Password protected remote access to a device with open Web UI via KeenDNS
Sometimes it may be necessary to remotely access some home network device with an unsecured web interface that does not support login and password authentication (e.g. the web interface of a 3G/4G USB modem).
It is not safe to open remote access with KeenDNS to such devices. For this purpose, the KeeneticOS operating system can enable authentication by Keenetic when accessing such devices remotely.
You can use this authentication not only for remote access to a home network device with an open web interface but also for devices protected by their own authentication system. In this case, dual authentication to the device will be used, increasing security for remote access.
Starting with KeeneticOS 3.7
, it is now possible to enable authorized access through the router's web interface in the 'Domain name' menu under the 'KeenDNS' tab in the 'Access to web applications running on your network' section. Here is an example of such a setting:
When you open the address qnap.myrouter01.keenetic.pro
in your web browser, you will see an authentication window. Only after you enter the username (admin) and the appropriate password will Keenetic forward your request to the device's web interface. In this example, to the QNAP NAS.
Information on how to use the KeenDNS service and level 4 domain names can be found in the following article: An example of remote access to home network resources with KeenDNS.
For routers with KeeneticOS 3.6
and older, this authentication access is only available via the command-line interface (CLI) with the following commands:
ip http proxy {name} auth
— enables authentication, where{name}
– the level 4 domain name you specified in the KeenDNS access configuration.user {name} tag http-proxy
— allows user{name}
to login to the HTTP proxy (which the Keenetic acts as).
For example, the name 'qnap
' is used as the level 4 domain name (qnap.myrouter01.keenetic.pro
).
We will use the Keenetic administrator account (admin
) for authentication. In this case, to enable authentication for remote access to the web interface by Keenetic, you need to execute the following commands:
user admin tag http-proxy
system configuration save