Openvpn

[raydio]

I travel a lot for work and would like to be able to stream the Mio to remote locations. I don't want to go the slingbox route. Has anyone played with OpenVPN? I have a subscription to Nord which is a VPN provider and have installed OpenVPN on my laptop. I also have OpenVPN installed on the box but have heard on another site that OpenVPN has to be off on the box as it blocks the port.

I am also using the latest version of the Openvix image. There are all sorts of threads about being able to access openwebif on the box remotely but they are all old and outdated.

Anyone have any ideas? I think this would be a cool idea to do without a slingbox.

 

[comfortably_numb]

I travel a lot for work and would like to be able to stream the Mio to remote locations. I don't want to go the slingbox route. Has anyone played with OpenVPN? I have a subscription to Nord which is a VPN provider and have installed OpenVPN on my laptop. I also have OpenVPN installed on the box but have heard on another site that OpenVPN has to be off on the box as it blocks the port.

I am also using the latest version of the Openvix image. There are all sorts of threads about being able to access openwebif on the box remotely but they are all old and outdated.

Anyone have any ideas? I think this would be a cool idea to do without a slingbox.

I think you can do it if you open up a port in your router. The danger is that anyone with your IP and port number can get into your box, unless it's password protected.

 

[raydio]

I think you can do it if you open up a port in your router. The danger is that anyone with your IP and port number can get into your box, unless it's password protected.

Ya I have head that too, but have also heard of some guys doing it with openvpn but the details are sketchy


Sent from my iPhone using the SatelliteGuys app!

 

[harshness]

Unless your receiver is connected directly to a broadband modem (no gateway or router), you don't need to concern yourself with OpenVPN on the receiver. You don't need (or want) to use a VPN service as that only makes things harder and introduces delays.

What you want to do is connect from your remote computer via VPN directly to your home router or gateway (modem and router in one box). Quite a few modern routers support OpenVPN. Probably not so for gateways. The goal is to put your remote computer on your home LAN and a VPN to your router is how that is accomplished if you're afraid to use port forwarding.

VPN services typically doesn't offer static IP by design so you would play hell trying to find one device from the other.

 

[ZetaMale]

I have openvpn on my router running dd-wrt and it works great but I have found some wifi hotspots block the port.

 

[ZetaMale]

VPN services typically doesn't offer static IP by design so you would play hell trying to find one device from the other.

That's why I have a static IP and even a registered domain. A static IP only costs about an extra $5/month and the domain costs vary.

 

[harshness]

That's why I have a static IP and even a registered domain. A static IP only costs about an extra $5/month and the domain costs vary.

I have dynamic DNS and it costs nothing; no domain registration, business-class broadband or static IP required.

My broadband provider (Comcast) doesn't offer static IP for residential customers. Their excuse is that you are prohibited from running any kind of server so why would you need a static IP.

 

[harshness]

I have openvpn on my router running dd-wrt and it works great but I have found some wifi hotspots block the port.

You can fix that by configuring OpenVPN to use a port that they can't block (i.e. 443).

 

[ZetaMale]

I have dynamic DNS and it costs nothing; no domain registration, business-class broadband or static IP required.

My broadband provider (Comcast) doesn't offer static IP for residential customers. Their excuse is that you are prohibited from running any kind of server so why would you need a static IP.

They shouldn't be denying anyone from running any server and there ought to be a law against that. Of course, they don't want spammers operating from their service so they should shut them down instead of inconveniencing the 99% of users that run legitimate servers. Pretty much the same mentality when it comes to guns - punish everyone instead of the bonafide criminals. And, of course, they want you to pay for THEIR services.

Anyway, dynamic DNS services is a good alternative as long as your router isn't setup to update the service every couple of days - in case your IP changes.

 

[raydio]

Unless your receiver is connected directly to a broadband modem (no gateway or router), you don't need to concern yourself with OpenVPN on the receiver. You don't need (or want) to use a VPN service as that only makes things harder and introduces delays.

What you want to do is connect from your remote computer via VPN directly to your home router or gateway (modem and router in one box). Quite a few modern routers support OpenVPN. Probably not so for gateways. The goal is to put your remote computer on your home LAN and a VPN to your router is how that is accomplished if you're afraid to use port forwarding.

VPN services typically doesn't offer static IP by design so you would play hell trying to find one device from the other.

Ok Harshness thanks for the info...I have a couple of other questions and excuse if they are simple as I'm not very well versed in networking - I have a static IP with my ISP so I assume that makes it a bit simpler. If I understand correctly I would want to fire up the laptop with OpenVPN and the VPN turned on and then connect to the static IP? Or is that too simplistic - I have DNS service with Centurylink and they use the Actiontec C1000A modem/router so it is not VPN capable.

