Remote Access To Cat Cdma Connected Linux Machine

[thaimite]

My computer in Thailand is connected using CAT CDMA (the only workable option). The operating system is Ubuntu. The connection to CAT CDMA is via a Cradlepoint MBR1000 router.

I am abroad most of the time working and would like to be able to connect to this machine and other devices on my home network.

The problem is that CAT CDMA does not provide a public IP address but a private (10,x,x,x) IP address so normal Linux based remote access software will not work, and I cannot use a DDNS solution as I am unable to open ports in the CAT network!!

My main aim is to gain access to my Ubuntu machine but I would ideally like access to other devices on my home network as well This includes Windows machines belonging to family members, NAS, web cams etc.

Currently I am able to connect using Teamviewer, but I find it slow, and buggy (Linux version).

Therefore I am wondering what other options I may have. (changing my server to Windows is not acceptable)

One option I am considering is setting up some sort of VPN where my Thailand machine would be the client and either a Virtual Server or my laptop using DDNS would be the server. This machine would then form a tunnel to my laptop (directly or otherwise) when on line.

Can anybody advise me

1. Is this a workable solution

2. Any better solutions

3 Is it possible to connect to a private VPN via CAT CDMA

I am expecting to return to Thailand on leave in the next few weeks and would like to as much infomration as possible before I arrive so that I can bring any hardware, software needed with me.

Edited May 10, 2011 by thaimite

[thaimite]

Follow Up.

I have been looking at Hamachi.

Has anybody experience of using it with Ubuntu?

[Tywais]

As for the IP you can sign up for a dynamic IP service like dyndns. There are others also. Then you can use a VNC server/client such as TightVNC for the remote access. It has both Windows and Linux versions. Of course once you connect remotely to your primary computer you can access the other systems through it.

There is even a version of VNC for Android so you can access your home system from your mobile.

[RKASA]

Can't CAT give a fixed IP address at a small extra cost - that means you will need nothing as Ubuntu most likely has everything in it or can be from the repo.

[thaimite]

Can't CAT give a fixed IP address at a small extra cost - that means you will need nothing as Ubuntu most likely has everything in it or can be from the repo.

CAT does not even give a public IP address. Like most CDMA or 3G suppliers the IP you get is a private one. Mine is in the 10.x.x.x range.

I have checked with DYNDNS and they quite clearly state that if you have such an IP address and are unable to do port forwarding (CAT will not give me access to their routers!!) then DYNDNS will not work at the Thai end. Torrents and suchlike also suffer the same problem of no port forwarding. This is the big drawback of any mobile connection.

[thaimite]

There is even a version of VNC for Android so you can access your home system from your mobile.

Myproblem is the reverse. As my home system is on the mobile network, from a networking point of view it is as if I wanted to control the Android from home

[dharmabm]

sounds like the only good advice is - you need a new ISP ;>}

[thaimite]

sounds like the only good advice is - you need a new ISP ;>}

I agree, However see line 1 of post 1

[rakman]

There is even a version of VNC for Android so you can access your home system from your mobile.

Myproblem is the reverse. As my home system is on the mobile network, from a networking point of view it is as if I wanted to control the Android from home

You're correct in that you could VPN out or reach any device from home to a public IP device or server, but will never connect to home from outside the network unless your home machine is VPN'd into a third server or service with a public IP to connect to.

The trick is to find a static IP tunneled somewhere that can be a gateway back to your home machine.

Logmein doesn't have a product for Ubuntu (or linux) yet.

You could use a virtual Windows machine with logmein or try this: http://banckle.com/apps/online-meeting/default.html

I don't know anything about it, but it has a remote access mode.

[thaimite]

There is even a version of VNC for Android so you can access your home system from your mobile.

Myproblem is the reverse. As my home system is on the mobile network, from a networking point of view it is as if I wanted to control the Android from home

Logmein doesn't have a product for Ubuntu (or linux) yet.

Thanks

Last Night, I found there is a Beta version of Hamatchi for Ubunutu and managed to get the PPA for that and the Gui which I have installed on my laptop.

I have a week or so play with it here in a "normal" environment beofre I go home and try to set this all up.

Thanks for the input.

