I was wondering how I can access my Raspberry Pi outside my home network. I can VNC through a SSH tunnel over my WIFI internally but I could never manage to do it externally. Is it something to do with port forwarding and maybe DynamicDNS?? Thanks in advance.
On your home router you should check for port forwarding
There will be a table that has entries for host, port and some description.
to just get it done :
1. check your IP address by looking at your router’s WAN address.
on the router config/port forwarding, forward all requests to port 22 ssh to your RPI’ IP address.
To test this just ssh to the address from step 1 , if its all working then you will get a prompt for username.
There are times when your WAN IP will change so yes if you want it to be permanent you should get a domain registered and then sign up for dynDNS service that will allow you to point your domain name to their DNS server and you will get a key from DYNDNS that allows you to run a script every 2-3 minutes to update YOUR actual WAN IP at DYNDNS so they can properly resolve your address when the ISP changes it.
I HIGHLY RECOMMEND YOU HARDEN YOUR RPI if you OPEN it up on PORT 22, install the BlockHost or any of these Blocking IPs
I recently read a good article on exactly what your looking for. You can find the article here:
If you use
RaspBMC for exemple, all external access are block by default.
You can change this :
Just edit this file :
sudo nano /etc/network/if-up.d/secure-rmc
Found this lines :
logger -t iptables "Configuring ip tables for interface $IFACE" if [ "$IFACE" != "lo" ]; then NETMASK=$(get_subnet $IFACE) iptables -A INPUT -s $NETMASK -i $IFACE -j ACCEPT iptables -A INPUT -i $IFACE -j DROP fi
And add :
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
just before :
iptables -A INPUT -i $IFACE -j DROP
Exit, save & reboot.
If you want to open all port => you can comment the logger line and all the if statment.
For an other port, just change the