SageTV Community  

Go Back   SageTV Community > General Discussion > General Discussion

Notices

General Discussion General discussion about SageTV and related companies, products, and technologies.

Reply
 
Thread Tools Search this Thread Display Modes
  #1  
Old 06-11-2022, 01:53 PM
KryptoNyte's Avatar
KryptoNyte KryptoNyte is offline
SageTVaholic
 
Join Date: Dec 2006
Posts: 2,678
VPN tunnel?

Is there a fairly simple and inexpensive way to setup a private and secure VPN tunnel from one home to another home (connected via Internet) by purchasing a couple routers and configuring them to work in this way? Can a user purchase a pair of routers pre-configured for this to some degree?

I'd like to do this without purchasing a service, or using a free VPN service otherwise if possible.
Reply With Quote
  #2  
Old 06-12-2022, 06:46 AM
UgaData's Avatar
UgaData UgaData is offline
Sage Aficionado
 
Join Date: Sep 2005
Posts: 438
You can look at OpenVPN. Weather it can be pre-configured on a router , not sure,. Several router manufacturer's do support OpenVPN on the router. Dynamic DNS is supported for the endpoints.

https://openvpn.net

Site to Site info
https://openvpn.net/solutions/use-ca...e-to-site-vpn/



WireGuard is another. I don't believe Dynamic DNS is supported at this time (only IP address for endpoints - potential problem if ISP isn't suppling static IP)

https://www.wireguard.com

Several others showed up while searching, but I have no experience with them.
__________________
"Unencumbered by the thought process"

The only constant in the Universe is change.

Last edited by UgaData; 06-12-2022 at 10:50 AM. Reason: add OpenVPN Site2Site info
Reply With Quote
  #3  
Old 06-12-2022, 02:16 PM
KryptoNyte's Avatar
KryptoNyte KryptoNyte is offline
SageTVaholic
 
Join Date: Dec 2006
Posts: 2,678
Thanks for the info, I will check them out!
Reply With Quote
  #4  
Old 06-13-2022, 09:27 AM
wayner wayner is offline
SageTVaholic
 
Join Date: Jan 2008
Location: Toronto, ON
Posts: 7,401
I run Open VPN on the same unRAID server that runs SageTV and it works well to allow me to access my system when away from home on either mobile devices or individual PCs. Not sure how do this in a tunnel configuration where you have two LANs that you want to connect together.

edit - Here is info on how you do site-to-site VPN routing using OpenVPN https://openvpn.net/vpn-server-resou...ned-in-detail/ . There is an OpenVPN forum and an OpenVPN sub-reddit that may be able to help.
__________________
New Server - Sage9 on unRAID 2xHD-PVR, HDHR for OTA
Old Server - Sage7 on Win7Pro-i660CPU with 4.6TB, HD-PVR, HDHR OTA, HVR-1850 OTA
Clients - 2xHD-300, 8xHD-200 Extenders, Client+2xPlaceshifter and a WHS which acts as a backup Sage server

Last edited by wayner; 06-13-2022 at 09:32 AM.
Reply With Quote
  #5  
Old 06-13-2022, 01:19 PM
Zogg's Avatar
Zogg Zogg is offline
Sage Aficionado
 
Join Date: May 2011
Location: Frisco, TX
Posts: 398
I use WireGuard on my laptop and Android phone to get back into my home system. Both SageTV and WG are running on UnRaid server. It works well, and starting the VPN connection is very simple.

