REMOTE ACCESS VIA PROXY

HTTP and SOCKS5 (for SSH and VNC)

Using VPNKI, you can access your home network via a proxy server. To be precise, we have 2 proxy servers:

  • for HTTP connections – HTTP proxy
  • for any TCP connections – SOCKS5 proxy

Using HTTP proxy, you can access the web interface of your home device (server, web camera, etc.) from the Internet. Using SOCKS5 proxy, you can access your home devices over SSH or VNC (or many other TCP-based protocols).

 

To make proxy-based access possible you need:

  • a functioning VPN tunnel from your home network (where the target device is situated) to VPNKI server. Any VPN tunnel will do: PPTP, L2TP, L2TP/IPsec or OpenVPN
  • set checkbox “Use proxy-based access” on your personal VPNKI web page
  • a client (browser, SSH client, VPN client, etc) set up to use proxy.

Important! We enforce username\password authentication using any of your tunnels credentials. Unauthenticated proxy connections are rejected. Before using the service please make sure that your client software supports proxy authentications (especially if your intention is to use SOCKS5).

 

1. Barebones HTTP and SOCKS5 proxy service user guide

Upon setting the “Use proxy-based access” checkbox you will be assigned two TCP ports:

  • one for HTTP proxy
  • another one for SOCKS5 proxy

Write them down and configure your client software accordingly.

 ff http proxy 1 eng

2. Browser settings (generally applicable to any browser)

2.1. Open your browser settings and navigate to “Network settings” or “Connection settings” menu item.

2.2. Choose Internet connection settings

ff http proxy 2 eng

2.3. Type ams.vpnki.com and your HTTP port (from your personal page) in HTTP proxy field. In this example port 54505 is used.

2.4. Type an URL of your home device in the location bar

2.5. When challenged for authentication, use login and password of any of your tunnels and reach the web interface of your home device

As you have surely noticed the settings in your browser will direct your requests for all Internet sites to VPNKI proxy. But we don’t provide access to Internet through our proxy. Sadly most browsers are quite inflexible regarding proxy use exceptions (“Don’t use proxy for …”) and don’t support the scenario “Use proxy for home network, don’t use proxy for Internet sites”.

Because of that the setting you made will provide access to your home network, but disable your Internet access.

There are two possible remedies:

  • Use two browsers: one configured for your home network and another one set up for Internet access. But that’s far from convenient.
  • Use an additional browser plugin that provides granular control over proxy use rules. AutoProxy Firefox plugin is one example.

2.6. AutoProxy Firefox plugin. Here you have to a) specify the proxy server – ams.vpnki.com and the port from your personal VPNKI page …b) Create rule group and the rules that specify just the addresses that should be accessed through the proxy server. All other connections will bypass proxy. An example is provided below. In this example vpnki rule group has three rules (home network addresses) that will use proxy. IP addresses in the rules must be preceded by two pipes: ||.

ff auto proxy 1 eng

 

3. Setting up VNC client

3.1 We recommend using RealVNC VNC Viewer because it provides support for authenticated SOCKS5 proxy.

3.2. Set up VPN Viewer: specify ams.vpnki.com and your SOCKS port from your personal VPNKI page in the Proxy settings section.

vnc socks5 eng

3.3. Create a connection to your device private IP address and run it.