Hello All,
I have been using an awesome little tool called ngrok (https://ngrok.com/) to connect to port 502 on the Classic on my remote network. I need to use this tool since I am running my remote network on a cellular connection; I can't just forward a port from the cell router to the Classic, the cell company blocks all incoming ports. I have a Rasperry Pi running at the remote site and I connect to it by VNC. I installed ngrok on it, and I use it to create a tunnel to the Classic.
Essentially, the ngrok tool allows you to create a tunnel from behind your firewall/router to a server on the internet, you then connect to that server to communicate with your Classic. After installing, use this command to start up the tunnel:
./ngrok tcp 192.168.0.225:502
Which instructs ngrok to forward tcp port 502 from IP address 192.168.0.225. In my system, the Classic is on IP 192.168.0.225, while my Raspberry Pi is on another IP address on the same network.
And the tool then shows this:
ngrok by @inconshreveable (Ctrl+C to quit)
Session Status online
Account Matt Sargent (Plan: Free)
Version 2.3.35
Region United States (us)
Web Interface http://127.0.0.1:4040
Forwarding tcp://0.tcp.ngrok.io:19146 -> 192.168.0.225:502
Connections ttl opn rt1 rt5 p50 p90
0 0 0.00 0.00 0.00 0.00
All I have to do now is connect the LocalStatusPanel to 0.tcp.ngrok.io and use port 19146 instead of 502.
Once you are done, hit Cntrl-C and the tunnel is taken down. On the free version you get a new server and port every time, if you pay, you can setup one that does not change. But to be honest, it is a security risk so use at your own risk. I setup the tunnel, do what I need to and then take it down, but it works great!
Matt
This looks really CooL Matt !!
All,
I did not mention it, but this tool is used heavily for getting a web server out form behind a firewall - this would be great if one of the guys creating the Raspberry Pi based monitoring system wanted to see the UI from the internet. Also, you it gives a lot of very good information about the tunnel, you can even look at the tunnel info using a browser - just open a page on http://localhost:4040 and you see some cool stuff about the connection.
Matt
You can do the same thing with the native openSSH library on the pi. It does require you to have your own "local" machine running ssh to connect to though.
Quote from: mcsarge on November 20, 2019, 04:51:33 PM
All,
I did not mention it, but this tool is used heavily for getting a web server out form behind a firewall - this would be great if one of the guys creating the Raspberry Pi based monitoring system wanted to see the UI from the internet. Also, you it gives a lot of very good information about the tunnel, you can even look at the tunnel info using a browser - just open a page on http://localhost:4040 and you see some cool stuff about the connection.
Matt
Not sure any of these Raspberry Pi things would be of use or maybe you saw this already - but Andreas does have some things about getting info in and out of Pi remotely and securely https://youtu.be/a6mjt8tWUws
Larry
Larry,
I have 2 Raspberry Pis (one primary, one for backup) on the island and they are awesome. I regularly use the Dropbox library to move pictures down and the Twitter library to send out a tweet each evening about the weather. The usual VPN for a Pi is having it setup as a Server, which is a no-go when yu are working from a cell connection - you need the Pi to be a Client and attach to a remote network, then you connect to it too and then you can communicate with the Pi as if it was on your local lan.
But the Pis have some weaknesses - sometimes they just need to be reset, impossible without a remote power switch, and the SD Card can wear out due the continual re-writes. Most of these setups are in locations where a simple power cycle is easy to do and will fix everything - but when the system is on an island that is similar to being on the moon, there are issues.
To combat that I have several experiments pending - I created a Pi with an SSD as the storage and I use the WittyPi RTC to auto cycle the Pi every week and to auto start it in the case of a power cycle.
The best thing, by far, has been the addition of the Cradlepoint Router - it has an internal watchdog and a scheduled reboot as well as a GPIO interface that can be used to control a relay for doing a hard power rest on sub-systems. But best among the features is that you can have the Cradlepoint VPN to a virtual LAN that you can connect to with you phone or laptop. Once connected, your device and and the router and all of the devices behind it are available to you through that virtual and secure LAN.
But they cost, and to get the cool remote monitoring you have to pay a subscription. All worth it if you ask me.
Matt
Not sure if you are into ham radio but you could probably get into your system via RF and activate a power switch via RF . Really depends on the local network but I have a box for APRS that lets you switch things on and off via messaging on the internet which can gate the commands to RF.
A bit of messing around but RF is always fun to play around with - ham radio great hobby so worth getting the license . You can also set up APRS to send out telemetry data which if in range of an igate makes its way to be stored in APRS servers.
https://www.argentdata.com/catalog/
Larry
Is this available across the internet? The address tcp.ngrok.io seems to be hosted in Amazon. If this is publicly available couldn't someone mess with your stuff?
ngrok is available over the internet and is indeed a security risk. As I mentioned in my original post, but I only put it up when I need it and then disconnect it when done.
Larry - KG4EUF here :-) Sadly, where the island is in Canada there are no relays in range of a reasonable sized radio and antenna. Having redundant systems and system designed for unattended service is better IMHO. But I have designed an ESP32 based relay closure device that would leverage the internet connection that the Cradlepoint provides.
Matt
Another use case for ngrok:
If you have run out of the free slots in your RealVNC Free account, you can start up an ngrok tunnel to port 5900 and then use that in the VNC Client to connect to your computer.
./ngrok tcp 5900
with my Cradlepoint, I can establish an SSH link from the Cradlepoint Netcloud Manager via the browser but I can not tunnel as that link is controlled by the web client.
Matt