 

[ZetaMale]

Ok Harshness thanks for the info...I have a couple of other questions and excuse if they are simple as I'm not very well versed in networking - I have a static IP with my ISP so I assume that makes it a bit simpler. If I understand correctly I would want to fire up the laptop with OpenVPN and the VPN turned on and then connect to the static IP? Or is that too simplistic - I have DNS service with Centurylink and they use the Actiontec C1000A modem/router so it is not VPN capable.

Your VPN config file has to be able to connect to your WAN IP and the port used for the VPN. The port forwarding in your router firewall has to point to where the openvpn server is running also. The firewall can be a major problem. You will want to test your VPN config from a wifi hotspot before you travel too far from home. Smartphones can be used as hotspots also so you could do your testing from home.

 

[harshness]

They shouldn't be denying anyone from running any server and there ought to be a law against that.

It is folly to view the Internet as your personal playground. Any laws that did influence what was going on were essentially dismissed when the FCC Chairman dismissed Net Neutrality.

Of course, they don't want spammers operating from their service so they should shut them down instead of inconveniencing the 99% of users that run legitimate servers.

Your vision of the model is broken. The idea is that heavy upstream users pay for the privilege. For those that are consumers, they pay consumer prices because they don't consume a lot of outgoing bandwidth.

Anyway, dynamic DNS services is a good alternative as long as your router isn't setup to update the service every couple of days - in case your IP changes.

Most modern routers support one or more of the popular DDNS services. I use No-IP and it is supported by many popular routers and if you don't have a compatible router, you can run the client on an always-on computer that will let the DDNS service know of any changes.

 

[harshness]

If I understand correctly I would want to fire up the laptop with OpenVPN and the VPN turned on and then connect to the static IP?

That's it in a nutshell.

I have DNS service with Centurylink and they use the Actiontec C1000A modem/router so it is not VPN capable.

The gateway is a problem. I highly recommend that you investigate bypassing the router portion of the gateway and using a standalone router (the capabilities of the C1000A are seriously limited by today's standards).

Another option would be to do a port forward to a computer or router running the OpenVPN software and have it route traffic to your receiver. This is pretty advanced stuff and could be a headache to maintain.

 

[ZetaMale]

It is folly to view the Internet as your personal playground. Any laws that did influence what was going on were essentially dismissed when the FCC Chairman dismissed Net Neutrality.Your vision of the model is broken. The idea is that heavy upstream users pay for the privilege. For those that are consumers, they pay consumer prices because they don't consume a lot of outgoing bandwidth.Most modern routers support one or more of the popular DDNS services. I use No-IP and it is supported by many popular routers and if you don't have a compatible router, you can run the client on an always-on computer that will let the DDNS service know of any changes.

This discussion isn't helpful to the guy that wants to run openvpn services.

 

[harshness]

This discussion isn't helpful to the guy that wants to run openvpn services.

Just responding to your post #9.

 

[raydio]

I have openvpn on my router running dd-wrt and it works great but I have found some wifi hotspots block the port.

What is dd-wrt?

 

[ZetaMale]

What is dd-wrt?

It's third party firmware that turns ordinary consumer grade routers into commercial grade routers. Your router can do more than what the vendor's firmware allows you to do. dd-wrt is the most popular but openwrt is becoming more popular and they are updated much more frequently than OEM firmware. dd-wrt and openwrt are Linux based firmware. This link is for dd-wrt beta firmware: ftp://ftp.dd-wrt.com/betas/2019/ Information and other links at: DD-WRT

 

[comfortably_numb]

Folks, for testing purposes, I'm attempting to help raydio configure his router to port forward WebIf from his Edision box. He's configured HTTP port 443 in his Edision image and port forwarded the internal IP of the Edision in his router settings. At this point, we aren't able to ping his static IP with port :443 from outside his network.

PS- firewall is also disabled.

Any suggestions?

I'm thinking perhaps his Centurylink gateway needs to be put into "bridge mode" and a separate, more capable router installed behind it?

 

[raydio]

I think I may be on to something...I have enabled HTTP authentication in the Openwebif configuration screen and have entered the IP address of my static IP address from outside the LAN and am being asked for a username and password. This is coming from Openwebif...so I think I'm knocking at the door and just need the key. I don't see anywhere in any of the menus in the Openvix image that I'm using to create a username and password. The only place I saw to create a password was in the network menu. I believe the user name is admin. Have tried all the usual stupid passwords but no joy. Anyone know the password for Openwebif?

 

[primestar31]

Have you tried nothing at all, in either place?

Or ' root ' for username, but leave password field blank.

If that works, you MUST set your own password as that'll give a hacker complete admin access to your box.

p.s. Or maybe even find where in the menu's you need to setup a password, and add a new user with a password. Then it should work for HTTP authentication.