Private vpn from phone to Mikrotik. Access to the smart home from anywhere.
It is not very convenient to build a smart home and not have access to it from anywhere in the world. There are several ways of remote control: telegram, HA cloud, direct access via a router, VPN to your home network. We will talk now about the last method.
This is a translation of my article in Zen. Also, do not forget to read us in other services: Instagram, telegram (RU, EN, DE). Medium, LiveJournal, YouTube.
More information about telegram in home assistant was described here:
Notifications in telegram from a smart home (RU);
Telegram: talking to a smart home (RU);
Quick responses of the bot in Telegram (RU);
Control the light in a smart home via Telegram (RU);
Why a VPN? Firstly, it is quite safe. Secondly, we get access to the smart home, remote desktop, cameras, ftp… Third, it will provide us with security in public networks.
For implementation, we need any mikrotik and a white ip address (you decide the issue with your provider). My current provider allows you to enable the service only by calling support. If the IP address is white, but dynamic, then we connect the ddns service.
The result will be the ability to get into the router by ip address or by DDNS name.
Next, go to the PPP menu and select the PPTP server. We allow it and select the mschap2 authorization
Next, we need to create a client. Go to Secrets and click Add new. On the page that opens, enter the name and password, enable the user, select the pptp service, change the profile to default-encryption, and set the ip addresses from a free pool in an unused subnet, for example, 192.168.0.1 and 192.168.0.2, and click ok.
Next, you need to configure the phone. I give my example below. Settings → VPN → add new → enter the name/password and click save.
As a result, everything should work, after connecting the Internet will go through a VPN, but the local network from the phone will not be available after that. Let’s fix it. Let’s go to the “interfaces” section and add a new one. In the new menu, we will activate the interface, select the LAN type and select our VPN as the target.
Now local addresses are available via VPN. Video surveillance and a smart home, as well as everything else from the local network, have started working.
And that’s all, subscribe, likes, repost… And we will soon be a small lottery ☺.
