Since everything is running locally… can you access the hub when outside the local wi-fi or do you need to port foward?
We do not recommend port forwarding. At this point, remote access would be limited to oauth2 enabled apps.
Or you could add a vpn connection to your house.
We are working on adding a solution for remote access, will share more as we can.
3 Likes
Hey Patrick, if there any update on the remote access? Any alternative ways to access settings etc on the hub while away?
We have hubitat dashboard for remote control. We have no plans to allow remote setup of the hub.
All local is great and all, but I think there should be a way to at least access settings and change things like timings etc for automations, especially when I am away for more number of days/weeks, I hope that some time in future this comes along... Thanks!
Use a VPN, they are too easy to setup and you get access to all the other components too.
OpenVPN is a good starting point.
As a self described Tech Aficionado, why would you want to expose the command and control side of a home to hackers? I use OpenVPN and I know for a fact it takes about 2 seconds to establish. I have full access to the Admin side of Hubitat. Securely. I had the infrastructure in my home to deploy OpenVPN for "free" but even if one had to purchase a Raspberry Pi and case and install PiVPN, it would cost less than one good motion sensor.
I walk into a hotel or restaurant and agree to their horrid terms and conditions for WiFi and click the OpenVPN app. Two seconds later it indicates active and I can browse to either of my Hubitats, I can browse to my Cameras, etc. all local only.
Given your earliest problems with CUJO, I'm thinking all this is well known to you, I apologize for consuming your time, but I am one who is more than happy to hear Hubitat has no intention of opening the Admin side to remote access.
11 Likes
csteele is correct. VPN is the answer, even if you invest in a home VPN router. Building this into any LAN device is just asking for trouble!
Probably not for everybody as it's a Mac-centric solution, but I actually have started to use Back to My Mac and I connect to that via VPN when I'm on an unsecured network at the other end.
So I'm screen sharing to another computer and then opening a browser on that computer to view HE. It actually works really well and was minutes to setup. No ports to open is my favorite part about it.
I may setup something similar soon. I use my Pi to vpn in to my LAN and it works perfectly for viewing and controlling my HE hub and other stuff at home. Where I run into issues is with saving and updating my smartApps and drivers. If i'm editing either remotely through a browser, the save time triples and makes testing small edits a PITA. I think I'll have to setup VNC or similar LAN based remote control app so I can control my pc that is directly on the LAN and doesn't have to traverse the VPN hops..
1 Like
Happy Thanksgiving Stephan!
That sounds like a fun project. Getting it secure is the tricky part. I'm comfortable with this method because I know Apple has done their due diligence here and they constantly roll out security update for it. Although I have to wonder if they haven't decided its not as secure as they would like. I see that it's no longer available in Mac OS Mojave, but haven't taken the time yet to investigate why.
I think you could probably do the same thing with TeamViewer which is free to remote back to your own computer and really secure, but this is much more responsive, higher resolution and pretty well unrestricted access, except for the things I've locked down.
I think you misunderstood my plan. The remote control app will run on the LAN only...through the vpn....so no other ports need to be open. The problem I was having seems to be the ability of the browser on the remote pc sending the updated code through the vpn to the hub (can't say why this happens and it was unexpected). Instead the browser will be running on a local pc. The remote control data (video etc) will be traversing the vpn. Seems odd, I know, but I think it would work better...and this is ONLY for when I'm updating my code remotely.
1 Like
Ah understood now. That sounds like a good plan.
Is there a remote access path for lock code manager. Seems useless without the ability to have remote access availability.
1 Like
Hubitat is a local solution and the administration of the hub will be local on your network. We recommend using a VPN if you need remote access.
I travel quite a bit and have a need to access the hub as if I'm local. Problem is I have no idea how to set a VPN or where to start. I guess my technical skills are too limited to be a Hubitat owner.
1 Like
Depending on your home router model, you may be able to simply enable an OpenVPN server on your home router. That's what I do with my Asus RT-AC86U router. You also have to enable a Dynamic DNS provider (assuming your home WAN IP address is dynamic, and not statically assined by your ISP.)
There is a little bit of a learning curve, for sure. But it is really nice once you have it up and running.
I only wish I had remote access so that I can add/change lock codes on my schlage lock.
You should do it. 
Look at your Router model and verify it can run OpenVPN. Then install it and enjoy the freedom.
If not, think about getting a RaspberryPI in a case and Install OpenVPN and enjoy the freedom.
One of these:
and one of these:
and you can use it for a myriad of functions. NodeJS server running Homebridge or Google Assistant relay or Housepanel. Lots of fun stuff.
1 Like
Built the Raspberry Pi over the weekend and implemented OpenVPN on my MacBook and iPhone. Works great! So nice to be able to have full access/control when away from the house.
1 Like
