secure connection to my home network

cokecan · 8 Mar 2012 at 14:25

Hey Guys

I'm looking for some advice on setting up a secure connection to my home network from remote sites.

I have DNS Forwarding setup on my domain so it will forward a subdomain on to my modem's external IP.

I also have a few web services setup such as SABnzbd and Subsonic which are accessible over the net using the above subdomain and providing I use the correct port. The problem is these ports aren't always open or accessible from remote sites, plus I'd generally prefer a more secure connection for using remote desktop or similar. All the above are installed on my home fileserver that's running Windows Server 2K8 R2 and is behind a router running TomatoUSB.

What I would like to do is gain access to these services via a secure connection (SSH or VPN or similar) all down a single port (say 22 or 443 or something like that).

Is this possible to do? Ideally I'd like there to be little to no configuration needed on the client side as it's not always possible.

Thanks

cokecan · 8 Mar 2012 at 15:32

Thanks for the suggestions guys but I'd prefer not to have to use RDP/LogMeIn/Teamviewer or similar if all I want to do is use my Subsonic music streaming server for example. Also not keen on the idea of opening 3389 up for RDP unless there is an RDP gateway server or secure tunnel for it to connect down.

At the minute I just go to http://subdomain/music and I get my Subsonic server but this just uses port 80 and I'd like it to be down a secure tunnel if possible. Other things use different ports which arent always open on remote sites which was one of my main reason for wanting a single tunnel/route to my home network and then split off to the right service. Most of the places I generally want to use this stuff has port 22 open for SSH traffic

cokecan · 13 Mar 2012 at 09:29

PistolPete said:
http://tomatousb.org/tut:configuring-a-pptp-vpn

However this will require setting up a client.

I've opted to setup the above, however I'm having a few issues with it

I have an Asus RT-N16 with TomatoUSB 1.28 installed. I followed the guide in the link to setup optware on an ext3 partition then installed poptop and configured accordingly. After trying to connect from my iPhone via 3G it worked great but I started to get a few errors.

I've uninstalled poptop, formatted the memory stick again and gone through the guide again but this time I can't connect with my phone. The phone complains that the communications device disconnected me and checking the logs on the router it's showing a warning about LCP: Timeout sending config-requests and then an error: GRE: read from PTY failed.

Does anyone have any ideas?

cokecan · 13 Mar 2012 at 13:46

as far as I know. there is an executable script that runs and modifies the firewall of the router to allow GRE protocol and port 1723 through. If I don't run this script or restart the firewall then I get a generic "can't connect to host" error, after running this it does appear to connect but fails before it authenticates.