Using Balance 20 and StarLink -- I Want to access my home's LAN whilst away or traveling. (VPN/Port forwarding)

Product Discussion Peplink Balance
1

My observatory is at my very rural New Mexico home. I want to be able to get into my home’s LAN and access my astronomy observatory, weather station, NAS, etc. when I am traveling or otherwise away from home. StarLink is my only ISP option. It does not offer a fixed IP address.

I have the following WAN/LAN setup on the property:

StarLink (rectangular antenna), Peplink Router: Balance 20 (I haven’t turned off the StarLink router yet but I do not use it.)

In the house and outside I have several Access Points (UniFi). I have several switches to connect my wired LAN to various, cameras, computers, WAP, home entertainment, etc. So, the Wi-Fi and wireless LAN are on the same set of IP addresses. This all works well with the Balance 20 being my router.

Ideally, I would like to access this network whenever I am away. I don’t have an IPv6 address. As I read and hear about VPN services it seems as if 99% of the info is about private browsing, etc. but very little about what I want to do. In fact, except when I am accessing my LAN devices remotely, I do not want to go through a VPN if possible.

When I am on site (in my home) I access my observatory computer via remote desktop (All my computers are running Windows 10 Pro at the moment).

When I would be away, I would like to access my cameras, weather monitors, observatory computer, main house computer, my NAS (where I store the pictures I take with my telescopes’ cameras) just as if I were in the house. There are articles which seem to hint this might be possible, but I haven’t found a clear, concise recipe/roadmap to do so.

Any pointers, info, etc. would be much appreciated, let me know if there is any other information I can offer.

Thanks!
Kevin

2

Hi Kevin, you can use the InControl InTouch feature for this:

It will allow you to access all of your LAN devices including RDP without needing a public IP address.

Hope this helps.

3

Tim,
Will this work with a Balance 20, or do I need a newer device?
Reading the info on the website it doesn’t sound like using the computers on my home LAN, more like configuring them.

4

I bought a static IP from ovpn.com, added it as a WAN on my balance and then can use an openvpn client to connect to the balance via the static IP - which makes it look like my remote device is on my local network. It works almost flawlessly. I do run it over starlink. If i am taking a long trip i will test it before i go just in case. Sometimes the ovpn connection needs to be reset.

Worst case scenario - i put my balance on a smart switch that I can toggle remotely. A reboot of the balance gives me a fresh ovpn connection and then i am generally back in business.

5

Look into Tailscale, an overlay network built on top of WatchGuard VPN. It will do everything you want. It is free. And quite popular these days.

6

On their website, it appears no one has gotten it to work with Starlink

7

Which Peplink device are you using? Are you also using the PepVPN?

8

I am running a balance 580 and I am not using pepvpn. I do recall now that this required that I buy a license for openvpn for the balance ($20). With that you can create a virtual WAN that connects to the ovpn server via starlink and that is how you get the static IP. You can then setup inbound openvpn on the virtual WAN you created on the balance (in the remote user access menu) and use the openvpn app to connect your client. Hope that makes sense - It does work.

9

I see that lots of people have gotten Tailscale working with Starlink. Perhaps you can provide a url to what you are seeing on the Tailscale website about Starlink not working.

My research today indicates that occasionally people will encounter a “DERP relay” between two WAN nodes instead of a direct WAN connection to solve NAT transversal because a static IP isn’t publicly available. Additionally Tailscale uses IP addresses in the same 100.64.0.0/10 private network that Starlink uses in its own network, but apparently that isn’t an issue according to this reddit thread:
https://www.reddit.com/r/Starlink/comments/xdiq78/starlink_and_tailscale_vpn_any_tips/

That article points to Tailscale’s explanation of how it works, including DERP relays:

10

Here is one of the blog posts about problems: Subnet router no longer working on Starlink - #4 by guenther.wieser - Tailscale

Tailscale’s implementation might be understandable for an experience Network. Administrator or network engineer — I am neither.

I need to read more about those who have successfully gotten Tailscale to work reliably with Starlink. I am hoping someone has a step by step guide on how it works with Peplink devices.
Thanks