FAQ

How can I access my TinyPilot device over the Internet?

You can access your TinyPilot device over the Internet with a third-party cloud access tool (recommended) or by forwarding ports from your router.

Third-party cloud access tools

Our recommended third-party cloud access tool is Tailscale. It is easy to set up, offers excellent performance, and supports H.264 when STUN is enabled. Our guide to Tailscale explains how to get set up.

Other options include remote.it and ZeroTier. However, some third-party cloud access tools only support some of TinyPilot's features, and performance can vary, so we'd suggest Tailscale for most users.

Port forwarding from your router

Warning: Exposing your TinyPilot device to the public Internet is inherently risky. Review the risks section before choosing this option.

If third-party cloud access tools are not a match for your needs, you can alternatively configure your router to forward network requests to your TinyPilot device.

  1. (Strongly recommended) Ensure that you have set a strong username and passphrase on your TinyPilot device.
  2. Configure your router to forward port 443 to the IP address of your TinyPilot device.
  3. (Recommended) Limit your TinyPilot device's exposure by setting firewall rules on your router.

    • Only allow connections from known IP address ranges.
    • Control when the rule is active using time-based access.
    • Restrict allowed protocols to HTTPS only.
  4. Find your current IP address using a tool like Duck Duck Go.

After you configure port forwarding on your router, you'll be able to access your TinyPilot from anywhere on the Internet through your public IP address. For example, if your public IP address is 172.16.123.45, your TinyPilot will be accessible from https://172.16.123.45:443.

If your ISP does not provide you with a fixed public IP, you can use a dynamic domain name provider, such as No-IP, to obtain a fixed URL for accessing your device even when its IP changes.

Risks of port forwarding

Using port forwarding presents a number of risks.

  • Drastically expands the TinyPilot's attack surface.
  • Increases vulnerability to brute force attacks on your TinyPilot's credentials.
  • Exposes any undiscovered security vulnerabilities in TinyPilot's software or its dependencies.

Due to these risks, we recommend using one of the third-party remote access solutions above. The advantage of those services is that they're designed to withstand attacks from the public Internet, and they present a much smaller and more difficult target for an attacker to compromise.