I've never looked into doing point-to-point but I'd be surprised if it wasn't supported.
__________________
-----
AMD Ryzen 5 3600, B450 m/b, 32Gig, lots of disks, Unraid, 2x HDPVR2 tuners, HDHomeRun Prime, HDHomeRun HDHR4 OTA, Windows Live Tuner, SageTV docker, OpenDCT docker, Win8.1 VM, EventGhost
Reply With Quote
  #6  
Old 06-13-2022, 04:22 PM
MattHelm MattHelm is offline
Sage Icon
 
Join Date: Jun 2005
Location: Chicago, IL
Posts: 1,208
Might look at Hamachi.
__________________
Server #1= AMD A10-5800, 8G RAM, F2A85-M PRO, 12TB, HDHomerun Prime, HDHR, Colossus (Playback - HD-200)
Server #2= AMD X2 3800+, 2G RAM, M2NPV-VM, 2TB, 3x HDHR OTA (Playback - HD-200)
Reply With Quote
  #7  
Old 06-13-2022, 08:59 PM
Striker:WG Striker:WG is offline
Sage Aficionado
 
Join Date: Oct 2008
Posts: 447
All you need is two old PC's with two network cards in each PC.

Install pfsense on each PC. pfsense is a free router application that runs openvpn (among many other services).

You replace your existing router with the pfsense boxes at each site and configure a site to site VPN between the two pfsense boxes.

You might need to sign up for dynamic DNS through duckdns if you want to keep it free, that way if the public IP addresses change your VPN tunnel won't need to be reconfigured.

Lots of YouTube tutorial videos and a good support community both exist to help you get started. Definitely worth checking out.
Reply With Quote
  #8  
Old 06-14-2022, 10:31 AM
sic0048 sic0048 is offline
Sage Icon
 
Join Date: Nov 2007
Posts: 1,381
I'll throw in my 2 cents here - although it is pretty much repeating what others have already mentioned........

As already noted, you should be able to host your own VPN connection for free. (This is different than the free/paid VPN services you see online that want you to route your data through their service to protect your location, identity and data).

I would say many consumer grade routers now support a VPN server on their hardware. They usually use OpenVPN for this, but I'm sure there are others as well. Once you get the server set up on your hardware and create a crypto key, then you "export" that key to your mobile devices. You'll then use a VPN software on each device (OpenVPN again is usually the most common option) and "import" that key. You'll set up the rest of the settings/options based on what you choose when setting up the VPN server (user name, password, port# ,etc). You can also set up a more permanent VPN connection between two sites which is really what you where asking about in the OP. I have this type of tunnel set up between my house and my parents house. It was original so that we could each backup important things offsite (they save on a drive at my house and I save to a drive at their house). But it also allows me to see a CCTV camera on my camera system even thought it is physically at their house. I can also connect to my SageTV server while at their house, listen to my music while at their house, etc, etc, etc.

Also as noted, you'll need to use a DynDNS service of some sort so that you can always point to a single IP address (of the DynDNS service) and the service will then keep track of your local network's public IP address and forward any traffic to that public address, even if it should change. Most consumer public IP addresses will change every month or so to prevent people from hosting business servers on them.

If for some reason your current equipment can't host the VPN service, I too would recommend that you look at pfSense. It's an open source firewall application that can be run on a variety of devices - physical and virtual. It's robust enough that businesses use it to protect their networks, but it isn't so hard to grasp that non-IT people can't set it up. There is a huge wealth of knowledge and guides/videos on line that can help you get one set up.
__________________
i7-6700 server with about 10tb of space currently
SageTV v9 (64bit)
Ceton InfiniTV ETH 6 cable card tuner (Spectrum cable)
OpenDCT
HD-300 HD Extenders (hooked to my whole-house A/V system for synched playback on multiple TVs - great during a Superbowl party)
Amazon Firestick 4k and Nvidia Shield using the MiniClient
Using CQC to control it all

Last edited by sic0048; 06-14-2022 at 10:36 AM.
Reply With Quote
  #9  
Old 06-14-2022, 04:57 PM
KryptoNyte's Avatar
KryptoNyte KryptoNyte is offline
SageTVaholic
 
Join Date: Dec 2006
Posts: 2,678
You folks really shared a lot of great information here. Thank you very much!

