I guess that's part of my issue with all this. I don't need speed, all I need is something fast enough to handle interactive terminal usage. Neither do I need security, the remote system has no personal information on it at all, the only data to be stolen is temperatures, voltages and other measurements on my boat.
All I need is a reliable piece of wet string between me and the SBC on the boat. :-)
I don't need or want any of that, the remote machine doesn't need to be able to see my home LAN at all, it's the other direction I need.
It's a headless system so command line only and I want it to be able to boot up into a connected state without any local interaction.
Yes, VPNs aren't really designed for what I want to do are they!
It's possible to use a VPN to get to what I want but it's hardly the obvious/ideal way to do it.
I think in reality my existing setup (behind a WiFi NAT firewall) using ssh tunnels is much closer to what I need than a VPN. It'll work just as well behind a 3G/4G router that's NAT'ted.
Yes, and this is a nice gotcha if you want to connect two networks behind the same type of modem/from one isp; they are bound to use the same subnet, just their default settings; so the vpn connection won't work. I had this once on different modems/isp's; apparently 192.168.178.0 is a popular choice. Solution is to give one of them a different subnet.
You do need security, to prevent it from being taken over by a botnet/hacker and getting you banned from the network. Also if you have a vpn connection, it's effectively on your home lan.
To prevent what "from being taken over by a botnet/hacker"? If they break into my boat and have access to the computer there then there's absolutely nothing that using a VPN will prevent. As I've said it has to be capable of restarting with the connection in place without my interaction. A VPN doesn't help in the slightest as far as I can see.
Exactly the problem, I don't need this at all. I want communication in the other direction only.
Getting back to my original requirement:-
I want to communicate *from* my home system to a headless SBC.
The headless SBC (Pi or whatever) can connect to the internet but it's almost certainly going to be behind a NAT/firewall of some sort.
On a sunny day (Tue, 29 Dec 2020 09:59:11 +0000) it happened Chris Green wrote in :
Depends on your programing skills I wrote smsio.c
formatting link
it receives SMS with a Huawei 3G/4G modem and then executes a script (that you will need to write to do things). In that script (up to you) you should parse for YOUR phone number and some commands (like "knock out pirates" or "stop motor").
The other way around, from boat to your phone via SMS, I wrote the script 'ssms' it is part of xgpspc:
formatting link
scroll down to Anchor drift and water in boat alarm with SMS and PMR radio alert
Very basically it works like this, raspi measures things like GPS location, water level in bilge, some other things, compares it to some setpoints, and sends SMS to your phone every 15 minutes if an error condition persists. It can notify over radio too if needed.
You can repy to that SMS from your phone with an other SMS with some predefined commands as shown above.
But anyways ssms (send SMS part of xgpspc) is like this: #!/bin/bash
# ssms # sends SMS message to a Huawei G3 USB stick, stick must be in data mode with usb_modeswitch
let error=0
if [ "$1" == "" ] then let error=1 fi
if [ "$2" == "" ] then let error=1 fi
if [ "$3" == "" ] then let error=1 fi
if [ "$4" == "" ] then let error=1 fi
if [ $error == "1" ] then echo "Usage:" echo "ssms PIN phone_number device_name message"
To prevent the Raspberry Pi (or Beagle Bone or whatever) from being taken over. It isn't about protecting your humidity sensor readings, it's to prevent it becoming part of a botnet used for sending spam or DDOS attacks. Admittedly a very low chance, they mainly target always-on office Windows PC's, but still worth considering, I think, to prevent it being cut off by the network owner. And, you know, to be a decent netizen.
There is a third common useage, the one I use frequently: I VPN to the universtity library and go to a publisher's website. The publisher sees my university IP-address and recognizes me as authorized to access his content.
It is this that allows me to work from home.
--
/ \ Mail | -- No unannounced, large, binary attachments, please! --
This is ~exactly how the general public now knows "vpn": to pretend to be from a different country and circumvent geoblocks on content. Unfortunately, but perhaps inherently, these are often dodgy services.
What the content providers? Yep the UK's BBC (boy buggering communists as we call em )are distinctly dodgy ....and you need a VPN or some sort of proxy to access them from overseas.
--
"In our post-modern world, climate science is not powerful because it is
true: it is true because it is powerful."
Lucas Bergkamp
Yes, decent routers such as the ASUS range (I'm currently using a RT-ac86u), have built in VPN clients (PPTP, L2TP and OpenVPN) and severs (PPTP, OpenVPN and IPSec VPN).
If your router supports a VPN server, everything on your LAN works as it does now say on 192.168.1.x but there will be an extra subnet say
192.168.2.x on which any devices connected to the VPN will appear on. For those external devices they will think they are part of the
192.168.1.x LAN.
When you create your VPN on the router, it will export a configuration text file, which you use with your OpenVPN client. Depending on the router this will either be usable as is (as my ASUS was) or need a little editing (some clients need it split in to config, key and cert files).
I've never seen that one, most default networks I've seen have been
192.168.0., 192.168.1. or 192.168.254. Occasionally 192.168.16.
But it should be a matter of course to change a new router's network to something fairly random, when you change the admin password. No, you (or your mother) don't want to use a VPN now, but one day you might.
ElectronDepot website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.