Skip to content

gsm extender hetzner cloud

Jump to bottom
Vasiliy edited this page Jan 31, 2021 · 6 revisions

Mitsubishi Outlander PHEV remote control over GSM(3g, 4g, LTE) using hetzner cloud

Requirements:

  1. Mikrotik ltap mini lte kit $129.00
  2. registered to hetzner cloud

Installation

  1. installation inside the vehicle
  2. installation near the house or parking

Configure hetzner Cloud

  1. create a project
  2. Create server inside project and select Ubuntu image
  3. Select cheapest server type $2.49/month
  4. Set server name and buy
  5. You receive an email with root password
  6. connect to server over ssh
ssh root@XXX.XXX.XXX.XXX

where XXX.XXX.XXX.XXX is your Server IP

  1. Run Docker container with PPTP server or L2TP Server(more secured)
  • PPTP
curl -sSL https://raw.githubusercontent.com/vzakharchenko/remote-ctrl-gsm/master/cloud/ubuntu.install -o ubuntu.install
chmod +x ubuntu.install
./ubuntu.install
  • L2TP with IPSec
curl -sSL https://raw.githubusercontent.com/vzakharchenko/remote-ctrl-gsm/master/cloud/ubuntu.L2TP.install -o ubuntu.install
chmod +x ubuntu.install
./ubuntu.install
  1. create PPTP/L2TP username and password
  2. after reboot, the PPTP/L2TP server will be configured

Configure Mikrotik ltap mini lte kit

using bash script

-checkout the latest version

git clone https://github.com/vzakharchenko/remote-ctrl-gsm
cd remote-ctrl-gsm/mikrotik/scripts
  • help command
./generateConfiguration.sh --help
  • Example PPTP:
git clone https://github.com/vzakharchenko/remote-ctrl-gsm
cd remote-ctrl-gsm/mikrotik/scripts

export CONNECTION_TYPE="cloud"
export WIFI_SSID="WIFI_SSID"
export WIFI_PASSWORD="WIFI_PASSWORD"
export CAR_SSID="REMOTEXXxxxx"
export CAR_PASSWORD="EVREMOTE_PASSWORD"
export CAR_MAC="<PHONE MAC>"
export VPN_TYPE="pptp"
export VPN_PROTOCOL="ms-chapv2"
export VPN_HOST="XXX.XXX.XXX.XXX"
export VPN_USERNAME="<CLOUD_USER>"
export VPN_PASSWORD="<CLOUD_PASSWORD>"

./generateConfiguration.sh

Result: mikrotik.rsc

Where
XXX.XXX.XXX.XXX - IP from the server inside hetzner cloud
CLOUD_USER - PPTP Username (step 8)
CLOUD_PASSWORD - PPTP password (step 8)
WIFI_SSID - Network name with access to the Internet and the Car network
WIFI_PASSWORD - password from network
REMOTEXXxxxx - Name of network in OUTLANDER PHEV (REMOTE55peee)
EVREMOTE_PASSWORD - password from network
PHONE MAC - password from network

  • Example L2TP with IPSec(more secured):
git clone https://github.com/vzakharchenko/remote-ctrl-gsm
cd remote-ctrl-gsm/mikrotik/scripts

export CONNECTION_TYPE="cloud"
export WIFI_SSID="WIFI_SSID"
export WIFI_PASSWORD="WIFI_PASSWORD"
export CAR_SSID="REMOTEXXxxxx"
export CAR_PASSWORD="EVREMOTE_PASSWORD"
export CAR_MAC="<PHONE MAC>"
export VPN_TYPE="l2tp"
export VPN_PROTOCOL="chap"
export VPN_HOST="XXX.XXX.XXX.XXX"
export USE_IPSEC="yes"
export VPN_IPSEC="<IPSEC_PSK>"
export VPN_USERNAME="CLOUD_USER"
export VPN_PASSWORD="CLOUD_PASSWORD"

./generateConfiguration.sh

**Result: **mikrotik.rsc
Where
XXX.XXX.XXX.XXX - IP from the server inside hetzner cloud
CLOUD_USER - L2TP Username (step 8)
CLOUD_PASSWORD - L2TP password (step 8)
WIFI_SSID - Network name with access to the Internet and the Car network
WIFI_PASSWORD - password from network
REMOTEXXxxxx - Name of network in OUTLANDER PHEV (REMOTE55peee)
EVREMOTE_PASSWORD - password from network
USE_IPSEC - use IpSec
VPN_IPSEC - IpSec shared secret

