, 08:31 PM
 
Join Date: Mar 2006
Location: Calgary - Shaw phone/internet, OTA attic / Pigeon Lake - CCI Wireless, VoIP.ms, OTA, FTA, LTSS
Posts: 810
When you say you're having no luck getting dynamic dns going, do you mean running at all on the Pi, reporting to an external server, or connecting from the outside world?

This is the general order of things I would suggest for what you are trying to do.

Get a Dynamic DNS client on the Pi successfully reporting to whatever DNS service you choose to use (No-IP, EasyDns, etc).

Trigger an update on the client, and check if the IP address was reported at the time you expect when you check your account on the ddns service/server.

Get a webserver or another known service with a well known port running on the Pi.

Disable wifi on the Android, connect to the internet with your cellular data plan, then see if you can reach the IP address reported by the ddns server. If Bell is allowing/supporting default port forwarding, and you have a web server running, this should be the ip address reported by your DDNS, with you specifying the port just to be sure - 184.xxx.xxx.xxx:80.

You will have the same routing issue(s) with any other cellular internet hub regardless of the provider, it comes with the technology. There are posts on here and other sites about the Bell's 5 or 10 dollar per month charge for dynamic or static IP's. I had to pay Rogers 10 bucks per month.

With one year left on your contract you'll have to decide if you want to pay 60 to 120 bucks for the rest of the contract.

I eventually found a WISP in my area and was able to punt Rogers.
envirogeek is offline  
post #12 of 78 (permalink) Old 2013-04-22, 10:03 PM
Veteran
 
Join Date: May 2009
Location: Mississauga
Posts: 7,868
Quote:
So, how do I route traffic through 184.xxx.xxx.xxx then 10.xxx.xxx.xxx then to my local devices 192.xxx.xxx.xxx.
Perhaps you should tell us how you plan to communicate with those devices from the raspberry pi. If you connect to it first and then on to those devices, it's completely different than if you want to directly access those devices directly from the Internet. Until we know what you're trying to do, we're just guessing. My understanding is that the raspberry pi is just a Linux system. If so, it then becomes a simple matter to remotely run an app on it that then talks to your devices.

I haven't lost my mind. It's around here...somewhere...
JamesK is online now  
post #13 of 78 (permalink) Old 2013-04-22, 10:10 PM
Veteran
 
Join Date: May 2009
Location: Mississauga
Posts: 7,868
Quote:
I have a Cellular Turbo Hub. (Me to Bell)
Bell may be providing a private address via that, not a public one.

Quote:
So, how do I route traffic through 184.xxx.xxx.xxx then 10.xxx.xxx.xxx then to my local devices 192.xxx.xxx.xxx.
This means you've got double NAT in the way. So, you'd have to forward from your outside network to the 10.x.x.x network and again to the 192.x.x.x network.

I suggest you seriously rethink what you are trying to do and also tell us about how you actually control those devices. DYNDNS is a separate issue, which generally doesn't cause problems.

I haven't lost my mind. It's around here...somewhere...
JamesK is online now  
post #14 of 78 (permalink) Old 2013-04-22, 10:16 PM Thread Starter
 
Join Date: Apr 2013
Posts: 57
This is not going to work. I have forwarded a port on my system, it's confirmed using Umit Network Scanner in Lubuntu, but it's not visible to the outside world, obviously. I checked with a online Port Forwarding Tester and it says the port is closed. It says all common ports are closed on my 184.XXX.XXX.XXX ip address.

Bell must be blocking all these common ports for the cellular turbo hubs?

Glen

Edit: James you got in while I was typing. What I want to do is remotely access the raspberry (running raspbian / debian) from my laptop / tablet / phone. I ssh / rdp into the raspberry now with Remmina locally.

"So, you'd have to forward from your outside network to the 10.x.x.x network and again to the 192.x.x.x network."

This I don't understand, how do I do that?

Reading about double nat now.......
Muskoka is offline  
post #15 of 78 (permalink) Old 2013-04-22, 10:35 PM
 
Join Date: Mar 2006
Location: Calgary - Shaw phone/internet, OTA attic / Pigeon Lake - CCI Wireless, VoIP.ms, OTA, FTA, LTSS
Posts: 810
Now you can decide if you want to pay Bell an extra 5 or 10 bucks per month.

As JamesK said, let us know if you want to go directly to a device or devices, or if you just want to hit a single machine to control other devices.

Paying Rogers for a static VPN connection to my rocket hub allowed me to have incoming remote control service to a Mac Mini on my remote network running a web server and home automation software. I could check the logs on the Rocket Hub by connecting to the Mini then browsing to the Hub. I used the same approach to control and configure a PAP2T for VoIP.

I connected directly to a Panasonic IP camera that used their Viewnetcam Dynamic DNS service to report its address. This camera also FTP'd images locally to the Mini.

Having a way to know the current IP address of the remote hub is one thing. Setting up the correct port forwarding and access control is another.

In my example above, using incoming port 80 for 2 different web servers would not be a good thing, so the web servers on the Mini and the Panasonic camera were configured to use other ports.

Just some thoughts for you to ponder.

Edit: You'll have to check some other posts about the Bell dynamic/static offers. With the Rogers IP offer I essentially bypassed the private address and went directly from the Internet to my Hub. This meant I only had to deal with NAT and Port Forwarding on the Rocket Hub.

Last edited by envirogeek; 2013-04-22 at 10:38 PM. Reason: Adding a VPN/Nat comment
envirogeek is offline  
Reply

Quick Reply
Message:
Options

Register Now



In order to be able to post messages on the Canadian TV, Computing and Home Theatre Forums forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.

User Name:
Password
Please enter a password for your user account. Note that passwords are case-sensitive.

Password:


Confirm Password:
Email Address
Please enter a valid email address for yourself.

Email Address:
OR

Log-in










Thread Tools Search this Thread
Show Printable Version Show Printable Version
Email this Page Email this Page
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode



Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

 
For the best viewing experience please update your browser to Google Chrome