Setting Up VPN

A WireGuard VPN ensures secure, low-latency communication between the QuadroFleet drone and the operator’s device. This guide covers setting up the VPN server and client configurations.

Prerequisites

  • A Virtual Private Server (VPS) or local PC with a public IP address.
  • Admin access to install WireGuard.
  • A PC or smartphone for the operator’s control application.
  • The drone’s OpenIPC camera with a 4G/5G modem and SIM card.

Step 1: Install WireGuard on the VPN Server

  1. On your VPS or local PC (Ubuntu/Debian recommended):

    sudo apt update
sudo apt install wireguard

  2. Generate private and public keys:

    wg genkey | tee /etc/wireguard/privatekey | wg pubkey > /etc/wireguard/publickey
    • Private key example: sHxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxFM=
    • Public key example: lYxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx08=

    In the same way generate private and public keys for operator's device and drone:

    • sHxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxFM= - private key of VPN server

    • lYxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx08= - public key of VPN server

    • yIxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxG4= - private key of Operator Device (PC/Phone)

    • VGxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxnk= - public key of Operator Device (PC/Phone)

    • QExxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxXY= - private key of Drone (OpenIPC Camera)

    • TmxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxEc= - public key of Drone (OpenIPC Camera)

  3. Create the WireGuard configuration file (/etc/wireguard/wg0.conf):

    [Interface]
Address = 10.253.0.1/24
ListenPort = 51820
PrivateKey = sHxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxFM=

[Peer]
# Operator Device (PC/Phone)
PublicKey = VGxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxnk=
AllowedIPs = 10.253.0.3/32

[Peer]
# Drone (OpenIPC Camera)
PublicKey = TmxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxEc=
AllowedIPs = 10.253.0.2/32

  4. Start the WireGuard service:

    sudo systemctl enable wg-quick@wg0
sudo systemctl start wg-quick@wg0

  5. Open the firewall port (51820/UDP):

    sudo ufw allow 51820/udp

Step 2: Configure the Operator Device

  1. Install WireGuard on your PC or smartphone:
    • Ubuntu/Debian: sudo apt install wireguard
    • Windows/macOS: Download from WireGuard
    • Android/iOS: Install the WireGuard app from the Google Play.
  2. Create a client configuration file: 
    [Interface]
PrivateKey = yIxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxG4=
Address = 10.253.0.3/24

[Peer]
PublicKey = lYxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx08=
AllowedIPs = 10.253.0.0/24
Endpoint = <VPS_PUBLIC_IP>:51820
PersistentKeepalive = 25
    • Replace PrivateKey and PublicKey values.
    • Replace <VPS_PUBLIC_IP> with your VPS’s public IP address.
  3. Activate the VPN tunnel:
    • On Windows: Run WireGuard application and activate new connection
    • On Linux: wg-quick up ./client.conf
    • On mobile: Import the config file into the WireGuard app and activate.

Step 3: Configure the Drone’s OpenIPC Camera

  1. Access the camera’s web interface (default IP via DHCP).
  2. Navigate to Extensions > WireGuard and set: 
    [Interface]
PrivateKey = QExxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxXY=

[Peer]
PublicKey = lYxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx08=
AllowedIPs = 10.253.0.0/24
Endpoint = <VPS_PUBLIC_IP>:51820
PersistentKeepalive = 25
    • Replace PrivateKey and PublicKey values.
    • Replace <VPS_PUBLIC_IP> with your VPS’s public IP address.
  3. Update the network interface configuration: 
    auto wg0
iface wg0 inet static
   address 10.253.0.2
   netmask 255.255.255.0
   pre-up modprobe wireguard
   pre-up ip link add dev wg0 type wireguard
   pre-up wg setconf wg0 /etc/wireguard.conf
   post-down ip link del dev wg0
  4. Reboot the camera to apply changes.

Step 4: Verify Connectivity

  • Ping the drone’s VPN IP (10.253.0.2) from the operator device (10.253.0.3).
  • Ensure the camera’s web interface is accessible over the VPN.
  • Test UDP communication using the QuadroFleet desktop or mobile application.

Notes

  • Use a VPS with low-latency connectivity (e.g., AWS, DigitalOcean or IONOS VPS for 1$/mo) for optimal performance.
  • Installing a VPN Server on the local PC will reduce latency, but it means more configuration difficulties.
  • If using a local PC as the VPN server, configure port forwarding (51820/UDP) on your router.
  • Ensure the SIM card has sufficient data and supports 4G/5G in your area.