Remote Monitoring - Again.........

[Hurricane]

Following on from northwind's post.
I've just watched this video which shows how simple it is to set up PiVPN

I said earlier that creating the secure certs and keys was quite complicated.
This video shows that the PiVPN team have made that process really easy.

More importantly, when a Raspberry Pi server solution is as simple as this to set up, there would be no need to buy a VPN server connection.
Just leave a Raspberry Pi attached to your home ISP's router and you could watch internet TV using your ACTUAL home internet connection - no paid VPN service necessary.
"Kind of" half way to my LAN tunnel.
All this needs is a Raspberry Pi and the PiVPN software installed.

Lots of food for thought here.
This thread is getting even more exciting.

 

[northwind]

Following on from northwind's post.
I've just watched this video which shows how simple it is to set up PiVPN

I said earlier that creating the secure certs and keys was quite complicated.
This video shows that the PiVPN team have made that process really easy.

More importantly, when a Raspberry Pi server solution is as simple as this to set up, there would be no need to buy a VPN server connection.
Just leave a Raspberry Pi attached to your home ISP's router and you could watch internet TV using your ACTUAL home internet connection - no paid VPN service necessary.
"Kind of" half way to my LAN tunnel.
All this needs is a Raspberry Pi and the PiVPN software installed.

Lots of food for thought here.
This thread is getting even more exciting.

You can run the PiVpn on debian or Ubuntu so you use something other than a pi if you don't want more horsepower or not to rely on sd cards.

As you say it makes the setup a doddle and if you host it at home you can use it to have a UK based ip address.

I use wireguard for work, it allows you to create a network of machines in all sorts of places and view them as a single lan, its quick and can run on openwrt.

My other favourite tool is rclone, let's you mount all sorts of online storage as a drive on your computers.

 

[Hurricane]

You can run the PiVpn on debian or Ubuntu so you use something other than a pi if you don't want more horsepower or not to rely on sd cards.

As you say it makes the setup a doddle and if you host it at home you can use it to have a UK based ip address.

I use wireguard for work, it allows you to create a network of machines in all sorts of places and view them as a single lan, its quick and can run on openwrt.

My other favourite tool is rclone, let's you mount all sorts of online storage as a drive on your computers.

Thanks for posting
Thats an interesting comment on Wireguard - it does seem simple to set up but, unfortunately, I don't think it is for me - shame because I'm sure Wireguard is a lot faster than OpenVPN.
I'll have a look at rclone - I understand the concept - done that kind of thing before but didn't know about rclone.

 

[jakew009]

Not sure how many people on here are interested in following this stuff but I will keep posting anyway.
IMHO, this isn't thread drift but it probably isn't the technical forum for this kind of discussion.
I don't want to get "flamed" again for posting irrelevant posts.
That said, maybe some are interested - those that aren't have the option not to read it.

Back to my little router project.
As I said, I have made the Raspberry Pi work as a router.

Picture are always worth a thousand words so this is the setup:-
View attachment 130504

The white wire on the right is the power
The grey Ethernet wire is connected to my PC
The black device is a USB3 to Gigabit Ethernet adaptor - the black Ethernet wire that is connected to it is connected to my "upstream" ISPs router.

The result is that the PC is on a separate downstream LAN.
The Raspberry Pi "routes" the PC onto the internet.
The PC can also connect to the Raspberry Pi's WiFi instead of the wired Ethernet.

I have just done some speed tests and there doesn't seem to be any reduction in speed when routing through the Raspberry Pi over connecting directly to the ISPs router.
My internet connection is about 60Mbs
I didn't bother doing the speed test over the Raspberry Pi WiFi.
The speed test was to see how well the Raspberry Pi routed and not test the speed of its WiFi.

Most routers will have multiple (4 or 5) Ethernet ports so this solution only works using one LAN Port.
(The USB3 to Ethernet Adaptor is effectively the WAN port)
So a neat fix to this will be to use a simple Gigabit Ethernet switch (available for about £10)
Like this
View attachment 130506

So, as a DIY router, the Raspberry Pi should be fine.
I know that you can buy cheap routers that will do the same job but it is the next step that most interests me.
I could "flash" a copy of OpenWRT onto a cheap router but I quite like the idea of having a simple backup to any failure.
If a "flashed router" with a load of bespoke settings (for the next bit) were to fail, it could take a lot of "head scratching" to get a replacement one working again.
With a Raspberry Pi solution, I can keep a mirror copy of the microSD card sellotaped to the Raspberry Pi and, in the event of a failure, just plug it in.
Even keep a spare Raspberry Pi.

