Accessing local LAN via internet

harshsyd

Reputable
Aug 18, 2015
22
0
4,510
Hey!

I would like to access my home LAN via internet/any other service like 4G. So basically, I want to be a able to browse into any device in my home LAN (ie. a NAS on 192.168.1.18, access my modem 192.168.1.1 and every other device). Essentially 'fake' that I am on my home router's network rather than an external source.

So what's the best way to do this? I tried setting up a VPN which I could try and connect however with that I can only access my router's page remotely and after reading articles, it seems I have to port forward if I want to access a device from here. This is kind of not what I want as that way I have to port forward all my devices so I can access them all.

What is the best way? Thanks.
 

BuddhaSkoota

Admirable


I do this with a Raspberry Pi running OpenVPN attached to my home router. I'm able to access anything on my network as if attached at home. While it's not exactly simple to set up, it's been 100% reliable. As a backup I also have the VPN service running on my router. Also works well, but I have the OpenVPN running on multiple devices, so I use the Raspi VPN more often.

You may want to post the make and model of your router, as you should be able to use the VPN to access your LAN. Someone may be able to help you get it working. One thing you need to keep in mind is that you should configure your home network to use a subnet that is different than commonly used on routers (e.g. 192.168.1.x). VPN services don't work well when you're trying to attach from a network that has the same subnet as your home network.
 

harshsyd

Reputable
Aug 18, 2015
22
0
4,510
Hi!

My router is the Dlink DSL-2900AL. Well all I did try for now, I enabled its option for quick VPN and setup a dynamic DNS (because my IP isn't static by ISP). I enter the DNS in my phone for example and use the 4G to test. It only let's me access the router page (192.168.1.1). I try to enter ie an address like 192.168.1.18 (which is my NAS), nothing happens. Do I have to port forward something?

But since it is a VPN, shouldn't it just be straight off like me being on my WiFi despite on 4G from externally?

Regarding the changing subnet, did you mean my DHCP? If so, how about changing it to like 192.168.5.x?
 

USAFRet

Titan
Moderator
Be very, very careful as you go down this road.
If you can access your LAN and devices from 'the internet', maybe someone else can as well.

And your public IP address WILL get random hits, looking for an opening. Currently, your router just tosses those away.
Open a hole for you, and maybe someone else can exploit that.
 

USAFRet

Titan
Moderator


That's part of "be very careful"
Non default username, strong password, etc.

When I had my NAS box semi open to the outside for access, it was getting random hits weekly, sometimes multiple times a day. And it was only open due to UPnP being enabled. Default settings in the Qnap NAS assumed that I would like to access it, it talked to the router and opened the required port.

From all over the planet. Russia, Portugal, Switzerland, China, Ohio, etc, etc.
All trying to hit the default account "admin" username. That default account was disabled before I even connected it, so no access. But...all it would have taken was still using the default admin account, and a so-so password...poof, free access to whomever.

I'm just saying...know all the possible pathways and access points.
 

BuddhaSkoota

Admirable


Are you sure you configured the VPN service on your phone with the VPN username and password? If you are using the dynamic DNS address in your phone's browser, you are probably just accessing the remote management page. (You may want to check to be sure that Remote Management is disabled on your router, since this is a security vulnerability.)

To change the subnet, you need to go to the network settings which I believe is on the home page of your router. When you make this change, the DHCP settings should automatically adjust, but you made need to check the DHCP tab to be certain. You should be aware that this will affect connectivity on client devices, which will likely require a reboot of all devices. Also, if you have anything with a static IP address, these will need to be reconfigured manually.
 

BuddhaSkoota

Admirable


It shouldn't matter if it's HTTP or HTTPS, but as a test you should be able to switch to HTTP on the NAS (and secondary modem?) to see if that fixes the issue.

I'm not sure how your secondary modem fits in, but it could be that port 443 is not being allowed through the chain at some point.