VPN for HM's behind a NAT


 

DPackham

TVWBB Member
anyone got this working? i have a situation that to get to the HM web pages I need to VPN out to something like NeoRouter or Hamachi VPN. but in running into issues installing these client on the PI due to the use of OpenWRT (which is totally cool BTW)

Any ideas?
 
Can you explain your setup in more detail? Maybe you can setup the VPN client on another host and use that to tunnel into the HM on the same subnet. The OpenWRT install on the HM is pretty strripped down.
 
I use port 8022 to my router when I want to SSH to the HM and have the router forward that traffic to port 22 on the HM (note the HM has a static IP address on my internal LAN). I also setup an encrypted tunnel through SSH so I can get to the HM web page. With SSH connected to the HM, all I have to direct port 80 web traffic to HM is to type 127.0.0.1:8080 into a web browser.

To configure all you need is to setup a port forward on the router from port 8022 to port 80 on the HM and setup an SSH tunnel in your SSH client that transfers local port 8080 traffic to the remote port 80.
 
well..

our City ISP does not allow port forwards unless we pay alot of $$ for a public address so a simple port forward is out.

the only way I can get into my home network now is by using a product like NeoRouter that creates an OUTbound connection to a hosted public service that that lets me tunnel back into my home computer. I don't know/think that i can access anything else other that the client that have the neorouter software on them. there are versions of NeoRouter that run on openwrt but on different CPU arch's.
 
I understand that you have a potentially changeable DHCP allocated IP Address from your ISP, but is that IP Address a public one or private one? You can tell the difference by reading here. If its a public IP Address, you can use Dynamic DNS (DDNS) to create a domain name that always resolves to your home router. This service is free, including the domain name, and available from NO-IP.com. All that is required is that you sign up for a free account and run a NO-IP.com client program on a computer residing on your LAN. The client checks the public IP address and updates the domain name every time it changes.
 
I have already tried that. its NOT a public address and they DONT forward any ports to my router that I can forward to my HM. I really need a VPN on the HM to dial OUT and make a connection like NeoRouter. then I can install NeoRouter on my cell phone/laptop and get back VIA the vpn to my HM.

just really need help getting NeoRouter installed on the OpenWrt on the PI i guess
 
I have already tried that. its NOT a public address and they DONT forward any ports to my router that I can forward to my HM. I really need a VPN on the HM to dial OUT and make a connection like NeoRouter. then I can install NeoRouter on my cell phone/laptop and get back VIA the vpn to my HM.

just really need help getting NeoRouter installed on the OpenWrt on the PI i guess

You'd probably be better off running a dedicated raspi with raspbian + neorouter client, then use the raspi to direct the traffic inside your lan to the proper locations.
 
City of american fork utah. 100m Ethernet. Double natted.

Can't you set the modem/router to transparent bridged mode and remove the double NAT? I used to do this with my DSL modem (don't have to with my Cable Modem). I then use my DD-WRT enabled router to control everything on the WAN/LAN.
 

 

Back
Top