Dyndns association host

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
Goto page 1, 2  Next
Author Message
andrea_m83
DD-WRT User


Joined: 16 Jun 2020
Posts: 50

PostPosted: Tue Jul 20, 2021 1:26    Post subject: Dyndns association host Reply with quote
I want to remotely reach a video device inside my LAN behind the DD-WRT router. If I insert the dyndns on the router I can reach the gui of this, but it is possible to reach any other device? how can I associate the hostaname no-ip to my video device?
Sponsor
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12837
Location: Netherlands

PostPosted: Tue Jul 20, 2021 8:45    Post subject: Reply with quote
Consider port forwarding or connecting via a VPN (WireGuard or OpenVPN)
_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
andrea_m83
DD-WRT User


Joined: 16 Jun 2020
Posts: 50

PostPosted: Tue Jul 20, 2021 14:23    Post subject: Reply with quote
egc wrote:
Consider port forwarding or connecting via a VPN (WireGuard or OpenVPN)


Have just set OpenVPN connection in client mode.
Per Yngve Berg
DD-WRT Guru


Joined: 13 Aug 2013
Posts: 6858
Location: Romerike, Norway

PostPosted: Sat Jul 24, 2021 19:39    Post subject: Reply with quote
You need a VPN Server on your router.

On the client you are travelling with, enable a VPN Client.
andrea_m83
DD-WRT User


Joined: 16 Jun 2020
Posts: 50

PostPosted: Sun Jul 25, 2021 15:35    Post subject: Reply with quote
Per Yngve Berg wrote:
You need a VPN Server on your router.

On the client you are travelling with, enable a VPN Client.


If I don't use the VPN it's still the same problem, now I can't reach the router anymore
Per Yngve Berg
DD-WRT Guru


Joined: 13 Aug 2013
Posts: 6858
Location: Romerike, Norway

PostPosted: Sun Jul 25, 2021 18:52    Post subject: Reply with quote
Are you using port 80?

It's used by the GUI. Consider using another port.

Port-forward port 81 to the LAN server port 80
andrea_m83
DD-WRT User


Joined: 16 Jun 2020
Posts: 50

PostPosted: Mon Jul 26, 2021 15:20    Post subject: Reply with quote
Now router GUI is recovered, supposed to be a problem whit dyndns server. I also partially solved the problem of accessing the web gui of the host inside the LAN. This is behind openvpn and I have entered the comands in the firewall so that it can access Internet only if the tunnel is standing, as below:

Code:
iptables -I FORWARD ! -o tun1 -s 192.168.1.199 -j DROP



If I remove this comand from firewall I can access remotely to the host's webgui, but i need to keep this active only with tunneling
mwchang
DD-WRT Guru


Joined: 26 Mar 2013
Posts: 1855
Location: Hung Hom, Hong Kong

PostPosted: Mon Jul 26, 2021 17:09    Post subject: Reply with quote
andrea_m83 wrote:
If I remove this comand from firewall I can access remotely to the host's webgui, but i need to keep this active only with tunneling


SSH can do TCP tunnellng... would it help? Just a wild guess...


_________________
Router: Asus RT-N18U (rev. A1)

Drink, Blink, Stretch! Live long and prosper! May the Force and farces be with you!

Facebook: https://www.facebook.com/changmanwai
Website: https://sites.google.com/site/changmw
SETI@Home profile: http://setiathome.berkeley.edu/view_profile.php?userid=211832
GitHub: https://github.com/changmw/changmw
andrea_m83
DD-WRT User


Joined: 16 Jun 2020
Posts: 50

PostPosted: Mon Jul 26, 2021 18:40    Post subject: Reply with quote
mwchang wrote:
andrea_m83 wrote:
If I remove this comand from firewall I can access remotely to the host's webgui, but i need to keep this active only with tunneling


SSH can do TCP tunnellng... would it help? Just a wild guess...



I need to access via web GUI,but it is not clear to me what you mean
andrea_m83
DD-WRT User


Joined: 16 Jun 2020
Posts: 50

PostPosted: Tue Aug 10, 2021 23:27    Post subject: Reply with quote
no solution guys? tried to bypass the host port over the tunnel, but no solve
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 14125
Location: Texas, USA

PostPosted: Tue Aug 10, 2021 23:58    Post subject: Reply with quote
I think a few things might help get an answer. Like what kind of video device (brand and model), router in question, what version of DD-WRT you're running. All applicable information should be provided so the community can help you better. Are you trying to remote view a specific camera or a dvr?
_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT
Pogo - A minimal level of ability is expected and needed...
DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)

----------------------
Linux User #377467 counter.li.org / linuxcounter.net
andrea_m83
DD-WRT User


Joined: 16 Jun 2020
Posts: 50

PostPosted: Wed Aug 11, 2021 23:39    Post subject: Reply with quote
Hi, it's an stb linux box, dreambox.
My router is a netgear r6700v3, whith DD-WRT v3.0-r46854 std.
I need to access the web gui of my stb, just opened a remote port mapped to local through my vpn provider.
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12837
Location: Netherlands

PostPosted: Thu Aug 12, 2021 7:27    Post subject: Reply with quote
We really want to help but if you do not share the proper information you will not get proper answers.

