Here is a quick (Totally from memory) list of the steps to follow. Note that if your hikvision DVR does not support IPV6 that it will still not be accessible. I’m not sure of your tech/linux comfort level, but if you have ever used linux this should be very simple. Note, prior to performing the below you need to establish a FREE account at https://dynv6.com 1. Download the latest and greatest image of raspbian from https://downloads.raspberrypi.org 2. Follow instructions for burning the image to an sd card (google for your os) 3. You will need to place a blank file called "ssh" in the root (top level directory) of the sd card AFTER you burn the image (note you may have to remount the sd card to see it on some os's). This will enable us to ssh headless into the pi. Also note that the file should have NO EXSTENSION (.txt etc). 4. Connect the pi to your home router via ethernet, the pi will dhcp and you can obtain the ip address from your routers assigned dhcp screen. You should setup your router to always hand this mac address this IP, but thats not covered here. 5. SSH into the pi (on windows you will need a terminal like putty, on osx just use terminal). $ ssh pi@your.ip.address.here 6. You will be prompted for a password, by default the password is "raspberry" 7. Change your password $ passwd 8. You will be prompted to enter a new password, choose wisely as the pi will be publicly accessible 9. Get your pi up-to-date with patches etc $ sudo apt-get update $ sudo apt-get dist-upgrade $ sudo rpi-update 10. Reboot your pi $ sudo reboot 11. Reconnect from your terminal $ ssh pi@your.ip.address.here (note use the pw you set) 12. Since were public accessible lets change the default port for ssh $ sudo nano /etc/ssh/sshd_config Comment out the line that says "Port 22" by placing a hash in front of it like "#Port 22" Below that line add "Port 12345" where 12345 is a port number you choose $ sudo service ssh restart $ logout 13. From your terminal reconnect, note the new port number $ssh -p 12345 pi@your.ip.address.here 14. Lets install the dynv6 DDNS script $ git clone https://gist.github.com/corny/7a07f5ac901844bd20c9 $ cd ~/7a07f5ac901844bd20c9 $ cp dynv6.sh ~/ $ cd .. $ sudo chmod +x ./dynv6.sh 15. Edit the dyn script $sudo nano ./dynv6.sh Comment out the line "$bin "http://ipv4.dynv6.com/api/update?hostname=$hostname&ipv4=auto&token=$token"" Save and exit. This will prevent dynv6 from updating your NAT'ed ipv4, remember we only want the ipv6 16. The dynv6 script is now executable and we can test it by running $token=YOURTOKENHERE ./dynv6.sh YOURCHOSENSUBDOMAINHERE.dynv6.net 17. Add the script to cron to run every minute $ sudo crontab -e Add the line */1 * * * * /home/pi/dynv6.sh >> /var/log/dynv6.log 2>&1 Save the cron file and exit back to a prompt 18. Lets check the loggies and make sure it's working, it should run every minute (command below will read the log file in realtime) $ tail -f /var/log/dynv6.log To exit tail hit "control-c" 19. Your pi is now accessible via YOURCHOSENSUBDOMAINHERE.dynv6.net, you can test by using level3 looking glass, choose ping, check the box that says prefer ipv6. This will send the ipv6 handed out from your hughesnet modem to dynv6. Note that you will need to further customize the dynv6.sh script in order to parse the pi's public ipv6, extract the hughesnet delegated /51, and append it to your "stateless" address of your other device that you want publicly accessible. Regex will be your hated friend : ) I'm not going to cover hardening your pi here, there are plenty of guides out there on the internet, but at minimal you should at least install and setup $ sudo apt-get install unattended-upgrades # sudo apt-get install fail2ban
... View more