Remote access to home resources via KeenDNS using NAT rules
Keenetic routers allow remote access via the standard HTTP and HTTPS web protocol from the Internet to web resources (web applications) on your home network via the KeenDNS domain name service. This is possible even if you don't have a public IP address to access the Internet on your router.
The following steps are required for the setup:
Select a free KeenDNS domain name in the router settings and configure the service in the 'Cloud access' mode;
Allow access to the router's web interface from the Internet by enabling the corresponding option. This setting automatically allows access to the router's web interface and other web resources on your home network.
Important
Cloud service ('Cloud access' mode) supports only the protocols below:
HTTP on ports
80
,81
,280
,591
,777
,5080
,8080
,8090
and65080
;HTTPS on ports
443
,5083
,5443
,8083
,8443
и65083
.
If you are using a port number for a web resource not from this list, you can do the following:
Set up a mapping from a supported external port number to a random internal port number (e.g.
8080
to8123
);Change the port number on the host to a supported port;
Use access via fourth-level domain.
Let's look at an example of configuring remote access to the interface of a popular open-source Home Assistant intelligent home application (running on port 8123
) on a home network.
Similarly, you can set up remote access via HTTP protocol to any device on your home network with a web interface (a webcam, network drive, router, server, etc.).
The configuration will be done through the router's web interface.
First, you need to register the devices to which remote access will be given on the router. For more information, see the article 'Connected devices registration'.
Go to the 'Port forwarding' page and create classic port forwarding rules for the external interface to the desired devices.
Important
Since the classic port forwarding mechanism is used, it is impossible to forward the same access port to different devices, unlike the configuration via a fourth-level domain. Suppose the router's web interface is accessible from the Internet on
port 80
, and you want to provide access to the web interface of a host on the local network, which also runs onport 80
. In this case, you need to do a port mapping (e.g. externalport 81
is translated to internalport 80
). In the case of fourth-level domains, this problem is solved because each host has its own domain name.You can then check access to the specified hosts. Although a private IP address is obtained from the ISP, access will be granted according to the defined rules.
In our example, the interface of the Home Assistant will be available at http://myrouter01.keenetic.pro:8080