Network

[BertB]

Hi,
I have 10 ESPEay modules in my house, keeping an eye on temperature, dust, humidity, air pressure, voltages etc.
They all report to one of two RPI's 3 with Domoticz.

It is not difficult to access a device in my LAN from the outside world, but with 10 (the number is growing) ESPEasy modules, it is getting a bit devious to configure my router.
Is it not possible to have some kind of a reverse gateway that has one ip for access from the internet and a table with ESPEasu IP addresses?

[tozett]

each of the could have a list of all the others...
not yours?

[BertB]

Sure, and it works just fine as long as I am on the same LAN, but I cannot open other nodes when I am let's say on my work.

[tozett]

if you have different lan-segments,
or a lan at home with a router to the internet,
and another lan at office, with a router/firewall to the internet,
you have the issue of routing through the lan-segments.

https://en.wikipedia.org/wiki/Router_(computing)

this is not special for espeasy, its lan-routing.
or like a VPN for this and other lan/net-services over IP.

[BertB]

Hi,
I agree with you that this subject is more network related than it is to ESPEasy. However, maybe more EASPEasians have this question.
I only have a lan in my home. It is as save as I can make ik it, because I only allow for external connections to devices with a secure (https) connection and passwords.
With this, I can access servers like Domoticz, while I am somewhere else.

What I would like is that I can access the ESPEasy nodes in a safe way too. I do not trust in passwords only when it comes to switching on and off devices in my house.

Perhaps someone knows how to create such a safe way to do that.

[tozett]

make a tunnel through your router at home into your home lan.
for only the secure port of mqtt.
send everthing over this tunnel via mqtt...
voila! secure as mqtt-secure is...

[nonflammable]

VPN ?

[Martinus]

I'd say VPN is a viable solution to keep things safe. Would strongly discourage connecting to ESP modules directly from the internet.

[BertB]

VPN ... okay.
Fortunately, I have some time in the weeks to come, to find out what that means

[tozett]

as a start, may you try the openvpn...

http://lmgtfy.com/?q=openvpn

[BertB]

I admit, I only red it briefly, but what I understand is, that I need a VPN server, for instance on my Synology or on a (dedicated?) RPI and a client for each and every device that is connected to the VPN?
Lets assume I have 10 ESPEasy nodes, a network printer, a NAS, two Domoticz RPIs etc, they all need the VPN client?

[BertB]

I downloaded and installed pivpn on a rpiB, according to the prescriptions.
Then, I went to the Androide play store and downloaded openvpn connect. Works perfect. Just what I need.

Now, I try to obtain a similar package for my Windows 10 laptop.
If I found something an installed it, it refuses to connect due to some obscure reason.
What kind of client are you using and how did you install it?

[tozett]

https://play.google.com/store/apps/deta ... kt.openvpn

Openvpn from Arne Schwabe for Android.
Very good recommendation,
No hassle since 3 years..

[BertB]

Thanks, but I need something for Windows 10:-)

[tozett]

There are some Open Clients for Windows. Check the Reputation on the web...?!
Good Look, you Manager all so gar vrry Well..

[BertB]

well I have tried a bunch of open vpn connect and gui stuff, last couple of days and it all crappy, as fas as I am concerned.
The only client that works well is the one I got with my android Phone in play store.

[tozett]

did you checked the "original" openvpn client for win10?

some pictures i found here on the web:
https://www.ipvanish.com/visualguides/O ... Windows10/

[BertB]

Yes that helped a lot.
Thanks.

[hamster]

My ASUS RT-AC3200 has VPN Server / OpenVPN built in
makes it extremely easy to set up. Once connected I can access all my ESP's (15 in total) using their local ip address from anywhere.

[BertB]

I AM going to make a short description of setting up vpn in the Home Page.

What kind of server do you use?

[tozett]

he wrote :

My ASUS RT-AC3200 has VPN Server / OpenVPN built in

-> OpenVPN built in ...

(like Openwrt-firmware on lots of cheap router can also).

but maybe we are going offside the ESPeasy here ..?

[BertB]

he wrote :
[but maybe we are going offside the ESPeasy here ..?

Only for the purists maybe

I like to be able to configur my ESPEasy nodes from outside my home. I am quite a lot on the move.
Per haps other members like it too.

[pwassink]

Just a consideration, most of us do run Domoticz on a raspberry already 24h a day, it is more than powerfull enough to perform some additional tasks.

You might find "Neorouter" free a nice solution for safe vpn acces to your local lan through an easy configurable app, web enabled even and the Pi could
even take care of the whole neorouter servertask, there is a special client for many different Os'ses and even for most mobile telephones.
Finally open up just one tcp port in your router and point it to the Pi and everything works wherever you are ..

Just visit http://www.neorouter.com/ and try the free version, it solves most problems mentioned here in just a few actions.

No i do not get paid , dont own stocks for this and yes i use this tool every day and live happily anywhere with acces to the stuff i neeed ..

[BertB]

Thanks