In order to get some home automation software to work, I need to have public access to my Raspberry Pi 3. However, I currently reside in an on-campus dorm and as a result am on the college's network and do not have the ability to port forward.
I have a router that connects to the school network via Ethernet and then broadcasts its own network, however, this is still a part of the school's network and I can't port forward this.
I've looked into ways to get around this such as Page Kite, using some form of reverse SSH or HTTPS tunneling, but due to lack of support on Raspberry Pi or daunting setup I'm not really sure what to do. I do have an old HP laptop on Windows 7 that I could use as some sort of slave or server if that would help.
All help is very much appreciated. This has been a major roadblock in me finishing this project.
You don't say what kind of public access you're expecting, but without access to the main router you just need to signup for a dynamic DNS service with a client-based updating tool. All the most known ones (DynDNS Dynu, no-ip) all offer that option as far as I know.
The theory is that you keep the service updated anytime your internal WAN IP changes and they keep your hand-picked url updated with that IP. Then you can access your Pi with that IP thru a web browser or whatever service/port you've setup.
Here's a good starting article - with links to Dynu downloads for Linux that should work for you.
http://www.howtogeek.com/66438/how-to-easily-access-your-home-network-from-anywhere-with-ddns/
And an article from noip.com site on installing their Linux update client
https://www.noip.com/support/knowledgebase/installing-the-linux-dynamic-update-client/
Related
Question:
Is there a way to safely reach an opened socket on a machine from the internet, knowing the routers external ip, the private network internal ip and the port, without having to explicitly configure the router and the firewall? Given that many machines on the private network run the targeted application and will only accept authentified and encrypted requests.
Things I've explored:
Hole punching, ssh, proxy/vpn: They all seem like they need to configure the router to forward the port.
UPnP: Would seem like the solution, but Google tells me it's been shown to be used by malicious softwares, so maybe not a long term solution?
Context:
I'm designing a system with a program (mini-server) that collects local data from the computer it is installed on and waits for a request from a known outside program (big-client), installed somewhere in the cloud, to send the collected data only when requested. I expect to have many of these mini-servers installed on many physical machines within a customer's private network, behind its router and firewall, where they would send to the big-client their external ip (internet exposed), local ip (on the local network) and port upon behind booted. These mini-servers can talk to each other on the network to resolve port conflicts and such, but I want to be able to dynamically add new ones without having to go back again in the router config, as this isn't scalable.
I understand the security necessity for this to be difficult to do, but when I think about software like Teamviewer and other remote desktop applications, they seem to be able to act on many machines behind a router without any conflict, and that upon request from the outside.
I'm developing a server that will be hosted on a Raspberry Pi in C# for a customer. One of the biggest issues is they want a local server, but one they could plug in anywhere and have it work.
My brain went to no-ip first but they aren't willing to pay to have a permanent IP, so I found dynu (basically a free version). So having a permanent IP is no problem, just I have to find a way to port forward on the fly... how would that be possible?
I am interested in connecting to a web server I am running inside my home network on a Raspberry Pi. I have been reading up on how STUN servers work, and gather that they determine the port that the external facing router uses to redirect HTTP requests back to a device inside the local network.
I have an external website and I put a php file there to report back on the IP and port that requests come from. I can see that the requests come from the IP of my home router and each device uses a consistent port when a request is made.
If we assume my router has an external address of 123.123.123.123 and my Pi is allocated port 50500 for return requests I thought I would therefore be able to access the website on my Pi by using these combined as http://123.123.123.123:50500. However this does not work. Should this work?
(Note: port forwarding is not an option so please do not suggest that).
So I think the answer here is related to the fact that only UDP and TCP traffic are simple enough to get through the NAT using just the pi and port combination. I am trying to make a HTTP request over the same channel but this is more complex and therefore doesnt make it through.
That's pretty vague, and possibly not entirely correct. So I would love to hear from any experts in the field who can add more depth to this answer or correct me.
