Access Server from Internet

Corona Virus banner illustration – Microbiology And Virology Concept – by Mike Fouque

Introduction

Now that you have your network ready Repetier-Server installed and you are familiar with it and like using it in your local intranet, you might wish to access it from everywhere to check out your prints.

This requires that there is known route from your internet connected device to your Repetier-Server instance. As long as you are using the server only in your intranet, it might be an option to not add any users. As soon as you open your server to the internet you should forget that option. Create a user before doing so or everyone who finds the route through scanning will be able to use your 3d printer and do whatever they want and you might not like that at all. So minimum requirement is to have users with passwords. Then you might still have the problem that traffic is unencrypted so a man in the middle could easily get access to it. But there are also secure solutions – it is up to you how secure it is.

Please understand that we can not provide further assistance on this subject since there are so many different routers, internet provider and software solutions on the market. We do not know them and do not use them all, so we can not provide any help here. The basic problem you need to solve is how to publish a ip:port from your intranet to the internet.

Port forwarding

This is the easiest solution. You tell your router to map the port 3344 on the local ip xxx.xxx.xxx.xxx to any port you like. Then you can access the server from everywhere using http://your_router_ip:port

While this might work for many users, some will not succeed. The reason is then normally your internet provider who uses a protocol like DSLight which shares one external IP with different clients, so ports to the outside get mangled to something different and you will not find the way in. In that case this solution does not work.

If you have switching IP addresses you might want to use a dynamic DNS hosting provider who maps your current IP to a static domain name. A free solution would be https://www.duckdns.org.

One thing to consider with this solution is, that the data is not secure as you use the unencrypted http standard. If you want this more secure, you need a https->http proxy in your intranet that forwards secure requests to the regular 3344 port. If you use our pi image, such a proxy is already available under port 443.

VPN

Using a virtual private network you get access to your complete intranet in a secure way including all Repetier-Server instances. You access them with the same IP as in your intranet – just remember to connect to your VPN first. Some routers provide VPN out of the box and there are many other VPN solutions. Since they all differ we can not provide additional help.

Forwarding service

There is another solution that we like to mention here, because it is the most simple one. A forwarding service starts a connection to the forwarding service so they can exchange data. That service has a public url on the internet and request send to that domain get forwarded. This does not require a port mapper or anything, just a script running on the computer running Repetier-Server. The easiest solution we found so far is https://ngrok.com . You can use the free account which is enough for private usage. The only real problem with the free account is that on every start of the ngrok client you will get a different domain name. The paid solution allows to always get the same domain.

Once you have the ngrok client installed and set up your account token as described on their homepage you start it with

ngrok http 3344

in your terminal window. You will then see two forwarding addresses – one for http and one for https. For security reasons you should always choose the https version.

The only drawback of this solution is, that data gets send from your pc to ngrok web server and from there to your browser. This increases latency and speed is also limited by the slowest component.

Other solutions

There are surely other possible solutions. One would be to make your own forwarding service if you own a web server in the internet. You could create a ssh tunnel to your web server and there use the web server to proxy the data to a subdomain of your choice. But this is an expert solution only for users familiar with networking, web server and proxy creation.