Access Hubitat through internet

I totally agree!

1 Like

Guys I am following @aaiyar suggestion to do it with the project PIVPN from http://www.pivpn.io/ and at the end of that page there is a video guide which around minute 7 is asking to do a port forwarding and that was what I was asking on how to do. Is all this a safe way ?

2 Likes

I'm reading this and wondering if I'm as secure as I could be.
Here is my setup.
On my remote devices, phone and tablet, I have VNC viewer software installed.
I have an RPi on my local network which also has VNC viewer installed.
I have set up port forwarding on my router for a single port.
To access my HE hub remotely I use VNC to access my router which in turns get me to my RPi using a user Id and password.
Is this secure or not in the opinion of you boffins out there?
Should I be doing something else with the kit I have available to me.
Any advice appreciated.
Thanks.

I don’t think so...

I’m sure others can give more informed opinions than me. But if I’m not mistaken, VNC isn’t encrypted, so someone could potentially intercept the packets sent/received over the internet (including the username and password for the VNC session, HE hub or even both?).

2 Likes

Yes. However, as @marktheknife has said, the specifics of setting up port forwarding are router specific. What router do you have?

If you have a Pi running, you can set up Chrome Remote Desktop. There are no ports to open and you can access the device from anywhere on almost anything that runs Chrome. Once you have CRD up and running, you can access anything on your network from that one connection.

3 Likes

this is a Tenda N150

before I tried the CRD with a computer and I found that the mouse moved like in slow motion and not really a fluent connection. Do you have that problem as well? If not probably I can try with my Pi that just got few days ago

I have not had those issues. I have CRD installed on machines I use/control in many locations and when I am in full screen mode I often forget where I am. I have been known to CRD to some machine and at some point CRD to some other machine just forgetting where I was. Even when I was going to a remote machine back to something local, things were smooth. I set up different colored desktops to help avoid those things but no issues.

So the way I tried before is that I just connected from my phone to my desktop in my computer so from my phone I was moving the mouse pointer of the computer that I left at home. Is this the way you are doing with the Pi?

Will give this a go.
Thanks for the information.

Looks like the Tenda N150 manual is available here. Port forwarding is described in section 4.1.

In addition to setting up the proper port forward to your Raspberry Pi running OpenVPN, you need a few more pieces of the puzzle.

  • Make sure you reserve an IP address for your RPi in your router's DHCP server settings. see section 1.8. You should also do this for your Hubitat Elevation hub to make sure its address does not change.
  • You will need to use a Dynamic DNS provider so that you'll be able connect to your home's router when away. Since most users get a WAN address assigned via their ISP's DHCP server, this address can change. Using a Dynamic DNS provider solves this problem. See section 4.3 of your router's manual linked above.
1 Like

I am not using a Pi currently but I have used one in the past. I currently connect to one of many virtual or physical computers mostly from a Chromebook or one of my phones directly to those devices. I just logged on to a Windows 7 machine across town from my iPhone 6s. This is a small screen but I am able to zoom in to select or do something specific and zoom out to get a picture of a good part of the desktop. From a phone, it isn't ideal but doing something like rebooting a hub or checking something out on the home network it works very well.

For this portion I could be charged by the internet provider right?

No. They are free dynamic DNS options available. Here's a list.

1 Like

Another plus with CRD is there is no need for setting up and maintaining Dynamic DNS.

1 Like

True, however I am not a fan of giving Google any more of my data. They have far too much of it already, and they've never paid me a dime for any of it... :wink:

1 Like

I'm not sure you could point me to what Extra data Google is collecting from me with CRD. I am more concerned about what Comcast collects and what they do with it. At least I have a reasonable understanding of what Google uses my data for. For the most part I can log in an see and remove data from Google. Not from Comcast or any other ISP.

If Google is unacceptable, there are other services that work in a similar way. Teamviewer, AnyDesk, etc that can allow you inside your network from remote locations without poking holes in your firewall. Poking holes and setting up VPNs can easily expose a novice to the bad guys through simple configuration errors or lack of monitoring.

All the more reason to use a VPN... :wink: Encryption is a good thing!

1 Like