Remote control in LAN

Headwind Remote can be used to control Android devices in a private network (without Internet access)

Remote access server in a private network

Cloud-based remote access services require your mobile devices to be connected to the Internet, which is not always possible. Many companies use private APNs, VPNs, or local networks so there mobile devices do not even have access to external resources.

Since Headwind Remote is a self-hosted service without cloud-based components, it can be deployed in a private network, and it will provide remote access to the Android devices to other users in that network.

The only issue of a private network is a HTTPS issue. Your (local) domain name requires an HTTPS certificate. Obtaining an HTTPS certificate for a local domain may be tricky.

Deploying Headwind Remote in LAN

For LAN-based deployment, we recommend using Headwind Remote Premium because it supports any HTTPS certificate (not only a free LetsEncrypt certificate).

We suggest the following deployment flow:

  1. Temporarily expose the Headwind Remote domain name in Internet.
  2. Purchase a certificate (for example, Comodo PositiveSSL) for a longest possible time span. To our knowledge, this kind of certificate can be purchased for 5 years. Make sure the root certificates are also valid within that time span! Note that a free LetsEncrypt certificate won’t work because it requires renewal each 3 months.
  3. Deploy Headwind Remote on a domain connected to Internet using this certificate (see README.md how to use a custom certificate chain), and make sure it is working well.
  4. Move the Headwind Remote host into your LAN.
  5. Set up a private domain name server (DNS) in your LAN so the Headwind Remote domain name now points to the local IP of the Headwind Remote host.
  6. Restart Headwind Remote by running ./install.sh in the project root directory.
  7. Test the Headwind Remote work; now it should work well in your LAN.

Is SSL required?

Note that it is not possible to get rid of the secure layer. Headwind Remote uses WebRTC which requires SSL so you need the certificate anyway, even if you decide to use plain HTTP (not recommended for security purposes!).