December 5, 2024

How Starlink Customers can Easily Get Remote Access to a Home Lab or Business Systems

Starlink customers in rural and remote areas across the globe appreciate finally having broadband-type services for their homes and businesses. For most of them, the service is excellent and works well.  

But some people have a problem: If you are a technologist who wants to access your home lab remotely, or your workplace connected via Starlink and you're looking to connect from elsewhere, you’re likely aware that their use of non-routable IP addresses prevents you from doing so. 

The TL;DR is that even though Startlink uses the IP protocol, the dishes (and the businesses and home labs they serve) cannot be directly addressed on the Internet. Read on for more about why that is, or, skip to the end of this post to see how NoPorts gives you remote access with just a few lines of code.

Starlink & CGNAT Addresses

Each satellite dish/router has an RFC-1918 private non-routable IP address instead of a publicly routable IP address. These non-routable IP addresses for satellite internet services providers are in a range of (100.64.0.0 - 100.127.255.255) which are reserved for Carrier Grade Network Address Translation (CGNAT). Internet service providers, like Starlink, use CGNAT addresses to translate private user IPs to a single public IP for Internet access, which lets them manage a large number of customers with limited public IP addresses. This is great for reducing costs and simplifying network management for Starlink, and it’s practical given the IPv4 address shortage. 

Other RFC-1918 private IP addresses are for general use in private LANs and WANs. For example, you may have noticed that when you go to a friend's house and get on the Wi-Fi, you always get an RFC-1918 private IP address. It often starts with “192.168.1.X,” with the last number ranging between 1 - 254. These private addresses can be used over and over again in peoples’ homes, and as a connection is made outbound to the Internet, the private IP address gets translated to the router's publicly routable IP address. This is called “Network Address Translation,” or NAT. The big difference between CGNAT and regular NAT is that the router at the customer premises in the case of NAT has a routable IP address—in the case of CGNAT, like Starlink, it does not have a publicly routable IP address. This means you cannot connect directly to your Starlink router from the public internet. So, if your home lab or business network is on the other side of a Starlink dish, and you want to connect to it from the public internet, then you’re pretty much out of luck. 

NoPorts for Remote Access with Starlink

Here’s how NoPorts makes it possible for Starlink customers to access their home network, home lab, or small business network remotely:

  • It runs over TCP/IP but uses a unique addressing system (called atSigns), so Starlink’s non-routable IP address becomes irrelevant.
  • It relies on outbound communication, and sets up a secure “meeting place.” As long as your home lab devices have Internet access, authorized people can connect securely, even if the devices are behind a firewall or connected to the Internet via Starlink’s CGNAT network. 
  • It creates an encrypted connection between devices, one where you can run the remote service of your choice—like RDP, SSH, or even Windows file shares—and ensures that all communication between your devices stays confidential and protected. 
  • Only you hold your encryption keys, so no one else, including Atsign, can snoop on your connection.

And, here’s how to use NoPorts to access your Starlink-connected devices:

  1. Obtain your NoPorts license here. You can start with a 30-day evaluation license, no credit card is required.
  2. Install NoPorts software on your devices
    • Install the NoPorts client, typically on your desktop
    • Activate both management keys on your desktop
    • Install the NoPorts daemon onto the device(s) you want to connect to, repeat for each device
    • Use our enrollment tool on your device
  3. Connect to your device using the NoPorts client. Once connected, you can access the RDP service locally.

Need help getting started, have questions, or want to tell us about how you’re using NoPorts? Please get in touch!

Product
Why NoPorts
How it Works
Connections & Integrations
Use Cases
VPN Replacement
Remote Access
IoT Messaging
File Shares
Cloud Security
IoT Access & Privacy
Pricing
NoPorts Personal
NoPorts Professional
NoPorts Enterprise
Resources
Docs
Blog
Case Studies
Videos
News & Events
Help & Support
Technical Support
Sales Support

NoPorts, developed by Atsign with our open-source SDK, represents the next generation of Internet technology—focused on simplicity, security, and privacy. For inquiries or feedback, please contact us.

SSH No Port’s latest pen test results are now available. Please email info@noports.com to request your copy.
© 2024 Atsign
Terms & Conditions
Privacy Policy