A Noob at the VPN thing


#1

So I love the local execution of HE and I find that many of the features when accessing the hub are far superior to ST (for comparative sake).

However, I work and frequently travel which leaves me away from my HE to make code changes, check on things etc…

I can use an application like TeamViewer to remote in to my home computer to then login but I would like to go the VPN route.

Is there a place where I might be able to find a how to guide on setting up a VPN connection with HE? I see many VPN types/services but they are all a bit ambiguous when it comes to the question of how I can use my laptop/iPad to directly connect to the local IP at my house.

Keep up the great work!


HELP! I tried VPN enabled on my AC3200 but I broke everything
#2

I think setting up a VPN server on your router is the best option, assuming you have a router that can do this, or can be flashed with a firmware like DD-WRT.

This article explains that a bit.


#3

I agree completely with @marktheknife. I have an Asus RT-AC86U router, running AsusWRT-Merlin firmware. It has built-in support for running an OpenVPN server, as well as keeping my public IP address address updated via the free Asus dynamic DNS service (needed so you can connect to your home’s public IP address which is most likely DHCP assigned and therefore can change.)

I then installed OpenVPN on my phone, tablet, and laptop and can easily and securely connect to my home network when on the road. This allows me to access my Hubitat hub’s configuration web pages using the LAN IP address, the same as when connected at home.


#4

Yup, my setup is pretty similar.

I have an ASUS router running stock firmware, which can also create an OpenVPN server.

I set it up to enable access to my IP cameras remotely, but since setting up my hubitat hub I’ve logged in to that remotely a couple times too (mostly from my iPhone).

I haven’t checked whether it can do dynamic DNS on the stock router firmware, I think it can but not 100% sure. My public IP hasn’t changed yet since I setup the OpenVPN profile sometime last year.


#5

Yes, the Dynamic DNS that I am using is from Asus’ stock firmware. Merlin hasn’t changed that portion that I am aware of.


#6

I also have OpenVPN on my Asus router just for HA stuffs but I tried running OpenVPN server, Softether, and Zerotier on my dedicated PC on my Ubiquiti home network before with success.


#7

I have an EERO router… they have encrypt.me as a VPN solution but it doesn’t seem to have a point to point VPN like dynamic DNS.

I will reach out to EERO support.


#8

I’m not an expert at this at all, but I think none of these commercial VPN services do what you want.

People generally use those providers to encrypt the traffic they’re sending/receiving, or to get around location-based restrictions on accessing certain websites/services.

I’m not sure if it’s possible to redirect all traffic to your LAN if you’re using a VPN server run by one of these commercial services.


#9

If you have a Synology or QNap NAS, they have built in VPN server functionality you could setup. One thing to keep in mind though, I believe Hubitat is going to release their phone apps shortly, which I believe will allow you full access to your hubitat environment without a VPN.


#10

The bigger question is whether the mobile app will have things like RM?

I found a post on reddit about Synology so I’m learning about that because it seemed the Synology VPN only provided access to Synology services and not everything on the LAN


#11

I prefer a true firewall / security gateway and either using that as a vpn end point or having an additional vpn endpoint. On the cheap / free / opensource end of the options I like PFSense running both as firewall and vpn concentraitor. I also like for home implementations some of the dedicated mini boxes for pfsense (https://www.amazon.com/Firewall-micro-appliance-Gigabit-Intel/dp/B01AJEJG1A/ref=sr_1_3?ie=UTF8&qid=1524250824&sr=8-3&keywords=pfsense)

I also like the ubiquiti stuff and have heard great things about their security gateway. I have used their switches, access points and cloud key and have been very happy, just haven't had a change to play with the security gateway. It also supports a vpn.

I like a lot of seperation w/ in my environment. Firewall (currently pfsense), VPN Concentrator (currently cisco ASA - NOT RECOMMENDED), Wireless Controller & APs (Unifi), Storage (QNAP).

I had used the pfsense for years as a standalone vpn concentrator and as an integrated firewall / vpn concentrator.


#12

I wouldn’t give up my ubiquiti unifi gear if you held a gun to my head. I love it. VPN setup was super easy too.


#13

Agree and I did setup L2PT before but it was a pain to setup on IOS and android. Openvpn is not so easy to setup on a Unifi gateway.


#14

I just finished putting together a Synology 918+ with 4 10TB Ironwolf Pro drives, and upgraded the ram to 16GB. I haven't played around with the VPN server yet. I am primarily using it as a Plex media server. Here is the description from the Synology app store. I don't think it's limited to just Synology services but I could be wrong.


#15

I have a Qnap NAS and currently running QVPN Service. I choose to use OpenVPN option. Synology has similar software.

It does allow you to access your local lan which in turn access to your hubitat web portal. best of luck


#16

So I finally... got this VPN thing setup HUZZAH!!!

How do I connect to my HE because typing in the local IP address does not work.


#17

Just another VPN option to throw out there is PiVPN. Does all the work of setting up an OpenVPN server on your RaspberryPi and has been really stable.


#18

Did you get it setup on your EERO router? There's usually an option to "Allow clients to access server's LAN"


#19

+1 on the PiVpn recommendation. I set this up a couple weeks ago and it works perfectly. This video was particularly helpful.


Another Noob VPN Question
#20

The UniFi router is cheap, powerful and has a built in remote access VPN. Plus their APs are the best.