We need to use so called Dynamic DNS (DDNS) to create and dynamically update a mapping between a chosen domain name and an “external” IP address of our Raspberry Pi (i.e. router IP address).
- Look for a DDNS provider.
- Register a new user account.
- Choose a desire domain name.
- Configure it on router.
Router's NAT hides all devices in the “internal” router network (LAN) from inbound Internet connections. To route “external” (WAN) connections to the Raspberry Pi we will employ port forwarding on a router. We will rely on Universal Plug and Play (UPnP) protocol to dynamically configure proper port forwarding rules.
sudo apt-get update
sudo apt-get upgrade
sudo apt-get install miniupnpc
upnpc -l
This command should:
- Enumerate all supported UPnP devices on local network.
- Display their internal- and external IP addresses.
- List their current port forwarding rules.
upnpc -e 'SSH on Raspberry Pi' -r 22 TCP
upnpc -e 'RDP on Raspberry Pi' -r 3389 TCP
Repeat process to other services on Raspberry Pi that we would like to port forwarding.
NOTE: most routers are not able to establish “external” connections from the internal network itself, so a separate Internet connection is needed to fully test the setup.
sudo nano /usr/local/bin/redirect.sh
#!/bin/bash
upnpc -e 'SSH on Raspberry Pi' -r 22 TCP > /dev/null
upnpc -e 'RDP on Raspberry Pi' -r 3389 TCP > /dev/null
sudo crontab -e
Add the following line:
*/20 * * * * /usr/local/bin/redirect.sh
It's not a good idea to forward the ssh port directly, it's better if you can remap it to a lesser known port to avoid attacks