How do the free VPN options provide security? I know at work they pay hundreds of dollars a year to get updates on our VPN router.
Reply With Quote
  #10  
Old 06-14-2022, 10:32 PM
wayner wayner is offline
SageTVaholic
 
Join Date: Jan 2008
Location: Toronto, ON
Posts: 7,401
Quote:
Originally Posted by KryptoNyte View Post
You folks really shared a lot of great information here. Thank you very much!

How do the free VPN options provide security? I know at work they pay hundreds of dollars a year to get updates on our VPN router.
OpenVPN is Open Sourced, hence the name. It uses top level encryption so I don't think security is an issue. You are probably paying for support at work.

FYI, if you have higher speed connections in both directions you may not want to use Open VPN on the router as routers have less processing power than a typical PC. It may make more sense to run OpenVPN on a PC. My understanding is that VPN is somewhat resource intensive.

The downside is that you need to keep a PC up and running to handle the VPN. But if you have a server running 24x7 then you may already have that.

If you are running SageTV in a docker on unRAID then running OpenVPN in a docker is a no-brainer, at least IMO.

If you are using your ISP's router today then you may want to be careful about introducing third party routers unless you know what you are doing as it may screw up other service, like TV.
__________________
New Server - Sage9 on unRAID 2xHD-PVR, HDHR for OTA
Old Server - Sage7 on Win7Pro-i660CPU with 4.6TB, HD-PVR, HDHR OTA, HVR-1850 OTA
Clients - 2xHD-300, 8xHD-200 Extenders, Client+2xPlaceshifter and a WHS which acts as a backup Sage server
Reply With Quote
  #11  
Old 06-15-2022, 07:18 AM
sic0048 sic0048 is offline
Sage Icon
 
Join Date: Nov 2007
Posts: 1,381
Quote:
Originally Posted by KryptoNyte View Post
How do the free VPN options provide security? I know at work they pay hundreds of dollars a year to get updates on our VPN router.
I would be surprised if your company pays for VPN support by itself (although it wouldn't be completely unheard of - especially if your IT staff is small and your VPN needs are large). I suspect they are paying support for a more robust firewall appliance that also hosts their VPN connections. Even pfSense which has an open source option also has paid support models that many business pay for to ensure they can get immediate technical support if/when needed.
__________________
i7-6700 server with about 10tb of space currently
SageTV v9 (64bit)
Ceton InfiniTV ETH 6 cable card tuner (Spectrum cable)
OpenDCT
HD-300 HD Extenders (hooked to my whole-house A/V system for synched playback on multiple TVs - great during a Superbowl party)
Amazon Firestick 4k and Nvidia Shield using the MiniClient
Using CQC to control it all
Reply With Quote
  #12  
Old 06-24-2022, 08:12 AM
Galaxysurfer Galaxysurfer is offline
Sage Aficionado
 
Join Date: Jun 2009
Location: Calgary, AB CANADA
Posts: 383
re running your own vpn server

I know my trusty old asus router can be run as a vpn server. I'm currently only using it as a client though.

I use Asuswrt-merlin which has some extra tweaks over stock implementations.

For more info go check out

https://www.snbforums.com/

https://www.asuswrt-merlin.net/
Reply With Quote
  #13  
Old 06-24-2022, 09:16 AM
wayner wayner is offline
SageTVaholic
 
Join Date: Jan 2008
Location: Toronto, ON
Posts: 7,401
Routers can do this but they generally have pretty slow CPUs so you may not get great speeds over a VPN connection as it is resource intensive. That's why it can make more sense to use OpenVPN on your PC.
__________________
New Server - Sage9 on unRAID 2xHD-PVR, HDHR for OTA
Old Server - Sage7 on Win7Pro-i660CPU with 4.6TB, HD-PVR, HDHR OTA, HVR-1850 OTA
Clients - 2xHD-300, 8xHD-200 Extenders, Client+2xPlaceshifter and a WHS which acts as a backup Sage server
Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -6. The time now is 06:13 PM.


Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2022, vBulletin Solutions Inc.
Copyright 2003-2005 SageTV, LLC. All rights reserved.