So, moving on.
I see two applications for this router.
Firstly, I think it could be set up to route its internet connection through a VPN service with an "exit" to the internet within the UK thus providing a UK IP address for people outside the UK for BBC TV etc.
Secondly, I am interested in replacing my dual router solution where my boat systems are on the same virtual LAN as my home systems.
This allows me to securely connect to my home desktops using applications like NoMachine etc - I currently use DD-WRT and OpenVPN - it works well.

Over the last couple of days, I have looked at Wireguard software as an alternative to OpenVPN for the secure tunnel- as jake009 said, this seems to be the modern way of doing this kind of thing.
It is easier to set up - especially creating the secure public/private keys etc.
However, it seems that Wireguard runs on TCP/IP layer 3 so there are some applications that currently work through my tunnel that wouldn't work if I switched to a Wireguard tunnel.
WOL (Wake On LAN) for example runs on Layer 2 so I wouldn't be able to remotely switch my computers on.
Also, I believe that broadcast packets run on Later 2 - these are useful if you want to browse a LAN for computers.
I don't think this will be a problem for the first application that I mentioned but it would be a problem for my private VPN.
There do seem to be a few projects that can create Layer 2 access over the Wiregrard's Layer 3 but that seems to be getting complicated.
So, it is probably back to OpenVPN for my private VPN even though it will be much slower than using the new Wireguard software.
Also, getting my two LANs connected with Wireguard requires some careful routing whereas OpenVPN seems to handle most of this on my OpenVPN server.
So thats probably the direction I'm going for my private VPN

But I will also have a play with the Raspberry Pi as a VPN router to "pop up" in another country for use with BBC iPlayer etc.

Layer 2 bridging is (and always has been) a bit of a hack. Layer 3 (routed) VPNs are much simpler and have better performance. I thought OpenVPN had all but dropped bridging, but may be wrong.

Ideally you don’t want broadcast traffic transiting a VPN. Broadcast domains were meant to be small

I think the saying is “Route when you can, bridge when you must.”

Why not just send the WOL packets from the router at either end? Or a simple script on your RPI with a WEB UI.

 

[Hurricane]

Layer 2 bridging is (and always has been) a bit of a hack. Layer 3 (routed) VPNs are much simpler and have better performance. I thought OpenVPN had all but dropped bridging, but may be wrong.

Ideally you don’t want broadcast traffic transiting a VPN. Broadcast domains were meant to be small

I think the saying is “Route when you can, bridge when you must.”

Why not just send the WOL packets from the router at either end? Or a simple script on your RPI with a WEB UI.

OK - thanks for that.
Much as I expected.
My existing DD-WRT routers has WOL facilities but I recently found a really good WOL app on Android that will wake any of my computers when the Android is connected into the DD-WRT LAN/tunnel.
That said, maybe I should speed up the tunnel by sticking to layer 3 traffic and use a local device to WOL
Thanks for posting

 

[Hurricane]

Just for a bit of fun, I put an old Raspberry Pi 3 together as a test to see how well it would work as a UK TV VPN from outside the UK.
All as in post #61 above.
It went together really quickly.
And, simply, works without any hassle.
I just followed the guy in the video.
He complicates things a bit when he discusses DDNS on the broadband router (not a necessary step) but other than that, it is an excellent video.
I used an old Raspberry Pi 3 but I downloaded the new 64 bit version of Raspberry Pi OS that was officially released last week.
As a result, the PiVPN script doesn't recognise the operating system so it was necessary to manually set a static IP for the Raspberry Pi but there are plenty of notes on how that is done the internet.
But apart from that the PiVPN script works really well.
You can even run it several times until you get what you want.

So, it should be within most people's ability to build a little box containing a Raspberry Pi.
You would then attach it to your home router in the UK and use it as your own private VPN for BBC iPlayer etc whist away out of the country.
BBC wouldn't block it because the internet connection would be coming from your home - just as though you were actually at home.
You would need to install some software on your laptop or mobile phone to direct the connection through the Raspberry Pi in your home but that software can be switched on/off as required.
I hope that is a simple explanation of how PiVPN can be used.

I am planning using something a little more sophisticated because I want the Raspberry Pi to be a router as well and I also want a similar one on the boat - just like I currently do with my DD-WRT routers.
But a single Raspberry Pi with PiVPN should work for most people.

 

[Hurricane]

An update.
I downgraded the RUT950 router to the Version 6 firmware, took it out to Spain and tried again.
This time, I purchased a local SIM deal.
We were out there for two weeks and I fitted it on the first day that we got there.
The RUT950 router was faultless.
I have it set up to boot itself early every morning so I don't have any "up time" statistics.
But, whenever I used it, it was working much better than the old D-Link router with a UK Vodafone SIM (roaming).
I was going to use it with multi SIMs but I think I will just use it with one.
I leave it on 24/7 and it is noticeably more reliable/responsive than the old set up.

So, although I am not a fan of the hardware, the RUT 950 seems to do the job I want.

For those of you who keep their boats in Spain, you might like to consider the local SIM deal that I have found.
It is a 4G retailer called Lobster - see lobster.es
Essentially, it is a PAYGO deal that is designed for Brits in Spain
Being PAYGO, you don't have to jump through all the hoops that you have to when buying a mobile contract in Spain.
Just present them with your passport and a Spanish address (your boat in the marina will do) and sign up an account.
The Lobster has 2 features that will probably appeal to us Brits.
The first is that you buy "lumps of data" that they call "plans" which run for a month.
If a "plan" runs out of data, you just buy another one and immediately enable it - in which case, your month starts again.
The second feature is that you can "freeze" your current "plan" for up to 12 months.
Say you are half way through the month since your current "plan" started and you still have some data left, you can freeze both the data and the number of days left.
So, you leave it frozen whilst you go home and restart it when you return.
Prices at the moment are 12 euros for 18Gb - or 18 euros for 40Gb - or 24 euros for 70Gb
There is also a plan that they don't publish much - 10 euros for 18Gb but with limited phone calls (great if you are just using a router!!)
You can upgrade or downgrade your "plans" as you like but that is best done at the end of your month because you will loose what is left on the running "plan"
I tried all the various options and The Lobster seems to work well.
I thought I had a problem (no data) on the first day that I connected it but I phoned their help desk - immediately answered and they efficiently resolved my problem.
In fact there wasn't really a problem - just me being stupid - but it is nice to know that there is service there when you need it.

With a local SIM, you don't get a UK IP address so I tested the PiVPN that we discussed earlier in this thread.
I had previously left a Raspberry Pi plugged into my home router in the UK and I thought it would be interesting to use it to run BBC iPlayer in Spain.
My home connection is about 60 Mb/s downlink and about 9Mb/s uplink.
It all worked but it isn't really fast enough to run TV through it - note that the limiting factor is the home uplink speed.
BBC also have a number of techniques as well as UK IP address detection which make a DIY solution quite ineffective.
So I decided to buy a professional VPN service.
I usually use Private Internet Access but their servers get blocked by BBC so I looked for one that claims to work with BBC iPlayer.
After looking around, I settled on NordVPN - not the cheapest but also not the most expensive.
A nice feature with NordVPN is that they have browser extensions that are dead easy to use.
So, I simply installed a Chrome extension and connected to my NordVPN account.
All UK TV then worked as though I was in the UK.

The biggest issue that we have when streaming abroad is that most UK roaming contracts at the moment are limited to 25Gb after which, they can cost as much as £2 per day.
This may change but I now have a good solution with The Lobster and NordVPN that means I am now not dependant on Vodafone.
To me, Vodafone is the WORST company on the planet - in the past, they have not honoured written contracts - I have always hated but had to use them.
I'm finally free of the dreaded Vodafone.

That said, working through the things that we have discussed in this thread caused me to look again into my DD-WRT DIY VPN service between the boat and my home.
And it is all a bit out of date.
So I am thinking that over the next few months, I might change the DD-WRT routers to a Raspberry Pi solution using OpenWRT.
I've got something that nearly works but the basic Raspberry Pi might be a bit limiting.
My current plan is to use one of the new CM4 Raspberry Pis with multi Gigibit Ethernet ports.
This will be a project that I will probably take several months to build - maybe not even fit it until next winter.
I'm sure that buying a cheap router and loading OpenWRT into it would be a much easier but the Raspberry Pi idea sounds much more fun.

 

[vas]

sorry for reviving an almost two year old thread!
RUT240 is fine on the boat running an ancient FW from 2021.
however I bought a RUTX50 5G router for home and scrapped the crappy landline that would give me at best 8Mbps download and 0.7Mbps upload.
Now with the 5G router I get 250-280Mbps d/l and 15-20Mbps u/l connecting to antennas which are well hidden and 3-4km away with crappy s/n ratios (as reported by the teltonika) External antenna to be added in the setup soon.

Question is that I thought I might have a go upgrading the RUT240 firmware on the boat from 01.14.5 to latest which is 7.05.4 (identical in # at least with the one running nicely in the 5G at home).
I do remember @jakew009 suggesting we stick to the old firmware but that was over a year ago.
So, shall I go ahead and upgrade the firmware on the 240 or is it still a no no?

cheers

V.

 

[jakew009]

sorry for reviving an almost two year old thread!
RUT240 is fine on the boat running an ancient FW from 2021.
however I bought a RUTX50 5G router for home and scrapped the crappy landline that would give me at best 8Mbps download and 0.7Mbps upload.
Now with the 5G router I get 250-280Mbps d/l and 15-20Mbps u/l connecting to antennas which are well hidden and 3-4km away with crappy s/n ratios (as reported by the teltonika) External antenna to be added in the setup soon.

Question is that I thought I might have a go upgrading the RUT240 firmware on the boat from 01.14.5 to latest which is 7.05.4 (identical in # at least with the one running nicely in the 5G at home).
I do remember @jakew009 suggesting we stick to the old firmware but that was over a year ago.
So, shall I go ahead and upgrade the firmware on the 240 or is it still a no no?

cheers

V.

If you upgrade it I’d work on it requiring a factory reset as a minimum. You may be better doing a boot loader reset.

There is zero chance of it successfully upgrading the config all that way without screwing it up.

 

[vas]

If you upgrade it I’d work on it requiring a factory reset as a minimum. You may be better doing a boot loader reset.

There is zero chance of it successfully upgrading the config all that way without screwing it up.

Thanks Jake,

I'll work on that ground, well, wont do it remotely I'll get onboard (no big deal, it's 10min walk to the boat)
I'm more wondering if the issues of slow response etc mentioned back then are sorted now. Not sure if I can assume so from my experience with much newer RUTX50.

so, shall I go ahead?

cheers

V.

 

[jakew009]

Thanks Jake,

I'll work on that ground, well, wont do it remotely I'll get onboard (no big deal, it's 10min walk to the boat)
I'm more wondering if the issues of slow response etc mentioned back then are sorted now. Not sure if I can assume so from my experience with much newer RUTX50.

so, shall I go ahead?

cheers

V.

There is nothing wrong with the new firmware now, they’ve got it under control and it will run fine on the 240.

If it’s got a public IP it’s probably worth upgrading from a security point of view.

 

[TwoHooter]

I think it's a good idea to keep using an old thread when the subject remains the same because people use the forum to research things like this and it's easier if everything is kept in one place.

 

[vas]

just to confirm what Jake stated. Upgrade went without a hitch, kept all settings, port forwarding, the lot.
ONLY thing that needed some checking was noip dynamic DNS (basically retype the username/passwd)
Other than than it's all fine and it's nice to have the same interface and placement of the various items in the menus (I'm using the advanced tab and it's a heck of a list of things in there!)

Would be even better if the RUT240 (the smallest of the range!) would do carrier aggregation like the RUTX50 (which is now on four LTE and one 5G) but I guess I'm asking for too much. Mind summer use with both of us doing zoom calls concurrently or other jobs has been fine on the boat from day one.

If I may ask yet another thing (more for the house actually!) would you have any recommendation for a 5G antenna with SMA connectors?
Someone suggested Nedis ANOR5G40ME, but down here its almost 200euro.
Further I can understand an omni on a boat, but in theory I could do with a directional one on the house (which are much cheaper) so any suggestions welcomed!

cheers

V.

 

[jakew009]

For the antenna have a look at Poynting
https://poynting.tech/antennas/

 

[Hurricane]

For others reading this thread, I looked into 5G for the boat.
My old Teltonica is working fine on 4G but, of course, won't work with 5G.

