ConnectBot

You can use ConnectBot

(https://play.google.com/store/apps/details?id=org.connectbot)

on your phone to bridge from the android clients (like the DscKeypad or the CT-30 Thermostat) to the managed devices within your network. You'll need to configure your router to expose the devices outside your firewall, and a DDNS to find your network from your phone while you're on the road. Don't forget additional data charges may apply if you use the phone network. You can access your devices over public wifi safely by using the DscServer or the SSH client.

Overview

  • Create a personal certificate/key used for secure access
  • Install ConnectBot or equivilent on phone
  • Install an SSH server on a PC or capable router (e.g. DD-WRT)
  • Setup port forward in router: non standard port to port 22
  • Create account in SSD server
  • Set up port forwards in ConnectBot on phone
  • Configure applications to use port forwarding

To Install ConnectBot or equivalent on phone:

  1. Create a public key
    1. Start ConnectBot
    2. Menu, "Manage Pubkeys", Menu, "Generate", use RSA, the rest is up to you
    3. Long press key, choose "Copy public key", exit
    4. Send as email, text, or otherwise get it to wherever you manage your SSH server (usually your PC account)
    5. Setup account using your account name, host name and port (as per your SSH server) as indicated in the main ConnectBot screen
    6. Setup port forwards
      1. long click on the account
      2. "Edit port forwards", "menu", "add"
      3. choose a nickname, type is local
      4. Source Port: the port used by the application you are going to forward, e.g. 4025 for envisalink, 4080 for the CT-30. This needs to be an unused port on your phone.
      5. Destination: the internal IP address on the remote system you are going to access, e.g. envisalink:4025, or 192.168.0.112:4025 for the envisalink, or http://192.168.0.100:80 for the CT-30
      6. "Create Port Forward"
      7. You're done. Hit back, select the account to connect, then "home".
      8. Open the app you wish to use and configure it to use the local port with localhost:port, e.g. localhost:4025, or http://localhost:4080 for the CT-30

The DscKeypad allows for two connections to be defined, one for access over ConnectBot, the other for direct connection within your private network. Use settings>Envisalink>Connection Type to switch between them.

The CT-30 thermostat application allows the definition of multiple thermostats using settings>Thermostat Addresses. Configure two addresses (if desired), one from within your local network (e.g. http://localhost:4080) and the other through ConnectBot (e.g http://localhost:80). You can use multiple widgets as well to see the thermostat address.

After securely logging the client into the remote SSH server, the connection works by having the SSH client watching for connections on the local system (your phone) to the ports defined as port forwards. Any data sent is encrypted and routed through the SSH server, decryped, then forwarded to the target internal address. Data sent internally from those devices is routed back in the same direction.