Access remote networks without a VPN!
Mangirdas Judeikis
Posted on September 20, 2021
Synpse is an end-to-end platform to manage your device fleet that can grow to hundreds of thousands of devices, perform OTA software updates, collect metrics, logs, deploy your containerized applications and facilitate tunnel-based SSH access to any of your device. You can find a Quick Start here.
Sometimes you get into situations, where you want to configure your home router to expose new ports, or help your close ones to configure some network device in their home network (IP camera, router, smart home system). How many times you wanted to have SSH access into your mini server at home while on holidays?
I had a similar case. I was traveling, and at some point I needed to reconfigure my home wifi router because ISP updated the firmware, and external IP address changed and I lost all port forwarding rules to my "home hosted devices". So no more free home hosted VPN (I will have separate post about this)
Luckily, I had synpse device running in my home! I will show a simple and easy way to access your remote networks in cases like this.
Proxy feature
Synpse allows you to proxy from your laptop to remote device for the local development:
synpse device proxy <device-name> <local-port>:<remote-port>
This is very helpful, when you are doing remote development and need to debug remote devices and application. But there is more to this. Synpse can act as forward proxy to other devices on the remote network (nothing what normal SSH can't do too but just makes it easier). Diagram bellow show how this could be used at the high level:
To achieve this, just change a command a bit:
synpse device proxy <device-name> <local-port>:<hostname/ip>:<remote-port>
How does this looks like?
In my case, we needed to access WIFI router and reconfigure it.
SSH into remote device to check network address space it is running in.
synpse device ssh rpi3
root@synpse:/# ip a
...
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether b8:27:eb:15:c6:af brd ff:ff:ff:ff:ff:ff
inet 192.168.0.178/24 brd 192.168.0.255 scope global dynamic eth0
valid_lft 85386sec preferred_lft 85386sec
inet6 fd01::ba27:ebff:fe15:c6af/64 scope global dynamic mngtmpaddr noprefixroute
valid_lft 286sec preferred_lft 286sec
inet6 fe80::ba27:ebff:fe15:c6af/64 scope link
valid_lft forever preferred_lft forever
...
We see that my device is in 192.168.0.1/24
network. We know our router is the first IP address in the network. Lets get to it:
synpse device proxy rpi3 8443:192.168.0.1:443
forwarding port (local->remote) 8443 -> 192.168.0.1:443
And this is it. Open https://localhost:8443
and you should see the router page:
./wrap_up
In short, Synpse is not only tool to manage deployments for your IoT fleet, but it is a development and debugging tool too!
If you have any questions or suggestions, feel free to start a new discussion in our forum or drop us a line on Discord
Originally published at: https://synpse.net
Posted on September 20, 2021
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.