Checking NORDVPN through Make a Web Request

PhantomSpice · 2019-02-19 22:44:32 UTC

1) Give a description of the problem
Hello,

I am trying to check the status of my NordVPN. Basically I want to be alerted if the VPN goes down.
I have found a URL

That from my PC returns some lovely JSON…

{"ip":"1xx.1xx.7x.xx","isp":"M247 Europe SRL","status":"Protected","country":"United States","code":"US"}

When I Make a Web Request GET to the same URL in a piston is returns

{"ip":"5x.1x.6.2xx","isp":"Amazon.com","status":"Unprotected","country":"United States","code":"US"}

So, it’s giving me the wrong IP, wrong ISP, and wrong status. I can only assume this is one of the many IP address in Amazon used by WebCore. But why is it that when I use the same Make a Web Request GET to local address (10.10.10.1) it can make the local call. Am I missing something? Is it that if the address is detected to be non-routable, private, it sends it from my SmartHub, but if it is routable outside, it runs it from Amazon?

2) What is the expected behavior?
To get the same JSON information on my PC as I do on WebCoRE

3) What is happening/not happening?
It appears that while the PC goes out my router, and thus my VPN, WebCoRE is not sending it out my VPN.

**4) Post a Green Snapshot of the piston![image|45x37]

5) Attach any logs (From ST IDE and by turning logging level to Full)

WCmore · 2019-02-19 23:28:36 UTC

This is to be expected since most VPN’s are software that runs on the PC (not the router).
Normally, only web requests leaving the PC with the software running will actually be secured.

To clarify, the ST hub as well as any tablets / Roku / Chromecast etc will all use your normal IP, and are not being tunneled thru your VPN connection.

Depending on NordVPN and your router, it may be possible to force your entire home network to use the VPN services, but to get this, you have to find & use VPN options inside your router.
(Plus, this also means streaming videos may buffer more than usual)

PhantomSpice · 2019-02-20 01:25:25 UTC

So actually, no it actually IS VPN running on my router. Without so much info, it’s a ubiquiti
four port Edge Device router with running OpenVPN connecting to NordVPN from my primary Internet facing interface. There are two network segments, one that is non-VPN and one that is VPNed. My PC and all my smarthome devices like the Samsung Hub are on the VPNed VLAN. From any IP address in the VPNed VLAN, connecting to the site https://nordvpn.com/api/vpn/check/full will display Protected, and from any NON-VPN VLAN, the site is unprotected.

I am certain that the SmartThings Hub is on the VPNed VLAN as it has an IP address assignment from the VPNed VLAN. Furthermore, if it were in the NON-VPNed VLAN, it would have the IP address of my Internet Provider (RCN), definitely not Amazon.com.

WCmore · 2019-02-20 01:47:31 UTC

Ok cool, then you have already done the tricky part…

Please pardon my dumb question, but may I ask why you keep mentioning Amazon, when the piston and VPN you are describing here have no connection to Amazon whatsoever.

What device is the data passing thru that is owned by Amazon?
(or did you mean to say SmartThings?)

PhantomSpice · 2019-02-20 02:14:02 UTC

I can’t figure that out either. I just assumed WebCoRE might be using Amazon somewhere, and the IP address from which this URL is being called is coming out of Amazon’s datacenter.

So I tried to obscure the IPs a little initially but, but here goes…

207.172.x.x - This is my IP address on my ISP. Provider/ISP: RCN. If I bring down the VPN, this is what shows up in WHATISMYIPADDRESS.com. When connected to my non-VPN VLAN, this is the IP address that it shows.

176.113.x.x - This is the IP address when the VPN is up. Provider/ISP: M247 Europe SRL. If VPN is up, and I got to whatismyipaddress.com, that’s what returns.

When I run the URL I posted above:

https://nordvpn.com/api/vpn/check/full

This returns JSON information about what IP address it is seeing me at, and whether or not I am protected by NORDVPN.

It all checks out, I get exact match between browser and whatismyipaddress.com on devices when VPN on, VPN off, on the non-VPN VLAN, etc.

ONLY when I use WebCoRE’s Make a Web Address, do I get the following IP address:

52.14.x.x

When I do an IP address lookup of that IP address, I get Amazon as the Provider/ISP.

Try https://whatismyipaddress.com/ip/52.14.0.1

And you’ll see it looks like they have that whole Class C address range.

So my VPN is pretty predictable in terms of where it is hosted, what it shows up as. I have never seen this IP address before, and only WebCoRE is returning this information. I can only assume (again, I don’t know why, or how), that WebCore’s Make a Web Request, is somehow coming out of Amazon’s datacenter, not directly from my SmartThings Hub.

Just for grins, I just created a new piston.
Did a Make a Web Request
http://bot.whatismyipaddress.com/

Set expression $response to a variable. It gives the same 52.14.x.x IP address. That shows that Make a Web Request isn’t necessarily coming from the SmartThings Hub, right? Am I crazy?

WCmore · 2019-02-20 02:54:37 UTC

Thank you for embellishing a bit. I suspect that SmartThings is simply using the “Amazon AWS” service to store our automations. I have a few MP3 files and such that I have stored there so I can reference them easily.

WebCoRE’s pistons are stored in SmartThing’s Cloud, so it is not a far stretch that ST is using the fairly inexpensive database on Amazon’s server as storage.

Let me briefly share an observation in my house because it might help to connect the dots.

