Hey all, so I am trying to figure out, why I can’t connect remotely to my router using Back to Home in some cases. I can connect from my mobile, but I can’t connect using my laptop via Ethernet cable not via some wifi connections. I’ve found a wifi connection that works but not on others. What might be the issue here ?
You must log in or # to comment.
I’d guess it’s one of two possible issues:
- Ports blocked by the network provider. Some networks will block outbound connections on all ports and then explicitly allow some of the common ports (e.g. 80, 443). Some will also allow slightly less common ports for corporate VPN connections (e.g. 500 and 4500 for L2TP). Based on the documentation for Back to Home, it looks like it uses WireGuard underneath. For MikroTik, that uses a default port of 13231 (source). If that port is blocked, outbound by a network provider, the tunnel would fail.
- Its always DNS. Based on the documentation Back to Home relies on a Dymanic DNS (DDNS) service. Some networks may specifically block DNS queries for well known DDNS services as a security measure. DDNS services were really popular with malware creators for a while and so DDNS services became a casualty of security configurations.
Hmm can’t be neither. My mobile works in networks where my laptop via Ethernet does not. But so far my laptop via WiFi only works on a specific network and not on others. I need some more tests and I also might try what the other user below said that I might try adding different shares for laptop and mobile phone.
At a guess, it’s could be the network you are connected to blocking ports. I don’t have Back to Home setup, and a quick search doesn’t turn up what ports it requires. But, it looks like it’s a special use case of WireGuard. And the MikroTik documentation states that the default for WirGuard on MikroTik products is 13231 (source). Some networks may be configured to block all outbound ports which aren’t the basic ones (80, 443). Some may also allow things like 500 and 4500 for L2TP, but that list could still be quite limited and not include 13231 or whatever port Back to Home is using.
Another possibility would be DNS issues (it’s always DNS). Back to Home seems to rely on some sort of Dynamic DNS (DDNS) system to associate your home IP with a dynamic domain (source). If the network provider you are connecting to is engaging in some sort of DNS fuckery, they may be blocking queries to known DDNS domains. This can often be done as a security measure, since DDNS services used to be in really common use by malware.
A while ago I decided that BTH only works well for 1 device (using wireguard at least) at a time.
I messed around and made different profiles (not sure of the actual name) for each device and that solved my problems.
Worth a shot.
Yeah I might try this too. But in any case I don’t use the same share simultaneously. Will look into it.