In our part of Spain, there is 5G - in fact fast 5G - I did some downloading using my phone's roaming service.
But when I checked with my boat's local provider, they aren't offering 5G yet and I prefer to stick with them.
I'm sure they will offer 5G sometime - maybe even sooner than later but until then, I will stick with the old router.

My point for others is - check your service provider and contract before splashing out on new hardware.

 

[vas]

For the antenna have a look at Poynting
Antennas

thanks! some good offerings there, seems I'll wait a bit as prices are quite high atm. Basically cannot seem to find any halfdecent 5G antenna close to 100euro (plenty 4G though...)
Not to mention I need to spent half a day studying to be able to understand the offerings and the endless mixup of antennas for wifi at 5GHz vs mobile signals at 5G!

V.

 

[vas]

For others reading this thread, I looked into 5G for the boat.
My old Teltonica is working fine on 4G but, of course, won't work with 5G.

In our part of Spain, there is 5G - in fact fast 5G - I did some downloading using my phone's roaming service.
But when I checked with my boat's local provider, they aren't offering 5G yet and I prefer to stick with them.
I'm sure they will offer 5G sometime - maybe even sooner than later but until then, I will stick with the old router.

My point for others is - check your service provider and contract before splashing out on new hardware.

correct!

I was using COSMOTE as a provider, knew that the sims where 5G, checked prices for unlimited data, then took my 5G mobile with it's own 5G Cosmote sim and started doing speedtests from the areas around the house I'd most likely place the router and it's 4 antennas. Established that I was getting decent 5G speeds and only THEN bought the router.
ANOTHER WARNING: some providers sell you the sim BUT you have to add it onto a approved (by them) 5G phone and use it once in order to activate 5G, else it's locked to 4G. No guess how I know that

For a boat, I'd expect you'd check maps that there is decent coverage before committing. I was told that down here, we do have 5G but providers' antennas/infrastructure wont go even close to the theoretical speeds of the system/tech. Still 250Mbps d/l 20-25Mbps u/l is good enough, ext antenna would hopefully help me up the u/l speed.
Test on the RUT240 yesterday evening with the boat in Volos port showed a nice symmetrical 12d/l 12u/l (Mbps) @45dB

V.

 

[Hurricane]

correct!

I was using COSMOTE as a provider, knew that the sims where 5G, checked prices for unlimited data, then took my 5G mobile with it's own 5G Cosmote sim and started doing speedtests from the areas around the house I'd most likely place the router and it's 4 antennas. Established that I was getting decent 5G speeds and only THEN bought the router.
ANOTHER WARNING: some providers sell you the sim BUT you have to add it onto a approved (by them) 5G phone and use it once in order to activate 5G, else it's locked to 4G. No guess how I know that

For a boat, I'd expect you'd check maps that there is decent coverage before committing. I was told that down here, we do have 5G but providers' antennas/infrastructure wont go even close to the theoretical speeds of the system/tech. Still 250Mbps d/l 20-25Mbps u/l is good enough, ext antenna would hopefully help me up the u/l speed.
Test on the RUT240 yesterday evening with the boat in Volos port showed a nice symmetrical 12d/l 12u/l (Mbps) @45dB

V.

On my phone in SCM, I was downloading files about 5 or 6 times quicker on my O2 UK contract than the local 4G connection.

However, I suspect foul play - or, at least foul playing software at the service provider end because after downloading a new operating system image on the 5G, for a Linux machine I was building (about 3.5Gb), my phone was limited to 3G for a couple of days.

 

[Bran]

QuSpot or QuWireless can supply a 5g antenna for your router, as the router is inside the antenna housing the signal loss is minimal. I use one with a RUT 360 in the UK, seems ok to me. Only thing I needed to do was dismantle the unit and use silicon to stop the antenna vibrating and creating a loud rattle. Saw a lot of QuSpot housings on hire boats on the Thames over the last year.

 

[henryf]

It’s a slightly different solution in that there is no video but for battery / bilge / temperature / shore power connection / location and open - closed sensor notifications (patio doors) I’ve been very impressed by the Vircru system.

Installed and set up by a networking Luddite (moi) in the blink of an eye. It’s provided great service and done what it says on the tin.