Not a klipper related problem, just an enquiry about wireguard vpn to connect with your mainsail from your phone!
Is anybody here using wireguard vpn to create their own private tunnel into their home network so that you can use mobileraker on your phone even when you are not inside your own home network?
Has anybody here got any experience with this and what are your findings?
I tried obico and octoeverywhere but did not like them, plus you are then subscribed to a service for which you can choose to pay or not but it came with many problems in my case.
I am interested to hear from those who use this or those who have used it, and for some reason do not so anymore.
If moderators think this is not suitable here, let me know and I will remove it, but I think it is kind of related since we connect to klipper in the end.
Make sure you setup port forwarding properly. My network uses an Eero router connected to a Verizon router, so I had to first port-forward my Pi through the Eero then the Eero through the Verizon router.
Setup your allowed IPs parameter carefully in PiVPN/Wireguard. I enabled the VPN addresses and my LAN addresses, but excluded web addresses. That way, you can use the internet exactly the same, even with the VPN on.
If you want an adblocker, you can install AdGuard Home or Pi-hole. Either way, when PiVPN asks you about Pi-hole in the setup wizard, select yes (even if you’re using AdGuard Home)
AdGuard Home and Pi-hole let you setup custom DNS overwrites, so I made some for my printers. My Prusa is prusa.3d and my Voron 2.4 is 24.v
Get a Dynamic DNS. I use No-IP for free (they email me monthy to renew my DDNS) and it’s super helpful in case your router randomly changes its IP address.
Mobileraker’s camera stream is a lot smoother than Mainsail/Fluidd, even over VPN connection.
Hope that helps!
EDIT:
I’d recommend an ethernet connection since the RPi Wi-Fi isn’t that fast, especially with webcam streaming. I run my VPN/AdGuard Pi and both my printers on Ethernet
If you want to take some load off your printers, you could probably connect your webcams to your VPN Pi. I used an older RPi3 for my VPN, which works fine, but I doubt it would hold up to running two webcams at once. If you have a Pi4 or 5 to spare, I’d recommend that.
Indirectly. I 'm using Tailscale which uses wireguard for links and simplifies key distribution and DNS. Really simple to set up and use the only caveat is you have to trust a(nother) company to guard your wireguard keys. Just a happy non-paying customer
Just to be clear, I am currently running wireguard and no problems at all. I was merely interested if others used it and what were their experiences.
The sugestion of a spare pi 4 or 5 is interesting since I will run a second printer in the months to come. I reckon one pi running a printer already will not be so happy when I connect a second printer with webcam as well.
Also since the pi functions as your router for your phone connection, I think it would be unwise to leave wireguard on all the time. Suddenly all your background activity will also run through the pi if I am not mistaken.
Still it works for me and I am happy.
This is what I meant by carefully setting up your Allowed IPs setting.
My Allowed IPs, for example:
10.203.144.0/24, 10.0.6.0/24
# VPN Addresses, LAN addresses (printers)
That way, your phone only routes LAN and VPN traffic through the VPN. Accessing anything else bypasses the VPN entirely (unless you use Pi-hole or AdGuard Home, in which case all DNS traffic is also routed to the VPN).
I’ve been using tailscale for everything under the sun and it works very well to use Moonraker over also. I like it better than wireguard because of it’s very simple setup. If you don’t like it because of the fact that tailscale servers set up the connections you can enable tailnet lock for more security.
You can install it on your SBC that runs klipper and everything else because it is pretty light weight but you can install it on another device and set up the subnets so you can access your entire home subnet.