Opening a network connection for admin on remote webcam server with T-stick

Forums › Spark New Zealand (including Skinny and BigPipe) › Opening a network connection for admin on remote webcam server with T-stick

dazz1

97 posts

Master Geek
+1 received by user: 3

#80271 29-Mar-2011 22:55

Hi
I have set up a Linux based remote webcam server.
It is sending images back to a server for display on a web site. That part works OK.

I want to be able to connect to the webcam server to administer it.
For a server wired to the internet that would not be difficult.
For a T-stick, I understand Telecom block all attempts to get into the wireless network.

This means I have to get the webcam server to initiate the connection.
I was wondering how to do this.

If I call the T-stick telephone number, can that be used to trigger the webcam server to initite a vpn link?
Alternatively, could I set up the webcam to attempt to make a connection at set times (eg. 6pm each day)

All I want to do is to be able to log onto the command line of the webcam server from my home PC.

Regards

Dazz

1 | 2

29098 posts

Uber Geek
+1 received by user: 10208

Trusted

Lifetime subscriber

#453328 29-Mar-2011 23:23

I believe it is APN related as to if you get incoming connections or not.

Try direct.telecom.co.nz - I _THINK_ that one was what we had to change to inorder to get stuff to work as expected.

Richard rich.ms

Bold

36 posts

Geek

#453441 30-Mar-2011 11:54

richms is correct. Your APN in you connection settings is likely to be 'internet.telecom.co.nz' at the moment, simply change this to 'direct.telecom.co.nz' and it will behave like a normal wired internet connection.

I've got my home connection setup like this and using dyndns.org have no trouble connecting remotely.

dazz1

97 posts

Master Geek
+1 received by user: 3

#453535 30-Mar-2011 16:41

Hi

I was a bit nervous about changing the APN to "direct". Does that mean all the random traffic that would hit my remote server would count as data used? Does it also increase the risk of someone cracking the server? If someone breaks in, they could use up my pre-paid data allowance in a flash and mess up my server.

I do like the idea of having Telecom block all that internet traffic trying to get to my Webcam server. If I can get the webcam server to initiate the network connection back to my home PC, then that would be OK for me.

I don't know how the T-stick and Ubuntu respond to a cell phone voice call or text message. I am thinking I could use a txt message to initiate a VPN connection from the webcam server to my home. The txt message/call would just be the trigger. That means I could initiate an admin session any time I choose.

Can a T-stick accept a voice phone call or txt message?

Alternatively, I would be happy for the webcam server to initiate a VPN connection at preset times. That would be OK too.

Any suggestions would be much appreciated.

Regards

Dazz

eXDee

4033 posts

Uber Geek
+1 received by user: 1070

Trusted

#453629 30-Mar-2011 21:49

Make a VPN then, so the webcam initiates the connection.

T-sticks can take text messages, however the only model of USB Modem supporting voice in NZ is the 2degrees Huawei one.

richms

29098 posts

Uber Geek
+1 received by user: 10208

Trusted

Lifetime subscriber

#453630 30-Mar-2011 21:50

any reason you dont want to leave the vpn up all the time?

Richard rich.ms

dazz1

97 posts

Master Geek
+1 received by user: 3

#453641 30-Mar-2011 22:17

Hi

I could leave the VPN open all the time but the remote site has unreliable power and the signal is poor. Regardless of whether I leave the VPN open or intermittent, the webcam server still needs to be able to initiate a VPN automatically.

Does anyone know how a data stick responds to a text message????
Does Ubuntu Network Manager log them somewhere??

Can a data stick send a text message from Ubuntu??

Thanks for all the advice and comment.

Regards

Dazz

Quic Broadband

Move to New Zealand's best fibre broadband service (affiliate link). Free setup code: R587125ERQ6VE. Note that to use Quic Broadband you must be comfortable with configuring your own router.

raytaylor

4076 posts

Uber Geek
+1 received by user: 1296

Trusted

#453661 30-Mar-2011 23:24

My two methods would be
1) Change APN to Direct - enable a firewall on your pc and then use no-ip.org for your dynamic access

or

2) Use something like teamviewer.com - I run this for a number of my rural T-Stick or Satelite clients with IT support.

Ray Taylor

There is no place like localhost

Spreadsheet for Comparing Electricity Plans Here

BarTender

3629 posts

Uber Geek
+1 received by user: 2572

ID Verified

Trusted

Lifetime subscriber

#453935 31-Mar-2011 20:33

dazz1: Hi

I could leave the VPN open all the time but the remote site has unreliable power and the signal is poor. Regardless of whether I leave the VPN open or intermittent, the webcam server still needs to be able to initiate a VPN automatically.