Not too long ago, my internet went completely down for a few hours. Imagine my surprise when certain pistons (mostly time based) still continued to execute as much as possible with no connection to the hub whatsoever. Just to clarify, no local lights changed or anything, but SMS messages and data pulls still happened with my entire house offline.

For me, this was a great real world example of how the code executes outside our network

WCmore · 2019-02-20 02:56:06 UTC

If you share this piston, I will also test it to see if I get the same (or similar) results

PhantomSpice · 2019-02-20 03:20:44 UTC

If indeed that is the case, that is awesome that we still get some functionality when the Samsung SmartThings Hub cannot access the Internet through the power of cloud, but, this is one of those situations where I actually need it to execute locally outbound, not cloud outbound…

Where it says https://anonymized.webcore.co
Use http://bot.whatismyipaddress.com/

From your browser, put in http://bot.whatismyipaddress.com/ as well. Run the piston, and the variable Response will change to your IP address. If it were running from the same place, it really should be the same IP address, right? (Of course, that is if your PC and your hub appear to be NATed outbound to your ISP, may not be, but pretty much how most people run it.)

WCmore · 2019-02-20 03:25:37 UTC

I feel your pain, but for the execution to be outbound, the code has to be stored locally.
(IE: it doesn’t know what to do until after it is in the cloud)

Maybe create some type of script on your Raspberry to send the request?

WCmore · 2019-02-20 03:42:48 UTC

My piston also shows an IP for AmazonAWS at 54.82.x.x

I knew my PC and hub query would be different IPs, but I did not realize until today that now our pistons are stored (and executed) on Amazon’s servers. I could have sworn they were owned by SmartThings last time I checked.

PhantomSpice · 2019-02-20 13:43:21 UTC

Right? I didn’t know that either. What’s weirder for me, is I do have a Raspberry PI that runs some controls for my SONOS system. That is a local address (and not accessible to the outside world) and I am calling it “directly” from WebCoRE. So I know it can do it. I just don’t know how it knows that the web request should be done from WebCoRE in AWS or locally. Is there a way in Get Web Request that you can say…only fire locally? I don’t see an option for Get Web Request to do so.

WCmore · 2019-02-20 16:42:27 UTC

Well, I hate being devils advocate, but from a programming point of view, what you want is the most complex of the three scenarios. For example:

External Web Request goes from Hub > Router > Cloud > Web Request
Local Requests goes from Hub > Router > Cloud > Router > Raspberry

To have an external request originate from the hub would have to travel:
Hub > Router > Cloud > Router > Hub > Router > Web Request

It seems unlikely that they would have taken the time to code for such crazy hopping around.
(I was actually surprised when my Raspberry request worked locally)

I am just thinking outside the box here…
But if your router is running the VPN software, and your goal is to monitor that it is still up and running, then why not bypass all that hopping around and simply make the query directly from a device that is using the VPN? (the results can always be sent to a piston for notification etc)

Alwas · 2019-02-20 21:29:54 UTC

Isn’t that what the ST SmartApp Host Pinger is for? I have it running on an esp8266, and it just pings the IP address of the TV say, and keeps a virtual switch in sync with it’s online/offline status. You could direct it to something on your VPN network like @WCmore says.

https://community.smartthings.com/t/release-host-pinger-ip-based-online-state-presence/61435

eibyer · 2019-02-20 21:46:18 UTC

From the ST forum… an old post.

PhantomSpice · 2019-02-22 11:59:05 UTC

Sorry, I don’t understand. Could you be more specific with the url to the old post? I don’t see an option for HTTP request.

vmsman · 2019-03-10 19:10:16 UTC

I have been trying to do this FOREVER also. Ideally. I want to issue an HTTP GET web request from Webcore and have it place my public IP address in the $response webcore variable.

If that is not possible because Webcore is running in the cloud and not on my local network, then an alternative would be to pass my DDNS name to Webcore and translate that to an IP address. Unfortunately, I’ve not yet yet found an https://whatismyipaddress.com/ web call that lets me pass my DDNS Internet name as the address that I want translated.

My purpose in all this is that I have automations involving SmartThings SHM security and cameras which greatly benefit from knowing when my Public ISP address has changed. The DDNS service running on my router reacts to those changes and sends an updated IP address to my DDNS provider so that my DDNS subdomain is always current to my public IP.

If only I could make a Web Request call from Webcore something like the following, I would have a solution:

eibyer · 2019-03-11 16:48:59 UTC

Do you have any machines running 24/7 (windows or a rpi)?

PhantomSpice · 2019-03-11 18:30:52 UTC

Yup, exactly. Seems like there is some way in which WebCoRE is able to do local IP address access. Any address in the Private Address scheme, 10.x.x.x, 192.x.x.x will execute locally, but ONLY those IP addresses. I get what is being done here, but it would really be nice to have some attribute/setting, where a particular Web Request is handled from the Hub outbound, not from SmartThings Cloud outbound.

vmsman · 2019-03-11 21:43:19 UTC

I have a couple of RPI’s and I have a NAS that I can run a Docker container on.

eibyer · 2019-03-11 22:11:40 UTC

If you can hack together a script to use https://www.ipify.org/, you can return the current public IP using different techniques and pass it on to webcore. Scroll to the lower part to see the examples.

If your script detects a new IP, you can call the piston link with the newIP parameter like http://piston_address?newIP=xxx.xxx.xxx.xxx