As far as Indiana Jones is concerned of the Holy Grail he only sought one, us appWe are looking for home automation enthusiasts two: automation e remote control. On this occasion we will focus on the second, remote control, one of the aspects that, combined appanointed for automation, it reveals the true value of modern home automation.
In fact, a widespread common place is that, when it comes to home automation, we do it with the sole possibility of manually checking - and on site - the various home automation devices present in the home environment. True but incomplete: the main value lies elsewhere.
By remote control we mean the ability to control the domotic environment outside the profirst network Wi-Fi/ LAN, or (it goes without saying) when you are not physically on the site, or home proere. Sensori, actuators, devices: any domotic component is certainly very useful if harmonized in the profirst home automation, but it is even more so where it can be controlled “from afar”, perhaps automatically.
When we were kids our parents gave us long vacation periods away from home, typically from grandparents, who lived there hundreds of miles from home. Our mother lived those long periods away from cause with a certain one appration, anxiety: "and if a pipe breaks?","and if the thieves enter?","will I have shut off the gas?". And so on, for a long time, every time, every vacation.
A home automation with remote control would have it certainly helped - and would have helped us live longer nightsnamente. Certainly, today everything is simpler and economically sustainable and feasible. Remote control means being able to connect to propri devices as being physically present, using the Internet as a channel to reach the "brain" of our home.
The scenarios change based on the final management tools that we have given ourselves and the policy of integration and harmonization that we have implemented for our personal home automation. We will see two typical cases, describing them briefly. If certain concepts didn't sound familiar, don't worry: approwe will merge, with specific focus, later.
Android and mixed environments
If I follow this site, I agree with its uncompromising position with respect to an integrated and harmonic domotics (ie with a single "logical collector" within which all the various components live and coexist, regardless of the proproducer and technologies) and if I have an ecosystem of heterogeneous final management systems made up of devices Android (but also Appthe e Windows), then I will certainly have implemented Home Assistant (or as an alternative, openHAB or Domoticz).
If this is the scenario and the need is that to remotely control home automation (for example, wanting to manually turn on the air conditioner when leaving work, so as to find a pleasant temperature when you arrive), then the roads are two, and rather traditional: the “port forwarding"Or a"VPN"
There is also a third way, but let's get there by degrees.
First of all: what is the address of my house?
Connection providers frequently change the public IP assigned to our router, thus creating the need to implement the service DDNS, or a technique for which the IP (variable) of the router can be automatically assigned to a name (eg. casamia.duckdns.org).
Assumed what the address is, now we need to connect. To make this possible, there are several approcci.
The "port forwarding"Is a technique for which it is possible to indicate to the home modem / router (which simultaneously manages the internal and domestic network, and the traffic to and from the outside, ie the Internet) which requests made from the outside should be turned inside and to whom, specifically (for "who" we mean "as an internal device, and on which door").
In the scenario where it is implemented Home Assistant, therefore it will be enough configure port forwarding tohost that hosts it (Raspberry?) and a specific door (in the case of Home Assistant 8123), then configuring theapp mobile of Home Assistant to the home address (and related door) I can finally check mine personale HUB.
"VPN"Instead stands for Virtual Private Network: through this technique we can connect directly to the local network of our environment as if we were in effect a host of that network, as if we were physically interconnected. To achieve this, you must necessarily be equipped with a modem / router that supports this service or configure a host (always the same one that hosts Home Assistant?) in order to provide us with it.
"Port forwarding" and "VPN" for home automation control present pro It is against.
"Port fowarding" is very simple to implement. Against, exposes theHUB and the home network for external attacks, malicious, which could allow the attacker full control of our home automation and more. This could be mitigated by the use of encryption (SSL) and a secure configuration of Home Assistant, but the possibility remains (limited, but existing) that a possible software bug leaves us with a potential (albeit limited) danger. "Opening a door" on the modem / router is always a potentially dangerous option: it's like living on the first floor and perpetually leaving a finestra (or rather, a door) open.
at "VPN"Is safer: it allows us, through encryption and tunneling techniques to access privately to the entirety of our network. It is a system considered safe, especially if delivered directly by the modem / router. In the absence it would be necessary to configure theHUB as a VPN server, which would require a "port forwarding" configuration (on specific ports, different from those that would open to reach Home Assistant as from the first scenario) to use the service.
The VPN is more secure, but also more complex: one time pronta, to connect to the home network it is necessary to configure the device (computer, iPhone, Android, whatever) to connect first to the VPN, using the Internet connection. At that point, once you were on the home network, you would control the home automation exactly how to find yourself at home.
In these two scenarios, any preconfigured automatisms linked to the GPS position (eg. "when I leave work, automatically turn on the air conditioner") Would only work using port forwarding, because in that scenario theappmobile communication Home Assistant is always able to talk to home automation as it is connected to it via the Internet in a conventional way; instead, via VPN, home automation it is reachable only when connecting explicitly via VPN.
