Don't Expose Homelab to Internet...[Remote HomeLab Access]

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

you know it can be frustrating that you've built yourself this really really nice home lab I've got a home lab um here it is uh nice rack space I've got my servers I've got my storage and um it works inside my house right it works inside of my studio which is where I am right here but then I leave my house and I'm like ah I need to do something or I need to access something at home maybe you've got it set up to a security system you want to just check some cameras maybe you forgot to shut down that VM maybe you just want to check in and see how everything's running you can access your home lab remotely before we do get into this the tech fail for the day is Google Buzz have you never heard of this well it was a social networking platform developed by Google picture this it's 2010 and you're feeling pretty hip and cool with your new Google Buzz account and you're ready to share your thoughts your photos your links with the world but then things start to go wrong Google Buzz did not know how to play well with others like you know like with like Facebook on that you ask your friends to become friends with you you want to add somebody as a friend you go and request them as a friend and they can go yay or nay Google Buzz was like hey you're part of the Google ecosystem you've got a Gmail account I'm just gonna go and add the these people automatically privacy was a big problem for Google buzz it was like a bull in a china shop handling your personal details like seriously it would expose your email address your private conversations to the world and then there was spam oh the spam annoying intrusive unable to get rid of and in the end Google bars was just something that you just wanted a raise from your memory and forget all about it Google eventually pulled the plug and it was never heard from again and great idea that was a tech fail now we'll just say one small thing your home lab is a space for you to do your own learning it's an experimental place it's a space where you can build servers you can play with tech you can break things so just be aware around exposing that to a wider Network beware of exposing that out to the internet do you want people outside of your home to potentially get access in as long as you're following good practices good procedures you can control that a little bit and we'll talk about that but the benefits of course is that you can access your personal servers you can access your network equipment you can access all of the devices in your home from anywhere just with an internet connection you could potentially even do it from your phone some of the methods that we'll talk about does require you to expose some things out onto the internet but using a VPN which is private ensures that you've got a encrypted connection between you and your home lab your internal servers so that nobody can snoop on your network because it's screen ramble so we are going to talk about how to open up certain things on your firewall But ultimately you don't do that without a VPN because opening up some of these ports does expose your computer your home network out onto the internet and people can be snooping for that so just use a VPN whenever you can we will talk a little bit more about VPN towards the end of the video so we'll cover some of the main ways that you can do this and then we'll also give you some recommendations about how to access your home lab remotely but in a secure fashion first things first you need to establish and set up your remote access several ways you can do this including RDP do you have an internet connection probably yes do you have a private IP do you have an IP that is provided to you by your ISP by your internet service provider if you don't know ask your ISP you can ask for them to add a private IP into your maybe your like your monthly bill that you can actually then use that as the hop into your internal Network and if you want to make it even easier get yourself a host name get yourself a domain name go and register yourself a.com your name I've got my own emilio.aguero.net and then I can point that domain name to a IP address and then I could log in that way so as long as you've got a private IP address and it's pointing out to your router you now need to select the protocol that you want to use RDP using over ports 3389 you essentially open up a remote desktop terminal window on your computer if you're on a phone the phone you can download a RDP agent an RDP app onto your phone you then throw in the IP address in there you throw in your hostname you put in your username and password and you log in now what will be happening is it's going to be hitting your firewall your router your modem that is where the IP address is actually set up so I'm gonna try to hit that first how is that going to get into a computer well that's where you then move into port forwarding but sometimes it's not a good idea to be exposing the RDP Port out to the internet because there are bad people out there scanning the interwebs looking for open ports and then they're going to try to log in over and over and over again just be aware of that the other option would be VNC VNC is very simulates another protocol you have a VNC agent and then you can V and C into your device that way using the IP address or the hostname port forwarding what are we talking about right here so if you're using RDP or VNC to access your home lab you're going to need to go and configure your router to forward the relevant ports to your home lab computer main router in your environment you need to log into that there's going to be a section in there