Security?

Discussions about Mainlobby running on Apple mobile devices.
rileydog
Expert
Expert
Posts: 667
Joined: Wed Jun 02, 2004 12:25 am
Location: Kalamazoo, Michigan
Contact:

Security?

Postby rileydog » Mon Oct 04, 2010 9:22 pm

I would really like to use my iPhone on the road - of course, that means opening up the ports in my firewall and that makes me a little nervous - anyone have some sort of security for their iPhone scenes yet? Username/login or something?

Thanks,

User avatar
Krumpy
Developer
Developer
Posts: 1228
Joined: Thu Sep 04, 2003 10:17 pm
Location: Minneapolis, Mn
Contact:

Re: Security?

Postby Krumpy » Mon Oct 04, 2010 9:36 pm

IOS devices support VPN. Why not use that? Works for me...

rileydog
Expert
Expert
Posts: 667
Joined: Wed Jun 02, 2004 12:25 am
Location: Kalamazoo, Michigan
Contact:

Re: Security?

Postby rileydog » Mon Oct 04, 2010 10:00 pm

Wow - that makes a lot of sense! That is perfect - thanks!

ricks
Is there life beyond Cinemar?
Is there life beyond Cinemar?
Posts: 1127
Joined: Wed Oct 27, 2004 7:01 pm
Location: Latham, Massachusetts
Contact:

Re: Security?

Postby ricks » Tue Oct 05, 2010 9:46 am

I know this is asking alot, but would anyone mind doing a brief tutorial on how to setup a VPN between an iPhone and a home server?

Rick :oops:

rileydog
Expert
Expert
Posts: 667
Joined: Wed Jun 02, 2004 12:25 am
Location: Kalamazoo, Michigan
Contact:

Re: Security?

Postby rileydog » Tue Oct 05, 2010 9:58 am

For windows server side, I used this:

http://www.aeonity.com/frost/howto-wind ... rver-setup

As for the iPhone, it is really easy - go into settings, general, network, VPN - setup new connection

For some reason, everything works except my cameras - they are no images on the scene but the wheel (like it is loading) keeps spinning. Is there some port I need to punch besides the VPN ports to make the cameras work? I am using ML's IP Camera...

ricks
Is there life beyond Cinemar?
Is there life beyond Cinemar?
Posts: 1127
Joined: Wed Oct 27, 2004 7:01 pm
Location: Latham, Massachusetts
Contact:

Re: Security?

Postby ricks » Tue Oct 05, 2010 11:15 am

Great info. Thanks for the pointer.

I've selected the PPTP option over L2TP or IPSec and during the iphone vpn configuration, they request the following entires. Apple documentation is so weak they give no clarity to these settings. I am assuming the following:

Description: (whatever)
Server: (The server I've set up at home)
Account: (The names I've set up on my server for vpn)
RSA SecurID: (Off)
Password: (The password I assigned to the names I set up on my server)
Encryption Level: (Auto)
Send All Traffic: (On)

The question I have is what entry goes into the "Server" box? Do I need to get one of those dns resolution accounts - freebies that must be renewed each month?

Thanks in advance
Rick

bigDvette
Expert
Expert
Posts: 718
Joined: Thu Oct 12, 2006 12:19 pm
Contact:

Re: Security?

Postby bigDvette » Tue Oct 05, 2010 5:26 pm

So is your home server just a server at home or are you talking about Windows Home Server? If WHS, then you use your WHS external name.

If it is not WHS are you using your router for VPN or are you configuring a connection on the machine to accept incoming connections? If you are allowing incoming connections by setting up a new internet connection sharing device server box, you will need to router VPN traffic to that specific machine IP address. The PPTP port is 1723.

You will also need to configure the router to use DynDNS.org or some other dynamic name resolution site. Most routers allow this.

after you have done that you can VPN from teh iPhone using PPTP to the dyndns address you setup above.

User avatar
Krumpy
Developer
Developer
Posts: 1228
Joined: Thu Sep 04, 2003 10:17 pm
Location: Minneapolis, Mn
Contact:

Re: Security?

Postby Krumpy » Tue Oct 05, 2010 6:26 pm

I have a dlink dir330 and do it all in hardware....

ricks
Is there life beyond Cinemar?
Is there life beyond Cinemar?
Posts: 1127
Joined: Wed Oct 27, 2004 7:01 pm
Location: Latham, Massachusetts
Contact:

Re: Security?

Postby ricks » Tue Oct 05, 2010 8:22 pm

I knew you guys made it look too easy. :lol:

Ya, my router is so old I think its the same model Moses used: D-Link DI-524. Very limited functionality, zero instructions but always worked so never needed to replace.

MLServer is on an XP box with outside connections set up. The DI-524 passes PPTP and have port forwarding to the server. Windows firewall is off. I was hoping to avoid the
DynDNS.org option if at all possible. ... email notice to renew + save for later = no service.

Is it possible to do without DynDNS?

Either way, I guess it's time to invest in a new router, at least that may come with instructions.

Thanks,
Rick

bigDvette
Expert
Expert
Posts: 718
Joined: Thu Oct 12, 2006 12:19 pm
Contact:

Re: Security?

Postby bigDvette » Tue Oct 05, 2010 8:36 pm

Yeah, for next to nothing you can get a router with DynDNS all bundled in and turn on your firewall :-)

Better yet, get a router with a VPN PPTP server built in.

I use an RV042 which allows me to have dual wan so it is a bit overkill, but you can find a PPTP router for under $100 now days and it makes administration a bit easier. You can get in to your network even if your server is down.

rileydog
Expert
Expert
Posts: 667
Joined: Wed Jun 02, 2004 12:25 am
Location: Kalamazoo, Michigan
Contact:

Re: Security?

Postby rileydog » Wed Oct 06, 2010 7:31 am

You can always reference the IP address directly - just do myipaddress.com on the server and use that IP.

I know that the IP may change - but if you want to get by until you get new hardware you can test and make it work referencing the IP... My IP is supposedly dynamic but hasn't changed in a year.

Clever1
Senior Member
Senior Member
Posts: 220
Joined: Mon Jan 14, 2008 10:31 am
Location: Huntsville, AL.
Contact:

Re: Security?

Postby Clever1 » Tue Oct 12, 2010 3:10 pm

You could always setup a couple of rules on your MLSever that keeps your external IP address upto date and then watches the variable for a change which then texts or emails you with the new address. The rule could even update your web server variable with the new external address if need be.


Return to “MainLobby on iPhone, iPod Touch”

Who is online

Users browsing this forum: No registered users and 1 guest