  • import configuration on Mikrotik ltap mini lte kit
/import file-name=mikrotik.rsc

Manual Configuration instead of using bash script

/interface lte
set [ find ] name=lte1
/interface bridge
add admin-mac=74:4D:28:5C:F5:7C auto-mac=no comment=defconf name=bridge
add dhcp-snooping=yes fast-forward=no igmp-snooping=yes name=bridge2
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
add authentication-types=wpa-psk,wpa2-psk eap-methods="" \
    management-protection=allowed mode=dynamic-keys name=Mitsubishi \
    supplicant-identity="" wpa-pre-shared-key=<MITSUBISHI_PASSWORD> \
    wpa2-pre-shared-key=<MITSUBISHI_PASSWORD>
add authentication-types=wpa-psk,wpa2-psk management-protection=allowed mode=\
    dynamic-keys name=<WIFI_SSID> supplicant-identity=MikroTik \
    wpa-pre-shared-key=<WIFI_PASSWORD> wpa2-pre-shared-key=<WIFI_PASSWORD>
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n country=canada disabled=no \
    frequency=2422 frequency-mode=superchannel mode=ap-bridge name=\
    WiFi_Router security-profile=<WIFI_SSID> ssid=<WIFI_SSID> wireless-protocol=\
    802.11
add disabled=no mac-address=<PHONE_MAC> master-interface=WiFi_Router \
    mode=station-pseudobridge-clone name=MitsubihiWiFI security-profile=\
    Mitsubishi ssid=<MITSUBISHI_SSID> station-bridge-clone-mac=<PHONE_MAC> \
    wds-default-bridge=bridge
/ip pool
add name=dhcp ranges=192.168.88.100-192.168.88.254
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge name=dhcp1
/ppp profile
set *0 change-tcp-mss=default local-address=192.168.189.2 remote-address=\
    192.168.120.2 use-compression=yes use-encryption=yes
add name=vpn use-compression=yes use-encryption=required
/interface pptp-client
add allow=mschap2 connect-to=<CLOUD_IP> dial-on-demand=yes disabled=no \
    keepalive-timeout=disabled name=RemoteCtrlVpn password=<CLOUD_PASSWORD> profile=vpn \
    user=<CLOUD_USER>
/user group
add name=none
/interface bridge port
add bridge=bridge comment=defconf interface=ether1
add bridge=bridge comment=defconf interface=WiFi_Router
add bridge=bridge2 interface=MitsubihiWiFI trusted=yes
add bridge=bridge interface=<WIFI_SSID>
add bridge=bridge comment=defconf disabled=yes interface=LAN
/interface bridge settings
set allow-fast-path=no
/ip neighbor discovery-settings
set discover-interface-list=LAN
/interface list member
add interface=lte1 list=WAN
add interface=bridge list=LAN
/ip address
add address=192.168.88.1/24 interface=ether1 network=192.168.88.0
/ip dhcp-client
add comment=defconf disabled=no
add add-default-route=no disabled=no interface=bridge2 use-peer-dns=no \
    use-peer-ntp=no
/ip dhcp-server network
add address=192.168.88.0/24 gateway=192.168.88.1 netmask=24
/ip dns
set servers=8.8.8.8
/ip firewall filter
add action=accept chain=input protocol=icmp
add action=accept chain=input dst-port=22 protocol=tcp
add action=accept chain=input connection-state=established
add action=accept chain=input connection-state=related
add action=accept chain=input in-interface=all-ppp
add action=accept chain=input
add action=accept chain=forward dst-address=192.168.8.0/24
add action=accept chain=forward dst-address=192.168.0.0/24
add action=drop chain=input in-interface-list=WAN
/ip firewall nat
add action=masquerade chain=srcnat out-interface-list=WAN
add action=masquerade chain=srcnat out-interface=bridge2
add action=masquerade chain=srcnat out-interface=all-ppp
add action=accept chain=srcnat src-address=192.168.8.0/24
add action=accept chain=srcnat dst-address=192.168.8.0/24
/ip route
add distance=1 dst-address=192.168.0.10/32 gateway=bridgeEBD2
add disabled=yes distance=1 dst-address=192.168.8.0/24 gateway=bridge2
/system clock
set time-zone-name=Europe/Kiev
/system console
set [ find ] disabled=yes
/system gps
set port=serial0
/system identity
set name=ParkingWiFi