The ngrok is the easy and free one.
I setup webhook for social media in five minutes when develop IM robot .
There is a sample from Slack, but it apply to any social media or could solution which need webhook.
I have the following scenario:
A Windows PC (with local IP 192.168.0.10) in a small office running a server application on port N.
A smartphone app outside the office which connects to that server and requests data.
In order to make this work I have to do the following:
In the router of the office I open port N and forward requests to PC 192.168.0.10.
I give the (dynamic) IP address of the router to the smartphone user so he can type it in the app. I may use a dynamic DNS service to ease things up.
This works fine but now we want to sell this system to other people. The problem is that it will be very difficult for them to change the router settings, or to use a dynamic DNS service.
Is there a way I can connect the smartphone app to the erver running inside the customer’s office without asking him to configure anything in the router?
I’m thinking of something like TeamViewer. TeamViewer can connect two computers easily and users do not need to know anything about routers, firewalls, port forwarding or dynamic IPs.
TeamViewer must be running some kind of server which works as a bridge between the two computers. We would like to provide such a server to our users (if it’s easy to implement and not very expensive), but we don’t know how.
I think that we could rent some service like www.dyndnsservices.com to provide a dynamic DNS to our customers, but that doesn’t solve the problem of router configuration/port forwarding.
If you wrote nice useful piece of software, I suggest you sell that, don't try to sell the service you know almost nothing about. It is usual for application servers to work (network wise) in the same way as yours, and you don't often see software vendors selling network bridging/forwarding/whatever solutions.
I'm trying to establish a TCP connection between a client machine and a guest VM running inside an ESXi server. The trick is that the guest VM has no network configured (intentionally). However the ESX server is on the network, so in theory it might be possible to bridge the gap with software.
Concretely, I'd like to eventually create a direct TCP connection from python code running on the client machine (I want to create an RPyC connection). However anything that results in ssh-like port tunneling would be breakthrough enough.
I'm theorizing that some combination of VMWare Tools, pysphere and obscure network adapters could be possible. But so far, my searches don't yield any result and my only ideas are either ugly (something like tunneling over file operations) and/or very error prone (basically, if I have to build a TCP stack, I know I'll be writing lots of bugs).
It's for a testing environment setup, not production; but I prefer stability over speed. I currently don't see much need for high throughput.
To summarize the setup:
Client machine (Windows/Linux, whatever works) with vmware tools installed
ESXi server (network accessible from client machine)
VMWare guest which has no NICs at all, but is accessible using vmware tools (must be Windows in my case, but a Linux solution is welcome for the sake completeness)
Any ideas and further reading suggestions would be awesome.
Thank you Internet, you are the best!
It is not clear the meaning of 'no NICs at all on guest'. If I can assume that, there is no physical NICs assigned for the guest is what is meant here. The solution is easy as a vmWare soft NIC can be provisioned for the guest VM and that will serve as the entry point to the guest netstack.
But if the soft NIC is also not available, i really wonder how and what can serve as the entry point to the netstack of guest, be it Linux/Windows. To my understanding, if thats what you meant, then you might need to make guest OS modifications to use a different door to access the guest netstack and to post/drain pkts from it. But again, when you do a proper implementation of this backdoor, it will become just another implementation of softNIC which vmware by default support. So, why not use that?
It's a bit late but a virtual serial port may be your friend. You can pick the serial port on the outer end via network or locally depending on your options. Than you can have some ppp stuff or your custom script on both ends to communicate. You could also run some tool to create a single socket from the serial link on the guest end if you want to avoid having a ppp interface but still need to tunnel a TCP connection for some application.
This should keep you safe when analyzing malicious code as long as it's not skynet :-) You still should do it with the permission of the sysadmin as you may be violating your company's rules by working around some security measurements.
If the VM 'intentionally' has no network configured, you can't connect to it over a network.
Your question embodies a contradiction in terms.