You start with:
Quote:
I want to remotely reach a video device inside my LAN behind the DD-WRT router. If I insert the dyndns on the router I can reach the gui of this, but it is possible to reach any other device? how can I associate the hostaname no-ip to my video device?


We say you should port forward

You answer I have setup a VPN client.

No, we answer if you want to contact your network you have to setup a VPN server.

You answer I do not use VPN and have the same problem

and your last answer:
Quote:
just opened a remote port mapped to local through my vpn provider.


It is really not clear what you want so we cannot help.

To connect to a local client from outside you have to port forward via the WAN or use a VPN server to connect from remote

If you use a VPN client you cannot use the WAN to port forward unless you use Policy Based Routing of the VPN client. The WAN must stay free of the VPN client to be usable for port forwarding.

You can port forward via your VPN client if your provider supports that (the provider has to open ports for you) and you have to manually do the port forwarding as the normal port forwarding only forwards via the WAN)

So if you want help you have to give all the information and respond to our anwers

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
andrea_m83
DD-WRT User


Joined: 16 Jun 2020
Posts: 50

PostPosted: Fri Aug 13, 2021 15:31    Post subject: Reply with quote
ok, let's do a bit of clarity.

I need to reach by remote the web GUI of my Linux stb (192.168.1.9).
I have set in my DD-WRT router only a vpn client, so that the stb can reach the Internet only after that a tunneling is established (behind the router), with this command:

Code:
iptables -I FORWARD ! -o tun1 -s 192.168.1.9 -j DROP


If removed, remote access works regularly, but I want it to work when I am connected to my VPN.

My VPN provider is AirVPN, and they forwarded a remote port (64635) to the web GUI port of my stb (1024).

I have just inserted these rules in my firewall for forwarding with iptables:

Code:
iptables -I FORWARD -i tun1 -p udp -d 192.168.1.9 --dport 1024 -j ACCEPT
iptables -I FORWARD -i tun1 -p tcp -d 192.168.1.9 --dport 1024 -j ACCEPT
iptables -t nat -I PREROUTING -i tun1 -p tcp --dport 1024 -j DNAT --to-destination 192.168.1.9
iptables -t nat -I PREROUTING -i tun1 -p udp --dport 1024 -j DNAT --to-destination 192.168.1.9
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12837
Location: Netherlands

PostPosted: Fri Aug 13, 2021 16:10    Post subject: Reply with quote
andrea_m83 wrote:
ok, let's do a bit of clarity.

I need to reach by remote the web GUI of my Linux stb (192.168.1.9).
I have set in my DD-WRT router only a vpn client, so that the stb can reach the Internet only after that a tunneling is established (behind the router), with this command:

Code:
iptables -I FORWARD ! -o tun1 -s 192.168.1.9 -j DROP


If removed, remote access works regularly, but I want it to work when I am connected to my VPN.

My VPN provider is AirVPN, and they forwarded a remote port (64635) to the web GUI port of my stb (1024).

I have just inserted these rules in my firewall for forwarding with iptables:

Code:
iptables -I FORWARD -i tun1 -p udp -d 192.168.1.9 --dport 1024 -j ACCEPT
iptables -I FORWARD -i tun1 -p tcp -d 192.168.1.9 --dport 1024 -j ACCEPT
iptables -t nat -I PREROUTING -i tun1 -p tcp --dport 1024 -j DNAT --to-destination 192.168.1.9
iptables -t nat -I PREROUTING -i tun1 -p udp --dport 1024 -j DNAT --to-destination 192.168.1.9


Port forward rules for the VPN look OK, you know if you are using udp or tcp so get rid of the ones not used.

Your rule is probably mend as kill switch, it blocks everything not going out of tun1 so also traffic going out of br0 onto your lan and thus blocking the port forward.

A better alternative is this one (which even allows port forwarding on the WAN). this one is from @eibgrad:
Code:
WAN_IF="$(ip route | awk '/^default/{print $NF}')"
iptables -I FORWARD -i br0 -o $WAN_IF -m state --state NEW -j REJECT --reject-with icmp-host-prohibited
iptables -I FORWARD -i br0 -p tcp -o $WAN_IF -m state --state NEW -j REJECT --reject-with tcp-reset



_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Goto page 1, 2  Next Display posts from previous:    Page 1 of 2
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum