Remote Access to Network (Toolkit - 2021 options)

Discussion in 'General Discussion' started by znelbok, Jan 17, 2021.

  1. znelbok

    znelbok

    Joined:
    Aug 3, 2004
    Messages:
    1,151
    Likes Received:
    17
    I am once again in need of a solution to remotely access a network so I can configure/tweak the system in question.

    What are the current options for remote access to the network.

    I can port forward port 10001 but that has not worked so far (the owner may have unplugged the CNI for some reason - yet to check).

    I have in the past had a Pi running C-Gate and connected to the remote CGate but that puts the project at the remote end and I would rather have the project local if possible (and negating the need for a Pi at every site).

    Any other options that people are using?

    Thanks
     
    znelbok, Jan 17, 2021
    #1
  2. znelbok

    chromus

    Joined:
    Jan 27, 2014
    Messages:
    422
    Likes Received:
    50
    Location:
    Perth
    My preferred and the most secure is VPN into the network.

    Other alternatives:

    MS remote desktop into a windows machine on the network which has toolkit installed -> MS RDP is very secure and low overheads. You create a user that has very restricted permissions (enough to run toolkit and no more) and login using that user.

    VNC similar to the above BUT way less secure and more overheads.

    Open port as u mention with Toolkit at your end.

    Side note: has your user got Homekit/Openhab? if so that might be locking the CNI.
     
    chromus, Jan 21, 2021
    #2
  3. znelbok

    zei20t

    Joined:
    Aug 18, 2010
    Messages:
    130
    Likes Received:
    1
    Location:
    Sydney, Australia
    RDP is absolutely not secure without certificate based authentication and even then its not amazing.

    VPN into the network you want access to, pre-shared key and a complex password should be enough. your average home based router may have a 'VPN server' built in for L2TP, PPTP or IPSec tunnels.

    most common ports are constantly hit by bots scanning for unsecured ways into networks and machines......
     
    zei20t, Jan 21, 2021
    #3
  4. znelbok

    chromus

    Joined:
    Jan 27, 2014
    Messages:
    422
    Likes Received:
    50
    Location:
    Perth
    If you aren't using certificates and IP restrictions then you aren't networking properly anyway. RDP is WAY more secure than other similar solutions like VNC or worse still TeamViewer like I saw an A/C contractor running a few weeks ago.
     
    chromus, Jan 23, 2021
    #4
  5. znelbok

    znelbok

    Joined:
    Aug 3, 2004
    Messages:
    1,151
    Likes Received:
    17
    I'll look into the VPN option to see if it is built into the router/modem. I have always used RDP for LAN access and never WAN access, but if I di use it for WAN I would change the port it uses. I did not realize that Team viewer was seen as insecure - I have used that as a solution with a strong password etc.

    There is no PC at the other end yet and this is an overkill for just a C-Bus install so a Pi with a VPN option may be the best way to go.

    The CNI issues seems to be related to the unit itself - reboot it and it works fine. Nothing else on the network would be holding a connection open to it so I am putting it down to a unit that does not like to be left on (was second hand purchased by someone else for the job)
     
    znelbok, Jan 30, 2021
    #5
Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.