talking about port forwarding it may be called something different depending on the make and the model of your home modem router a device is going to try to connect to that private IP address perhaps using Port 3389 so when you're trying to connect to 3389 over the Internet it's going to hit your router and it's going to go ah I'm getting a 3389 connection what do I do with this well what you do is on the port forward you say anything that is hitting three three eight nine forward that traffic to an internal IP address which is your computer in your home lab you do the same thing with VNC if you are concerned about privacy for example when it comes to VNC and RDP and exposing these out to the internet you could also mask that connection so for example you could have somebody trying to connect via an RDP agent and then they can just put a colon at the end with a different port maybe they put a three three eight eight port in there instead that Port is not going to be used as often and maybe not as often scanned out on the internet and who's going to know that 3388 is actually talking to an RDP connection the router will receive a connection incoming from this port 3388 anything that's coming from Port 33 a eight eight forward it to port 3389 to this IP address or to this host name which is your home computer you could also use TeamViewer TeamViewer is a free application go and install TeamViewer on a computer on a server in your home lab you get TeamViewer on another computer outside on the internet and that's probably the easiest way because you don't have to open up anything really on your router as long as there are two team viewers on either end you have a encrypted connection between the two and then you can log in Via TeamViewer that's probably the easiest and most simplest way to do it make sure you've got strong passwords of course if you're going to be connecting to a Windows computer you want to have a very very complicated username and password so that it's not very easy for somebody to crack it if they're attempting to get in if you can use multi-factor authentication use it and of course if you can use encryption use encryption such as a VPN set up your own VPN at home and then actually use a VPN client on your phone on your computer to then VPN in to your computer and then you've got an encrypted connection into your computer you can then RDP in you can then do whatever you want because it's as if you are connected directly in your home lab over a VPN a VPN that I love a VPN that I use all the time is nordvpn yes there's a whole bunch of free ones out there but the free ones honestly are not very good they're not reliable they throttle your connections and you can actually worse performance sometimes from some of these freebies and I don't recommend them at all so nordvpn you've got to go get it and they've got a deal right now for my viewers where you get a bonus three months of nordvpn and a discount you sign up for two years 63 off which is awesome so you've got to go get nordvpn check out the link Down Below in the description of this video and make sure that you are safe when you are online and then the most important thing that you could be doing is now that your home lab is exposed out to the internet monitor your home lab make sure that things are looking okay make sure that you've got monitoring software on your home lab computers you've got a firewall in there use it only allow specific traffic in to your network that you control if you don't know about how to understand Windows logs or logs on a Mac or any other computer that you're wanting to log into go and learn about that go and learn about what sort of logs are available for specific protocols you can actually see the activity that is taking place on there something that is really helpful full is to actually have like a jump box or a jump server like a remote access server a server that almost acts as the entry point into your network the last last thing that you want to be doing is exposing your home lab and all these beautiful servers that you've been building out to the internet what you could do is you could set up a dedicated jump box almost like a hop into your network but then that is completely isolated from everything else it could be behind a DMZ firewall it could be set up in this completely isolated environment and then that acts as the next hop for you to then get access to a few more things but you sort of need to go through this secure jump box before you can get anything else now look I'm just going to say one more thing there are other ways that you can do this there are Services out there there are other apps that you can use out there that can sort of do this thing as well most of these are going to be paid and you may want to go and explore this we've just covered some things that aren't generally for free very easy to do for free go and check them out I love Tech hopefully you love Tech too we talk about at all things Tech stay tuned for the next video we're going to continue doing that we'll see you then

Info

Channel: Tech With Emilio

Views: 8,360

Rating: undefined out of 5

Keywords: emilio aguero, how to access home network remotely, how to access a network drive remotely, how to access home network remotely vpn, how to access network remotely, how to remote access a computer from different network, how to access home server from anywhere, how to access home network from anywhere, how to access home computer remotely, access homelab remotely, how to remote into your home computer from work, how to remote into another computer, access homelab from work

Id: OdZHh3Zj34c

Channel Id: undefined

Length: 10min 40sec (640 seconds)

Published: Mon Jun 19 2023