![]() ![]() (To my knowledge the Windows host firewall is not able to do this) If you want advanced features like geo-blocking you may have to think about a dedicated firewall. ![]() We need to be able to set static IPs if we want to use port forwarding. Static IPs for your Workstation & VPN Server/Gateway I guess if you set this up already it should be clear. I guess If you have a MC Server setup you did something like this already? If we want to setup a VPN we need to be able to forward traffic received on our router to be forwarded to our VPN server. Per default your router at home should block all new incoming connections from the internet. This is feature on most home routers that allow you to forward a defined port to a device in your network. Things I would have a look at (already mentioned by the others) So if you only need a connection to you Workstation at home, you could fill in your Workstation IP in there so the connected VPN client is only allowed to this IP.įor full transparency as far as I’ve gone with this in the past is a DDNS server and all traffic routed through a commercial VPN, so much more than that and I’m not very knowledgeable. This is not for the IPs allowed to connect, but for the IPs the device is allowed to be forwarded to after it connected. The Dynamic DNS part is probably the most important step, so that no matter what IP your home address gets, you can still connect to your VPN. Then you can use Microsoft’s RDP client in Android to connect to RDP from your phone. Just make sure that both your Windows machine and your VPN (or just Windows if you set Wireguard on it) has a statically mapped IP address configured in your DHCP server (usually your router). You can also do split tunnel, so not all the traffic goes to your home (instead of using 0.0.0.0/0 on your phone, just use the subnet of the VPN and of your home LAN and that’s it, EZ PZ). On Android you may need to reconnect from time to time if you leave it always open. Some routers have DDNS built-in (like asus’ ), but if your router doesn’t have it, you can use other services like no-ip.Īs others recommend, Wireguard is lightweight and easy to configure. Make a VPN, either on a device on the same network as your Windows machine (like a RPi 4), or directly on Windows, then port forward the VPN port on your router. That being said, the less I have to use a terminal from an android phone the better.ĭon’t expose RDP port on the internet. Speaking of NAS/ remoting, do people still use FTP for remote file transfers when setting something like this up? SCP over SSH seems to be a good way to go. I have a spare Windows (i5-4th gen) box that I’m looking to run this on, currently it’s a minecraft server and a “NAS” so it’s already up all the time. I’ll have to DL the wireguard android app and see whats up. I believe you’re saying basically the same as incite, except using Linode.Īnother question: I see you have to whitelist IPs for wireguard, considering I use a VPN on my phone already, wouldn’t this cause problems (connecting from a different node, etc.)? Also I doubt my phone is assigned a static IP on the cellular network? EDIT: I suppose if i have it set to 0.0.0.0 it should catch everything, right? So secure, only you have access, know about it, and you can add extra security. ![]() Linode, Secure SSH with Keys, Secure VPN with keys 1 to 1 connection, then RDP. Please make sure that any service you expose to the Internet is up-to-date and uses strong passwords/keys. I suppose the goal is to be able to remote into my main comp and have my full windows desktop available, (from my phone or preferably any computer as long as I have credentials) be able to see the rest of the LAN that that comp is on once I’m remoted in (for NAS access), and be able to move files to and from my LAN to whatever I’m remoted in with. Would be a plus, but Parsec was just an extremely convenient solution to be able to remote in from anywhere. This is what it seems like I’m going to do, however, since I’m running my own VPN, I’m looking into having all traffic on the network run through it, though not sure chromecasts and such will still work. (As my Windows computer at home is not running 24/7 and I am using Wake-On-Lan if I need to connect to it.) In my case I have a separate Linux host with Wireguard. If you go with a VPN solution like Wireguard you could do it directly on your Windows PC and then use RDP through the VPN tunnel. I would not recommend to expose your RDP port to the internet. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |