I used to do that but recently switched to cellular home internet. There is no public IP address and thus no way to get to the vpn. I don’t always have a computer running so TeamViewer is not a viable solution. I wish HE would open up remote access like the dashboards are.
1 Like
I'm not understanding how this works. Without an IPv4/IPv6 address, how does your router route packets to the "internet"?
Or is it something like double-NAT, where your cellular router gets a private IP address, and then assigns local addresses in a different private subnet?
I don’t fully understand it myself. But the cellular has a public and private ips which cause the issue. There are other folks on this forum who understands it better than me.
1 Like
This can be done with a rule and a string global variable connector.
Here's the rule:
That uses a Custom Action to set or delete the lock code (on a virtual lock called "a lock", in this case). The first parameter is a number, and identifies the slot for the code to be set. The second parameter is a string, the code itself. That can be set from a Dashboard, using a Variable template on the global variable connector called "Lock Code". When you set it to a code, that becomes the code; when you set it to 0 it removes the code from the lock.
Here is the state of that lock device right after setting it from the Dashboard.
Variants of this could be done to allow multiple lock codes to be set/cleared, using multiple variables to convey the code number and code. The key things going on are that the global variable connectors can be set from a Dashboard, and can cause a rule to be triggered when changed. Their value can be referenced in the rule and used in Custom Actions as shown.
3 Likes
I’d guess it’s carrier grade NAT.
2 Likes
@bravenel documented how to do this here: Use Dashboard to Manage Lock Codes and with me a newbie at this asking dumb questions, perhaps the thread might be helpful to others. It works on my Schlage Connect z-wave lock.
2 Likes
I did port forward on Google Wifi. Now I can access Dafang hacked cameras just fine remotely but not Hubitat. Public address works on home network but not outside. Any idea why I cannot access Hubitat? No moral or security preach, please.
This is Hubitat Inc’s design decision in the hub platform as of 2.2.9.
Either access your hub via some secure mechanism like a VPN (or TeamViewer etc), or use a reverse proxy, or purchase a subscription to Remote Access.
Correct. Hubitat has made it clear this design decision is not up for debate. And does not limit secure hub access via the internet. Nor does it necessitate a Remote Access subscription.
5 Likes
That is exactly why they fixed this, it was a huge security flaw. If you could access your hub in this way, everyone in the world potentially could too.
4 Likes
This recent thread pretty much summarizes what went into the decision. It’s short because the OP really insisted on acting conspiratorial and aggrieved, so the thread ended up closed.
2 Likes
Asking these guys not to turn their responses into moral preaches is like asking jesus the same thing
No idea where you're going with this, or why you came up with this. Hubitat's position is quite clear. Hub security is desired by users (and Hubitat Inc.). And Hubitat's offering of Remote Access is not necessary for users to access their hubs over the internet using any secure method.
1 Like
If you see him, let us know what he says.
1 Like
OK. Ordered two Mikrotiks. Time for Wireguard.
2 Likes
You'll love it. It is so fast compared to every other VPN client/server option I've tested.
2 Likes
Watchguard...The T15 is more than adequate for home use. I use a t35 myself. But again, it's all hardware based
1 Like