Does anyone know how a data stick responds to a text message????
Does Ubuntu Network Manager log them somewhere??

Can a data stick send a text message from Ubuntu??

Thanks for all the advice and comment.

Perhaps this may help: http://www.it.uc3m.es/~ptb/sms-mail/ I haven't tried it but it may work.

Googling around for AT+CGML and this is a good doc talking about the AT commands needed: http://www.control.com.sg/at_commands_sms.aspx

And another good reference site. http://www.cellular.co.za/sms_at_commands.htm

dazz1

97 posts

Master Geek
+1 received by user: 3

#454164 1-Apr-2011 12:26

Hello

All good information thankyou.

After looking a bit harder at the problem, I have decided to shift course a bit. Rather than using SMS, I want to use emails. SMS on T-sticks and Linux seems to be a bit immature at present.

The plan is to set up the webcam server to email a status report daily. This will tell me that it is still alive and connected.

When I want to do admin stuff, I propose to send an coded email (eg. specific words in subject) that will cause the webcam server to:
send and email acknowledge the coded email and
initiate a VPN to my home server.

This would mean that I can avoid exposing the webcam server to the whole internet while still retaining the ability to initiate communications with the server from outside the Telecom wireless network.

So to do this, I would need a lite-weight email command line driven client/server application. I only have a 10G HD on the server, so smallness and simplicity is a plus.

Does this proposal look reasonable?
Any suggestions for an email application? sSMTP looks promising.

Regards

Dazz

dazz1

97 posts

Master Geek
+1 received by user: 3

#454166 1-Apr-2011 12:33

But sSMTP only sends email.
I would also need a simple reader.

Regards

Dazz

dazz1

97 posts

Master Geek
+1 received by user: 3

#479096 8-Jun-2011 20:53

Hi

Does Telecom block incoming traffic to ADSL home connections?

I use a dynamic dns service to keep track of my home PC address.
I can't make an ssh connection from the internet to my home PC.
I can't ping my home PC.

Regards

Dazz

Regards

Dazz

AliExpress

Shop now on AliExpress (affiliate link).

quickymart

14940 posts

Uber Geek
+1 received by user: 13953

ID Verified

#479103 8-Jun-2011 21:08

Nope.

dazz1

97 posts

Master Geek
+1 received by user: 3

#831484 6-Jun-2013 10:21

Hi

Just an update.
I have successfully configured the webcam server to send daily status reports.

I have not been successful in setting up a reverse SSH remote admin connection. It turns out that my Nokia M1122 modem won't allow port forwarding to my IPCop firewall. I am buying a new modem that will allow pinholes to be opened.

Regards

Dazz

michaelmurfy

meow
13579 posts

Uber Geek
+1 received by user: 10910

Moderator

ID Verified

Trusted

Lifetime subscriber

#831492 6-Jun-2013 10:44

dazz1: Hi

Just an update.
I have successfully configured the webcam server to send daily status reports.

I have not been successful in setting up a reverse SSH remote admin connection. It turns out that my Nokia M1122 modem won't allow port forwarding to my IPCop firewall. I am buying a new modem that will allow pinholes to be opened.

Woah, that's an old modem. Get one of the Draytek's modems namely this: [Clicky] then setup a PPPoA to PPPoE bridge to your ipcop firewall. Personally I'd recommend using the direct APN and blocking everything except SSH over Port 22, just for your reference these are the rules you're needing:

iptables -F
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT

Customise the rules to suit you, read "man iptables" to see what each means, also do this over local console if possible just in case if you get locked out.

You can from here put this into /etc/network/if.up/ as a script to execute when the network interface is restarted / PC restarted.

Also for a next step of security set up either key authentication or install Denyhosts.

Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.

deadlyllama

1283 posts

Uber Geek
+1 received by user: 476

Trusted

#831541 6-Jun-2013 12:22

dazz1:
When I want to do admin stuff, I propose to send an coded email (eg. specific words in subject) that will cause the webcam server to:
send and email acknowledge the coded email and
initiate a VPN to my home server.

Why not just keep a VPN up the whole time? I'd recommend OpenVPN. If you need a box with a static IP to run the VPN server, you can get one extremely cheaply -- see the deals on lowendbox.com, or for a box in NZ I'd recommend itlab.co.nz. You can set up a VPN server such that you can connect in from your PC at home to access the other VPN clients connected to it.

1 | 2