[thaimite]

The search continues, and I have just found this great product

NeoRouter supports all platforms and enables client PC's to locate their server via the web, and will then (if possible) for a direct P2P tunnel between the users on the group.

They also have a portable version of the software that does not require installation so can be run from a flash drive on any PC

to gain access to your home network

NeoRouter differs from Hamachi in that the server is not held on the web, but is one of your designated machines with a real IP address. This has the advantage of being more secure.

The icing on the cake is that they do a WRT firmware plug-in which means I can upgrade an old router and then in theory have full access to all machines and devices on that network including webcams etc

Edited May 12, 2011 by thaimite

[justsumhelp]

Can you please explain why teamviewer works ?

Unless you used it from your own network then most reputable remote pc software should have worked.

You mentioned ubuntu, did you make sure your service ports were open?

[thaimite]

Teamviewer works because I do not need to open any ports.

Both ends of the team viewer software make contact with the Teamviewer servers which then links them together.

As stated above not having a real IP address, means I am unable to open ports to to direct the traffic through the NAT transition.

In other words if you are usinng a system where the controlled computer can call out too advertise its presence then NAT and port forwarding is not an issue, but with a traditional remote dial in where the client sits passive waiting for the connection, the inbound connection does not know where to go when it hits the NAT unless the appropriate port is forwarded.

The disadvantage of a solution like teamviewer is that the machine is advertising its presence on a 3rd party web server which could be a security risk.

Hamachi works the same was as Teamviewer, My issue with Teamviewer is stability and fucntionality under Linux. Often I get issues when I call in that can only be fixed by having somebody reboot the remote machine which is a feature that cannot be done on Teamviewer runni ng on Linux Linux.

Neorouter which is my preffered solution is slightly different it relies on one of your own machines being available on the Internet to accept the advertising of the presence of the remote machine, In my case this means that my laptop which I connect from will need to act as the server for innitiating the connection and it will need a real IP address with the port forwarded. This nice part about Neorouter is that it can be loaded on to my Linksys router so I have connection to all devices on my network even ones that are unable to run a software like Teamviewer.

To help you understand port forwarding, think of port forwarding like having a business telephone extension. (your prvate IP address)

Anybody calling your office (public IP address) who does not know your extension number will not be able to conntact you.

However if you tell the receptionist that any calls from Mr X are to be forwarded to your extesnion (port forwarding) the problem is solved.

That is a loose analogy to port forwarding.

My poroblem is that CAT will not give me the ability to issue such an instruction to their receptionist (router).

Teamviewer works by opening a link to a 3rd party receptionist whose sole job is to connect other teamviewer clients together.

Edited May 19, 2011 by thaimite

[4evermaat]

any reason why you do not lease a vps? would possibly a cheaper option, always on, direct connection via remote desktop client, and you can suspend cat cdma when you leave, then reactivate when you return to thailand.

edit: CAT is good; I've left the USB stick plugged into mac for many days, but I wouldn't rely on it (or any home connection) if I were you. what if the modem goes out or needs to be restarted? The connection software can hang or crash for any reason. Perhaps linux is more stable than mac/windows versions, but unless you have someone here that can restart it, why not have a vps, which is always on, redundant internet connection, tech support, etc.

I can get a cheap windows server vps for 30 with no forced reboots from wwww.commercialnetworkservices.com . I'm sure comparable linux is cheaper.

Edited June 18, 2011 by 4evermaat

[Guest]

How about following:

- Get an microserver from Amazon EC2 (free tier for 1 year for new users)

- Connect your CAT CDMA dongle to OpenWRT router or linux server (could be old laptop as well)

- Setup the PPP and this router/server will become the connection hub

- Crete VPN tunnel between microserver and home server

- Connect from the internet to the microserver and from there to the home server.. and other home devices.

[babbo]

Did you ever get this one sorted?

I can easily put together a solution for your problem; I've done it many times in the past.

[thaimite]

Did you ever get this one sorted?

I can easily put together a solution for your problem; I've done it many times in the past.

Sorry for the slow reply, I did not see your post

I have it sorted. I bought 2 Cisco routers, loaded them with the DD-WRT firmware and set up a VPN between them. It works reliably but is VERY slow