In practice, so far: for maximum flexibility, use "port forwarding"; for the maximum security possible, the "VPN".
It exists, as we mentioned, a third scenario, which introduces the benefits of closer security and the advantages of a direct connection to ours HUB based su Home Assistant.
The combined use of mixed techniques (which we will address later in a specific technical focus) allow, through the use of services such as Let's Encrypt e DuckDNS to equip ourselves with a cryptography and a system that allows us to safely reach our installation Home Assistant, and without opening ports on the router.
For Home Assistant, we have dedicated a detailed guide to secure it safely.
As usual, when it comes to areas 100% Apple Things change. The scenario described above is in fact valid for a mixed area, with Android alone or surrounded by devices Apple, Windows and the more you put it.
If you only have management tools Apple, a certainty will almost certainly have been implemented personale HUB based on Homebridge (perhaps side by side with natively compatible domotic components Appthe HomeKit). Good: remote control features are already available in their entirety (without exception linked to the GPS or other) through theapp Appthe "Houses". The only thing you need is a device (choice between iPad and Appthe TVs) to leave at home forever which face is a "bridge": all communications to and from home automation will pass directly from the home network to the cloud Apple, or iCloud, and from there to and from the final management devices that we carry with us, typically iPhone eiMac (from the version of macOS Mojave up). All in a "safe" way, understood as "encrypted".
This is a very practical system, because it completely relieves the user of all the configuration and security issues mentioned above. No need to configure SSL certificates, DDSN, port forwarding, VPN: none of this. On the other hand, it is necessary to always have the “bridge” device at home that guarantees the accessibility, via iCloud, of profirst home automation.
The only potential risk in terms of safety (when we talk about risks of this type we always talk about potential, more or less broad based on the more or less careful choices we make) is in the cloud Apple: if the user through which he authenticates to this environment is weak (a password too simple, or a two-factor authentication not activated), then an attacker could pretend to be the legitimate pro-owner and enter its cloud, with obvious repercussions not only on the security of domotics but on how much is published, everydaynamente, on the cloud. The second potential security risk lies in the cloud itself Apple: if it was "pierced" by the bad guys, the above would apply. The reputation of those who offer us certain services is important, but it is often not the only thing that matters.
This eventually opens up debates on a much more ambitious discourse related to the security of the systems we use every day.
If you do not have a device Appto leave at home to obtain the "bridge" functionality, the possibility of implementing a "VPN" (as above) returns. In this case we bid farewell to automations, which "live" in the way Appthe, in theapp "Home", which must be perpetually connected to the home network.
If for the proinstead, personal home automation has chosen to implement a personal hardware HUB How athom Homey, things are certainly simpler, a lot compared to a personal HUBsoftware (Home Assistant, openHAB etc.), enough with respect to the world Appthem.
athom Homey in fact it is an autonomous component that, once installed at the profirst dwelling, acts as a whole personal HUB(therefore as integrator between various components, solutions and services) and it is autonomously able to provide remote control support Through the proman appmobile communication Homey (For Android e iOS). Unlike the personal HUBsoftware does not need special technical configurations; compared to Apple, it does not need other "bridge" devices to be in contact from the outside.
Without any doubt Homey to date it appears to be the most practical of remote control solutions for the profirst personal domotics, although certainly not the cheapest.
NO HUB PERSONNEL
If you decide not to introduce un personale HUB in profirst home automation, we must fundamentally make do. As abundantly explained in the guide to final management systems, basically all of them procomponent manufacturers present At least one'appmobile communication (for Android and iOS) such as to configure and control i propri devices. Many offer also a cloud service (for example ITEAD, proproducer of our beloved line Sonoff Smart Home) such as to remotely control its devices. This cuts the bull's head a little: if I want to control a device, apro its app And that's it.
The cons, however, are varied, and serious:
- aunt applicenses, many registrations and passwords on different portals, so many interfaces to remember;
- in the absence of an Internet connection the devices will not work, even if you are physically at home (see i Sonoff Smart Home unmodified);
- as the number of registrations on the various clouds increases producers, dramatically increases the possibility of losing "hole" proyour account or the cloud to which you rely (in a pure act of faith) - and therefore see yourself being controlled by a third party profirst home automation, to say the least;
- but, above all, it is not possible to define complex automatisms between domotic components of prodifferent drivers.
At the end of the fair, the best user experience users live today Homey, because the is enough for him proprio HUB to manage everything. That said, even users of "mixed environments" can achieve more than adequate results, subject to the implementation of a personal HUBand then the choice, well thought out and implemented, between "port forwarding" and "VPN". If the automatisms related to the GPS do not interest, a "VPN" is advisable, while alternatively the implementation of a "port forwarding" remains. Users Appthey win in half: things work properly, but for the remote control a "bridge" device is always present in the house.
|ATTENZIONE: remember the existence of our community FORUM for any doubt, question, information on the specific merit of the contents of this page and much more.|