Scenario - running private Allstar Nodes on the Mesh that generally aren't accessible by the outside world. However, there are times it would be advantageous to allow someone not on your local Mesh access to one or more of those nodes. Also (and for other reasons such as updating a computer on the Mesh) it might be useful to allow internet access to a specific node otherwise. Of course, right now the only option is to open the WAN Mesh wide.
Has any thought been given to this or am I shooting for the moon?
Has any thought been given to this or am I shooting for the moon?
The MiroTek haP Lite is your answer. There are Ethernet ports for your devices and an internet link. Every device plugged into it has internet access without giving internet access to the Mesh network. This is how I have mine set up in my shack. I use it for the workstations in my shack so that they have access to the Internet and the Mesh network without the mesh network having access to my internet access point. Port five also has 24 volt feed through for a POE device.
I get that (I'm running a hAP at my QTH now with Internet access on Port 1).
I'm talking about a node that is deployed remotely (for example on a mountain top) and the only wireless connection is to the Mesh. It would be nice to be able to tell my hAP to forward the WAN VLAN to that remote node ONLY without the entire Mesh having access
My local Mesh Network is a stickler about keeping Parts 15 and 97 apart
The hap lite in "setup" and "port forwarding and DHCP services" this can be done. Open a port from the internet to the Allstar Nodes on the Mesh.
I have a Raspberry Pi web server on the haP Lite for the mesh network that needs Word-Press updates. I opened port 21 on the haP and now my Pi on the mesh can get updates from the Internet. If you open the appropriate port on the inbound traffic from the Internet to the remote Allstar node then traffic from the Internet can access the Allstar node without allowing general access to the internet from the Mesh.
I hope this can help.
--
73 de Leo IZ5FSA
Unfortunately, http://www.privoxy.org/ isn't reachable but it does give me some ideas
N2JWC
In my hAP anyway..... I can only forward to IPs that are part of its DHCP pool. I don't see how to forward to a remote IP on the mesh.
I can of course get the repeater to talk to the network from the hAP but once I get out on the mesh I cannot get there. I have been trying to sort this out, still learning about AREDN. The future is to have AREDN nodes co-located with our DMR repeaters and at some point the public network becomes needed only for out of state linking. Of course that is still far off but we need to get started on testing the bits and pieces and start getting the parts that can link over AREDN to do so.