Posted: Tue Jul 20, 2021 1:26 Post subject: Dyndns association host
I want to remotely reach a video device inside my LAN behind the DD-WRT router. If I insert the dyndns on the router I can reach the gui of this, but it is possible to reach any other device? how can I associate the hostaname no-ip to my video device?
Now router GUI is recovered, supposed to be a problem whit dyndns server. I also partially solved the problem of accessing the web gui of the host inside the LAN. This is behind openvpn and I have entered the comands in the firewall so that it can access Internet only if the tunnel is standing, as below:
Code:
iptables -I FORWARD ! -o tun1 -s 192.168.1.199 -j DROP
If I remove this comand from firewall I can access remotely to the host's webgui, but i need to keep this active only with tunneling
Joined: 08 May 2018 Posts: 14125 Location: Texas, USA
Posted: Tue Aug 10, 2021 23:58 Post subject:
I think a few things might help get an answer. Like what kind of video device (brand and model), router in question, what version of DD-WRT you're running. All applicable information should be provided so the community can help you better. Are you trying to remote view a specific camera or a dvr? _________________ "Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT Pogo - A minimal level of ability is expected and needed... DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)
----------------------
Linux User #377467 counter.li.org / linuxcounter.net
Hi, it's an stb linux box, dreambox.
My router is a netgear r6700v3, whith DD-WRT v3.0-r46854 std.
I need to access the web gui of my stb, just opened a remote port mapped to local through my vpn provider.
Joined: 18 Mar 2014 Posts: 12837 Location: Netherlands
Posted: Thu Aug 12, 2021 7:27 Post subject:
We really want to help but if you do not share the proper information you will not get proper answers.
You start with:
Quote:
I want to remotely reach a video device inside my LAN behind the DD-WRT router. If I insert the dyndns on the router I can reach the gui of this, but it is possible to reach any other device? how can I associate the hostaname no-ip to my video device?
We say you should port forward
You answer I have setup a VPN client.
No, we answer if you want to contact your network you have to setup a VPN server.
You answer I do not use VPN and have the same problem
and your last answer:
Quote:
just opened a remote port mapped to local through my vpn provider.
It is really not clear what you want so we cannot help.
To connect to a local client from outside you have to port forward via the WAN or use a VPN server to connect from remote
If you use a VPN client you cannot use the WAN to port forward unless you use Policy Based Routing of the VPN client. The WAN must stay free of the VPN client to be usable for port forwarding.
You can port forward via your VPN client if your provider supports that (the provider has to open ports for you) and you have to manually do the port forwarding as the normal port forwarding only forwards via the WAN)
I need to reach by remote the web GUI of my Linux stb (192.168.1.9).
I have set in my DD-WRT router only a vpn client, so that the stb can reach the Internet only after that a tunneling is established (behind the router), with this command:
Code:
iptables -I FORWARD ! -o tun1 -s 192.168.1.9 -j DROP
If removed, remote access works regularly, but I want it to work when I am connected to my VPN.
My VPN provider is AirVPN, and they forwarded a remote port (64635) to the web GUI port of my stb (1024).
I have just inserted these rules in my firewall for forwarding with iptables:
Joined: 18 Mar 2014 Posts: 12837 Location: Netherlands
Posted: Fri Aug 13, 2021 16:10 Post subject:
andrea_m83 wrote:
ok, let's do a bit of clarity.
I need to reach by remote the web GUI of my Linux stb (192.168.1.9).
I have set in my DD-WRT router only a vpn client, so that the stb can reach the Internet only after that a tunneling is established (behind the router), with this command:
Code:
iptables -I FORWARD ! -o tun1 -s 192.168.1.9 -j DROP
If removed, remote access works regularly, but I want it to work when I am connected to my VPN.
My VPN provider is AirVPN, and they forwarded a remote port (64635) to the web GUI port of my stb (1024).
I have just inserted these rules in my firewall for forwarding with iptables:
Port forward rules for the VPN look OK, you know if you are using udp or tcp so get rid of the ones not used.
Your rule is probably mend as kill switch, it blocks everything not going out of tun1 so also traffic going out of br0 onto your lan and thus blocking the port forward.
A better alternative is this one (which even allows port forwarding on the WAN). this one is from @eibgrad:
Code:
WAN_IF="$(ip route | awk '/^default/{print $NF}')"
iptables -I FORWARD -i br0 -o $WAN_IF -m state --state NEW -j REJECT --reject-with icmp-host-prohibited
iptables -I FORWARD -i br0 -p tcp -o $WAN_IF -m state --state NEW -j REJECT --reject-with tcp-reset