• Have you tried out dark mode?! Scroll to the bottom of any page to find a sun or moon icon to turn dark mode on or off!

diy solar

diy solar

[tutorial] EG4 Monitor App LOCAL CONNECT over VPN

kevinforestdude

New Member
Joined
Nov 27, 2024
Messages
9
Location
Canada
If you have EG4 PowerPro / LL / LifePower batteries and Luxpower / EG4 6000XP,12k,18k inverter... you likely tried the EG4 monitor app.

Of course, you can sign-up for an account (if your Dongle plays nice, my green LED just blinks...) and access via https://monitor.eg4electronics.com/ ... but for secure remote access, you don't need that! Nor do you need SolarAssist payment (and buying a Raspberry Pi). No docker container running https://github.com/celsworth/lxp-bridge to forward MQTT to Home Assistant (although that project works and is very cool).

What if I told you, you can access this "Local Monitor" even via secure VPN?! Yes you can!

1734714433148.png

Dongle actually has 2 wifi networks:
- CLIENT: do "Dongle Connect" setup once to connect to your home wifi, dongle gets IP like 192.168.1.253
- ACCESS POINT: SSID = Serial number of your dongle, your phone would get IP 10.10.10.2

1734714601794.png

The "Local Connect" feature in EG4 Monitor has a hardcoded IP address of 10.10.10.1 port 8000... it assumes you are connected to the local SSID (eg: BC30500005), but obviously being physically near the inverter and connecting to the internetless AP is annoying... let alone impossible remotely.

I have the newer E-Wifi series starting with "DJ", either way they are basically cheap ESP microcontrollers.

Wifi Dongle:
1734713754208.png

Tutorial:
- Add an IP alias to your router/Linux ethernet interface of choice, eg: Pfsense
1734714973301.png
- Now everything connected to my OpenVPN server / home wifi knows how to talk to "10.10.10.1" virtual IP address.
- Create a port forward, from 8000 to the IP address of dongle on CLIENT (eg: 192.168.1.253) given from your house wifi.
1734715106826.png
- Don't forget to repeat for VPN interface and adjust any firewall rules if needed.

I tried all kinds of nonsense with bridges, IP tables, UFW, socat, SSH tunneling, static routes... but in the end, this was the cleanest solution. The Dongle will reply back on 192.168.1.x network but your phone with the app thinks it is coming from 10.10.10.1.

Physical Setup:
- 6000XP Inverter "BAT COMM" rj45 port --> EG4 PowerPro 280AH battery CAN bus rj45 port via regular shielded ethernet cable (no special pinout).
- RS485 port on battery can be connected simultaneously to your IOT device of choice with USB adapter (https://www.amazon.ca/dp/B081NBCJRS) and homemade RJ-45 cable with pinout (Orange=2=A, Orange-White=1=B)
- Inverter has Setting 3 - BRAND = 6 (luxpower)
- Battery has CAN = P07-LUX and RS485 = P01-EG4. Dip Switches = ID1 (Down, Up, Up, Up, Up, Up)
-- Could likely switch protocol back to P0-EG4/LUX on battery (need to flip all switches up to 64 to enable write access) and inverter Brand = 0 (EG4), haven't re-tried.
- https://github.com/celsworth/lxp-bridge/wiki/Inputs confirmed it can also connect to port 8000 on the dongle to dump HOLD and INPUT registers.
- Confirmed I can also connect via ttyUSB0(RS485), dump battery cell voltages, etc

Everything "just works" with this setup... documenting here for those with Google Fu and future me (probably) when I forget.

I run this on an Lenovo laptop running AMD Ryzen 4450U APU, its very power efficient. With lid closed, CLI only, its pulling less than 10w from the wall while logging data via wifi, hosting docker containers, router, OpenVPN server... Plan on powering via 48V battery terminals -> USB-C charger once its off-grid with Starlink.
 
Last edited:
Thank you kevinforestdude !!!!!!!!!!! This is awesome, great findings and great write up. This is also why I love this forum.
 
Thank you!
I'm convinced EG4 makes local management as difficult as possible so they can sell more "dongles" and keep recieving our data for resale. I live off grid - there's no reason I shouldn't be able to monitor my own system locally via LAN without having to go through the EG4 cloud servers.
 
