Using No-IP to Access my Home Network from Abroad

Man of Honour
Soldato
Joined
2 Aug 2005
Posts
8,721
Location
Cleveland, Ohio, USA
I've got a home server running Linux that I'd like to contact from outside my home network for the purpose of remote administration. I have DSL service with a dynamic IP address that changes a few times per day. I connect via ssh which, for the purposes of discussion, uses port 22. In my router running DD-WRT I set it to forward port 22 to its local IP address which we'll call 192.168.0.100. I was able to point ssh to it by knowing the external IP for the moment, let's say 34.45.126.99 like so:
ssh -p 22 [email protected]

I'd like to be able to use no-ip so that I don't have to know the dynamic IP address any more. Now I'd like to be able to do something like
ssh -p 22 bti@http://billsserver.no-ip.org

I might have misconfigured it or something, but I can't access it from the URL no-ip gave me. I installed the no-ip client on the machine and configured it. I guess I just don't know what to put in the config. At no-ip's web site in the profile it asks for its IP address and I'm not sure if I should be giving its local IP or my modem's current external IP.

Long story short, does anybody have any good setup guides or know-how in this area that can help? I've never really used no-ip's service before.


Am I going about this all wrong?

Thanks in advance. :)
 
Doesnt you router have a setting for the DDNS, lots of them do ?
You can make you router update no-ip with you current ip address saves messing about with clients
 
Is the DD-WRT firmware updating itself with no-ip correctly?

Secondly, losing the http:// from the start of the URL might help too, you aren't using HTTP after all :)
 
I don't have any idea what sort of settings I need to change in the router. When I get home tonight I'll scout for DDNS-related settings and ask what to do here. :p

Thanks thus far. :)

EDIT: If it might matter, I always get the following when trying to connect:
bti@TCB247:~$ ssh -p 22 [email protected]
ssh: connect to host billsserver.no-ip.org port 22: Connection refused
 
Last edited:
Did you actually enable the port forward?

Are you running anything on the target machine like iptables?

EDIT: Just had another thought, your ISP might block incoming connections on ports like 22, 25, 80 etc. If you get no joy with the above stuff, you should try changing your port forward on the router to forward incoming connections on a really high port number (10000 or something) and see if that changes anything.

I would also check that the box knows where the internet is!
 
Last edited:
I did definitely enable the port forwarding. If I hadn't I wouldn't ever have been able to ssh into it when I had the current external IP address, no?

I haven't touched iptables on it. It's just a wee MythTV backend. I'd like to be able to check up on it when I'm away.
 
Ah yes I forgot about that bit, didn't re-read the OP.

It does sound like your DDNS isn't updating properly then.
 
When I'm at home this evening I'll have better, more specific information for you. I'll see what I can find in the router, the no-ip profile page, and the machine's configuration file.
 
If billsserver.no-ip.org is the actual address you've got, it's pointing towards two IPs:

;; ANSWER SECTION:
billsserver.no-ip.org. 360 IN A 204.16.252.108
billsserver.no-ip.org. 360 IN A 69.65.19.125

One belongs to no-ip, the other belongs to GigeNET in IL.

his router is likely to drop pings? ;)

Only if it's improperly configured.
 
If billsserver.no-ip.org is the actual address you've got, it's pointing towards two IPs:



One belongs to no-ip, the other belongs to GigeNET in IL.



Only if it's improperly configured.

Or properly configured, depending on which side of the security fence you sit on really. My firewalls drop anything I don't explicitly allow through. How that is "improperly" configured I'm not quite sure ;)
 
billsserver is not the actual name. I'm keeping that private, just like the forwarded port. :)

Pretty much the wh0ole router config is stock DD-WR v23 PS2 except for the root password, wireless setup, a few forwarded ports, and static DHCP for most of my machines.
 
The IP you should be feeding no-ip is the public IP you get from your ISP, but unless you do NAT loopback it won't work from the inside.

How that is "improperly" configured I'm not quite sure ;)

The other side of the fence is the paranoid GRC.com side, full of conspiracy theorists and wackjobs.
How improperly depends on how granular you can be at blocking ICMP - blocking it entirely breaks MTU path discovery, for starters.
At most, responding to echo requests lets someone know there's something at that IP address - zippedy-doodah, considering it makes any kind of diagnostics a hell of a lot easier.
 
I block it from the internet unless it fits a specific set of criteria. IPTables lets me do cool stuff like that :D

Paranoid/wackjob? Not really :p
 
TCB247:~ bti$ ping billsserver.no-ip.org
PING billsserver.no-ip.org (34.45.126.99): 56 data bytes
^C
--- billsserver.no-ip.org ping statistics ---
41 packets transmitted, 0 packets received, 100% packet loss

I reconfigured the server to be sure that I put everything right in the config file. I ssh'd into my workstation at the office and, as above, tried to ping it. The hostname to IP resolved correctly so it would appear that no-ip has their stuff right, at least based on what I entered in the web host configuration. I got tired of waiting for it to timeout so I ctrl C'd it.

When I try to ssh I get:
TCB247:~ bti$ ssh -p 22 [email protected]
ssh: connect to host billsserver.no-ip.org port 22: Connection refused

When I try to do it the old fashioned way, using the direct IP and port, it answers ping and allows ssh access.
 
Back
Top Bottom