Accessing OctoPrint Server Web GUI outside of my LAN

connectivity

#1

What is the problem? Trying to connect to the Web GUI outside of home

What did you already try to solve it? I have Setup Port Forwarding and DDNS with my No-IP acct. Hitting home when trying via web based GUI but getting an Error: https://i.imgur.com/PvcqIFC.png

Additional information about your setup (OctoPrint version, OctoPi version, printer, firmware, octoprint.log, serial.log or output on terminal tab, ...) I'm using Version 1.3.9. I have Nordvpn setup on my router as a client as well. I have Printoid but no longer have Android phone and there is no current iOS app for Printoid. Any help in this matter is greatly appreciated.

Thanks,
AZDNice


#2


#3

you need to use your home external IP address. You cannot use the hostname of the pi.
it has to be http://1.2.3.4 (whatever your IP is instead of 1.2.3.4)
and for security, change the port in haproxy to something besides 80... like 9999 or something, then forward that port in your router.
you then access it via http://1.2.3.4:9999


#4

I hosted a new website at linode.com. They provide naked Linux servers and they expect you to be very good at I.T. (they don't provide any firewall protection, in other words).

While I was still setting up the webserver I was seeing active hacking attempts during the first fifteen minutes of the site being up. I don't mean small amounts of an individual trying to hack the site. I mean "hundreds of lines of scripted hacking from multiple source addresses" and immediately after getting the new IP address bound.

This is no game. Every minute of the day about a hundred (or a thousand?) ghosted boxes are actively walking the IP space on port after port. The bulk of that is based on ports 80/8000/8080/3000 and 443 (and similar) but it's real, it's 24-7 and it's not something you should think you can make safe by just moving the port.

There are websites which publish hacked webcam addresses. For example: "This creepy website is streaming from 73,000 private unsecure webcams"


#5

HAHA....I like that OutsourcedGuru! I heard of the possible issues however I figured with my external firewall and hacked router i COULD be safe. But now I'm a little concerned after your confirmation. I just don't know what other way to monitor and control my printer when I'm not home. Any suggestions you have would be completely appreciated!


#6

Thanks 5ft24. Now OutSourcedGuru has me thinking if this is actually the best/safest avenue to take. I don't want to open the door for any abusive behavior. How are others safely completing this task? I watched Mike Joe Terranella's : https://youtu.be/jUX_sc5B9hw thinking this would be the way to go but then I received the error message as I was being blocked by my vpn....maybe the error saved me.


#7

Foosel has some suggestions about configuring haproxy in some way that it's safer than the route you've chosen. I don't quite follow it but I'd trust her wisdom on the subject.

Personally, I created the following so that I could remotely manage my printer. It's a little complicated but hopefully it makes sense:

  ┌──────┐   ┌─────┐   ┌───┐   ┌────┐   ┌─────┐   ┌─────────┐
  │ Echo │ ⇄ │ ASK │ ⇄ │ ƛ │ ⇄ │ FW │ ⇄ │ o-p │ ⇄ │ printer │
  └──────┘   └─────┘   └───┘   └────┘   └─────┘   └─────────┘

I speak to an Amazon Echo Dot (or Spot), this goes to an Amazon Skill, this next goes to an Amazon Lambda function. At this point in the cloud, it needs to create an inbound connection into my private network and Amazon has nothing that makes this possible.

So I wrote the octo-proxy piece which is a proxy for the communications. I have the Lambda function authenticate to the proxy and the proxy then talks to the printer itself, routing the communications back. It runs on a Raspberry Pi Zero W, for what it's worth. It works really well and I'd like to suggest it as a solution. The last time I helped someone set this up, it honestly took about a week given the way Amazon's model works. It's kind of a pain because of this part, to be honest.

Other solutions? Hold tight. I'm sure that others will jump on here and make their own suggestions.


#8

lol....Your right it looks complicated even though I do have a Dot laying around collecting dust. I do feel I catch on to things fairly quick however...A week?....lol think I will look to other options or just go out and purchase an Android tablet. Thanks a lot for the thought in responding sir!


#9

Hi, check your Router at home. Maybe it has the Option of VPN. This is a very, very safe way to get inside your home network from outside. I can connect to my home without any APP installed - iPhone supports that natively.