Connect to the RuneAudio from the "outside" of the local net

[elemeledutki]

Hello,

My question isn't RPI specific, but I have that HW. As I am logged to the same network as my RPI is I can control RuneAudio with no problems.
Can I connect while being not on the local network?

I have full access to the router (which has static IP btw), but have no clue on how to do that (I don't have enough "administrative" knowledge), but wonder if any port forwarding (or other tricks) could do the job.

My plan is to use specific URL (like MY.IP.XX.YY/runeaudio:1234)

Let me know if that is possible,

Tomas

[janui]

Hi elemeledutki,
From a security perspective Rune is not very secure, it was never designed to be so. It is designed to be used within a secure (home) network environment. If you were to try to set it up as you describe it would be a complex job to get the security issues right.
One possible way to do it would be to set up a VPN tunnel (google to understand the concept) between Rune and the outside world. I do not know of any implementations of VPN on Rune, so you would need to work out how to do this yourself.
Another possible way to do it is to set up rune in a DMZ on your router (google to understand the concept), what is important is that Rune never has access to anything inside your network, only to resources within the DMZ (no nas or shared files!). The DMZ can be accessed from inside or outside your network (only as a webserver, the other bits need to be switched off). Note that everything within the DMZ should be considered insecure and compromised, these components must never be reconnected to your home network without thorough malware control.
Personally, I would not even try it. Just one mistake and your whole network is open to the public, you need to be an expert to get it right.
janui

[elemeledutki]

Thanks!

The security issues are not a big deal in my case. I exchanged old windows based laptop playing some webradio stations (which I had to control via Teamviewer) with RPI (which I can control with mobile what is FAR more convenient)

In fact (in my case) RPI hosting RuneAudio is connected to an open WiFi (created by a dedicated router - in fact, everyone having a mobile may change the song played, or volume, or whatever - no big deal). I have a second router and second network (and second IP) which is a secured network (separated from the "open" one).

RPI plays only webradio stations, it is a "background" music (nobody listens to it, but the silence would be heard). The problem is when a particular station stops to play (or there are other circumstances) I would like to be able to change it to another. I am able to do it while I am on that local network, but I am not always. In such a cases an "alternative" access would be very appreciated:)

[janui]

Hi elemeledutki,
If you are physically close by the Pi running Rune I suggest you set it up with an access point. You can keep the password secret. If you need do something, connect via the access point. Normal access would be unchanged via the wired ethernet and your open WiFi.
If you have a Pi B3, access point runs out of the box with these images: runeaudio-0-4-beta-for-raspberry-pi2-3-t4434.html#p19960 and runeaudio-0-3-beta-for-raspberry-pi-t502-520.html#p23625
For other Pi models you will need a suitable WiFi dongle, only a few work well with the access point function. See this thread: rpi-runeaudio-wifi-as-accesspoint-control-t972.html#p5813
If you are not close to the Pi running rune then obviously this will not work. Unfortunately, my knowledge of safely setting up routers to port forward (or something like that) is too limited to help.
janui

[elemeledutki]

Thank you, janui

I am running newest RPI (ver 3 I guess, with wifi and BT onboard) and the image I used had "04" in its name, but don't know if it was the one you suggested. I am not going to flash that one, as the RPI + RA works ("do not fix whats not broken":))

I would rather look for a solution on more "network-oriented" forums, as my question is not strictly RA specific...

I will comment if I find any working solution.

thanks!

[hondagx35]

[elemeledutki]

Thank you Frank,

In the meantime, I asked for help on "network-oriented" forum and they helped me in a similar way.
I set a static IP for RPI3 (based on its MAC address) and did a port forwarding (outside 8033 (in my case) to internal 80 on IP set previously for RPI3).
Now I can connect to the RPI3 (RuneAudio GUI in fact) using http://my.ip:8033. Simple, yet effective.

Works like a charm, exactly what I needed

THANKS!