/system leds settings
set all-leds-off=after-1h
/system routerboard settings
# Firmware upgraded successfully, please reboot for changes to take effect!
# Warning: cpu not running at default frequency
set auto-upgrade=yes cpu-frequency=550MHz silent-boot=yes
/system routerboard modem
set sim-slot=up
/system scheduler
add interval=3m name=carConnectionSchedule on-event=\
    "/system script run carConnectionCheck" policy=\
    ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
    start-date=sep/14/2020 start-time=10:37:49
add interval=3m name=LTE_Schedule on-event="/system script run check_lte" \
    policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
    start-date=sep/27/2020 start-time=05:47:22
add interval=2m name=remoteCtrlJob on-event="/system script run remoteCtrl" \
    policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
    start-date=dec/26/2020 start-time=18:58:11
/system script
add dont-require-permissions=no name=carConnectionCheck owner=admin policy=\
    ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source="\
    \n:local HOST \"192.168.8.46\"\
    \n:local PINGCOUNT 3\
    \n:local INT \"bridge2\" \
    \n:if ([/ping address=\$HOST interface=\$INT count=\$PINGCOUNT]=0) do={\
    \n:global name=\"tunnel_car\" 0\
    \n/log error \"\$INT is down\"\
    \n\
    \n/interface wireless disable MitsubihiWiFI\
    \n# /log error \"MitsubihiWiFI DISABLED\"\
    \n/delay delay-time=6\
    \n/interface wireless enable MitsubihiWiFI\
    \n# /log error \"MitsubihiWiFI ENABLED\"\
    \n# /delay delay-time=15\
    \n} else={\
    \n:global name=\"tunnel_car\" 1\
    \n}\
    \n"
add dont-require-permissions=no name=check_lte owner=admin policy=\
    ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source="\
    \n:local HOST \"8.8.8.8\"\
    \n:local PINGCOUNT 3\
    \n:local INT \"lte1\" \
    \n:global counter;\
    \n\
    \n:if ([/ping address=\$HOST interface=\$INT count=\$PINGCOUNT]=0) do={\
    \n:set counter (\$counter+1);\
    \n:if (\$counter >3) do={\
    \n :global name=\"lte_check\" 0\
    \n /log error \"\$INT is down\"\
    \n}\
    \n} else={\
    \n:global name=\"lte_check\" 1\
    \n:global name=\"counter\" 0\
    \n# /log info \"\$INT is up\"\
    \n}\
    \n\
    \n"
add dont-require-permissions=no name=remoteCtrl owner=vassio policy=\
    ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source="\
    \n:local HOST \"192.168.122.1\"\
    \n:local PINGCOUNT 3\
    \n:local INT \"RemoteCtrlVpn\" \
    \n:if ([/ping address=\$HOST interface=\$INT count=\$PINGCOUNT]=0) do={\
    \n:global name=\"tunnel_Remote_Ctrl\" 0\
    \n/log error \"\$INT is down\"\
    \n} else={\
    \n:global name=\"tunnel_Remote_Ctrl\" 1\
    \n}\
    \n"
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN
/tool sms
set port=lte1 receive-enabled=yes

Where
CLOUD_IP - IP from the server inside hetzner cloud
CLOUD_USER - PPTP Username (step 8)
CLOUD_PASSWORD - PPTP password (step 8)
WIFI_SSID - Network name with access to the Internet and the Car network
WIFI_PASSWORD - password from network
MITSUBISHI_SSID - Name of network in OUTLANDER PHEV (REMOTE55peee)
MITSUBISHI_PASSWORD - password from network
PHONE MAC - password from network
set sim-slot=up - use upper SIM card

Change Application with VPN access

  1. Download OUTLANDER_PHEV.apk from github release
  2. install OUTLANDER_PHEV.apk on phone
  3. set cloud ip on Phone storage /storage/emulated/0/phev/ip.txt
  4. set port 7894 on Phone storage /storage/emulated/0/phev/port.txt

Build Application with VPN access (Optional)

Instead of using release version of application you can build your own

git clone https://github.com/vzakharchenko/remote-ctrl-gsm
./generateKey.sh
cd cloud
./buildAndSignCloudApk.sh

install OUTLANDER_CLOUD_PHEV.apk on phone

Clone this wiki locally