If you have EG4 PowerPro / LL / LifePower batteries and Luxpower / EG4 6000XP,12k,18k inverter... you likely tried the EG4 monitor app.

Of course, you can sign-up for an account (if your Dongle plays nice, my green LED just blinks...) and access via https://monitor.eg4electronics.com/ ... but for secure remote access, you don't need that! Nor do you need SolarAssist payment (and buying a Raspberry Pi). No docker container running https://github.com/celsworth/lxp-bridge to forward MQTT to Home Assistant (although that project works and is very cool).

What if I told you, you can access this "Local Monitor" even via secure VPN?! Yes you can!

View attachment 264378

Dongle actually has 2 wifi networks:
- CLIENT: do "Dongle Connect" setup once to connect to your home wifi, dongle gets IP like 192.168.1.253
- ACCESS POINT: SSID = Serial number of your dongle, your phone would get IP 10.10.10.2

View attachment 264380

The "Local Connect" feature in EG4 Monitor has a hardcoded IP address of 10.10.10.1 port 8000... it assumes you are connected to the local SSID (eg: BC30500005), but obviously being physically near the inverter and connecting to the internetless AP is annoying... let alone impossible remotely.

I have the newer E-Wifi series starting with "DJ", either way they are basically cheap ESP microcontrollers.

Wifi Dongle:
View attachment 264374

Tutorial:
- Add an IP alias to your router/Linux ethernet interface of choice, eg: Pfsense
View attachment 264381
- Now everything connected to my OpenVPN server / home wifi knows how to talk to "10.10.10.1" virtual IP address.
- Create a port forward, from 8000 to the IP address of dongle on CLIENT (eg: 192.168.1.253) given from your house wifi.
View attachment 264382
- Don't forget to repeat for VPN interface and adjust any firewall rules if needed.

I tried all kinds of nonsense with bridges, IP tables, UFW, socat, SSH tunneling, static routes... but in the end, this was the cleanest solution. The Dongle will reply back on 192.168.1.x network but your phone with the app thinks it is coming from 10.10.10.1.

Physical Setup:
- 6000XP Inverter "BAT COMM" rj45 port --> EG4 PowerPro 280AH battery CAN bus rj45 port via regular shielded ethernet cable (no special pinout).
- RS485 port on battery can be connected simultaneously to your IOT device of choice with USB adapter (https://www.amazon.ca/dp/B081NBCJRS) and homemade RJ-45 cable with pinout (Orange=2=A, Orange-White=1=B)
- Inverter has Setting 3 - BRAND = 6 (luxpower)
- Battery has CAN = P07-LUX and RS485 = P01-EG4. Dip Switches = ID1 (Down, Up, Up, Up, Up, Up)
-- Could likely switch protocol back to P0-EG4/LUX on battery (need to flip all switches up to 64 to enable write access) and inverter Brand = 0 (EG4), haven't re-tried.
- https://github.com/celsworth/lxp-bridge/wiki/Inputs confirmed it can also connect to port 8000 on the dongle to dump HOLD and INPUT registers.
- Confirmed I can also connect via ttyUSB0(RS485), dump battery cell voltages, etc

Everything "just works" with this setup... documenting here for those with Google Fu and future me (probably) when I forget.

I run this on an Lenovo laptop running AMD Ryzen 4450U APU, its very power efficient. With lid closed, CLI only, its pulling less than 10w from the wall while logging data via wifi, hosting docker containers, router, OpenVPN server... Plan on powering via 48V battery terminals -> USB-C charger once its off-grid with Starlink.
I have the ethernet dongle and am amazed I cannot connect locally, only via EG4s cloud server. Do you have any tips for coneccting locally over LAN? We don't use wifi or BT. Thanks for all this data!
Daniel
 
I have the ethernet dongle and am amazed I cannot connect locally, only via EG4s cloud server. Do you have any tips for connecting locally over LAN? We don't use wifi or BT. Thanks for all this data!
Daniel
my understanding is, port 8000 is not open on the ethernet adapters, so it wont work, period. you can try nmap it to confirm yourself if any listening ports. its only making outgoing connections to internet AFAIK.
 
You can do the same with just NAT, DNAT specifically. I have a rule in my router that traffic FROM my network TO 10.10.10.1 should be translated to 192.168.x.y (x.y is the singles IP address)
 

diy solar

diy solar
Back
Top