Access openhab server over a 4G router

enboig · October 18, 2018, 9:57pm

I am used to use SSH tunnel to access my primary house openhab when I need, and use Telegram so house can send me alerts. Now I am installing a openhab in my secondary house where only available internet connection is over a 4G router, but I cannot connect through SSH (and it don’t answer ping, so I think it is a internet provider limitation). Ports are open, and dynamic DNS works.

My A plan was SSH, my C plan involves VPN (I don’t know if it will work, or how much bandwidth/data may it use), and my D plan goes around https://regulargeek.blogspot.com/2018/06/control-openhab-using-telegram-messenger.html. Does anybody know a plan B I overlooked?

Thanks

PS: I don’t know which category does this post belong, sorry.

Dim · October 18, 2018, 10:12pm

I think that this is the best plan.
Most ISPs/Mobile Carriers will block many incoming ports (SSH,etc) towards mobile data endpoints, so you may have to initiate the VPN tunnel from the endpoint towards a remote VPN server.

Push your local ISP to deliver a cable based internet link to the new house

enboig · October 18, 2018, 10:33pm

There will never be a cable, too far into the forest. I used to have wimax, but too expensive for using sporadically.

I may create a VPN in my primary server, but I liked the idea of having both servers with same IP, phone app would have worked without any change.

Thedannymullen · October 18, 2018, 10:46pm

A few questions…

Once setup why would you need ssh on a regular basis?

Given the limitations maybe you could have your local openhab server. Look for a file on a remote server and enable vpn if that event happens. It could also publish the ip. This way the tunnel is not open all the time. Just an idea.

enboig · October 19, 2018, 11:02am

Once setup ssh access isn’t required, but I just have physical access to the computer once a month, so the setup may take a looong time.

Just found https://toic.org/blog/2009/reverse-ssh-port-forwarding/, I will play a little with it.

rlkoshak · October 19, 2018, 4:30pm

The VPN will use up some data while it is connected because you will probably need to set it up to keep connected which means the server and client will need to continuously ping each other to make sure they are still connected and keep the connection alive.

But the amount of bandwidth is relatively minor. It is hard to separate the exact amount though.

Assuming that the ISP is indeed blocking certain ports, maybe you can find one that it isn’t blocking and configure your sshd to listen on that. While port 22 is the standard port, you can run sshd on any port (case in point, the Karaf console ssh login).

I once searched for and posted a response to a topic of all sorts of remote administration solutions that one can use in a situation like this and I can’t find it now. Dataplicity is one that came up that might be useful for you. There are other similar products.

See https://www.raspberrypi.org/documentation/remote-access/access-over-Internet/

Just because they are listed for RPi I don’t think they are limited to working with RPis. This should let you get to your server without needing to connect to it directly taking any blocking by your ISP out of the picture.