Hi, is there anyone who successfully made HR app working outside the local network. ?
I haven’t done it yet, but there is a great thread that discusses switching between lan and remote access here Has anyone been able to switch between local and remote access? You would first need an external static ip and port forwarding set up for all non-cloud based devices.
Depending what connection and/or equipment you already hae, you might be better off going down the VPN route though.
@Mark_Manning I don’t have experience with VPN, only using external static ip provided from ISP. Can you suggest one and give the nuts and bolts on how to do it? I have other locations where the ISP doesn’t offer static ip and this would come in handy, plus I’m sure it would be a big help to other forum readers.
You would need to have a router capable of setting up a VPN. It’s getting more common with the new higher-end routers. Log into your router and see if you have vpn settings.
It’s definitely a nice feature to have. I can be anywhere, toggle on the vpn on my phone (android) or laptop, and it’s like I’m connected locally at home. No static IP needed since it’ll use your dns
Since Unifi access points tend to be popular with the smart home community, I’ll address that first - if you have them then rather than replacing your router you could install a USG behind it, switching your router into modem mode - although not every consumer router has it, it’s a lot more common than native VPN and it will add extra features to your WiFi network but you have to be careful which one you spec as throughput on the older USG models was woeful; also, despite the name, it is not a USG in the traditional sense as it’s missing a lot of security features, but it’s usually sufficient for home use. I’m including the Dream machines in this, by the way, as they include the features of the USG’s.
The next option would be the ‘what’s lying around’ option to see if you have something you could flash DD-WRT on, as although it’s a little effort, it will (possibly) give you VPN at no cost. I generally don’t recommend flashing your only router, in case you get left with the postal service as your only means of communication, but if what you have lying around (or can scrounge) is worse than the router you’re currently using (either in terms of hardware spec or available guides for DD-WRT or similar firmwares) then try getting it working as a ‘backup’ before flashing your current router.
Failing that, you can either buy a dedicated router with VPN functionality or something to sit on your LAN (and forward ports to). Something like a Synology or QNAP NAS will give you VPN capability whilst adding other benefits (always on storage, backup location etc.) - unfortunately what’s best for one won’t be best for others, so I’m not deliberately being evasive 
If you let us know what you already have (Router model, provider, broadband type, any other significant equipment) then we can see if there’s something you already have which could do it.
My ISP is AT&T which requires their router BGW320-500 which I put into bridge mode. Behind that I have a Netgate sg-3100 pfSense appliance which does my routing and then I have Unifi access points for wifi. PfSense has a menu for VPN which has three options: IPsec, L2TP, and OpenVPN.
That’s a proper setup for a house!
This will go through the setup on the PFSense box
and then for your phone or tablet:
Ok cool, thanks for the starting point!