Remote Access
Remote Access
Remote access lets you use your QUI Core dashboard from another device — your phone, a laptop, or any browser — without being on the same network as your QUI installation.
How Remote Access Works
Two methods are available:
WebRTC P2P (Primary)
A direct peer-to-peer connection between your browser and your QUI Core instance, using WebRTC data channels:
Your browser ← WebRTC data channel (encrypted) → Your QUI Core
↕
Central hub (signaling only)
- End-to-end encrypted — the central hub only handles connection setup (signaling), not your traffic
- Full feature parity — everything works as if you were local (dashboard, Concierge, chat, terminal)
- Low latency — direct connection, no intermediate servers in the data path
The central hub exchanges connection details (SDP offers, ICE candidates) to establish the peer connection. Once connected, all traffic flows directly between your browser and your QUI Core.
Mothership Tunnel (Fallback)
When P2P connection fails (strict firewalls, symmetric NAT), traffic routes through the central hub:
Your browser → Central hub (proxy) → Your QUI Core
- Works behind strict firewalls — no direct connection needed
- Higher latency — traffic goes through an intermediate server
- Still authenticated — the hub verifies your identity before proxying
The system tries WebRTC P2P first and falls back to the tunnel automatically.
Eligibility
Remote access requires:
- Trust score ≥ 75 — your device must be trusted (see First Login)
- WebRTC P2P enabled — per-device setting in your remote access configuration
- Non-admin account — admin accounts use the tunnel, not WebRTC P2P
- Active tunnel connection — your QUI Core must have an active connection to the central hub for signaling
Setting Up Remote Access
- Open the Remote Access tab in your QUI Core dashboard
- Enable remote access for your installation
- Configure which devices can connect
- Your QUI Core establishes a tunnel to the central hub for signaling
Once enabled, you can access your QUI Core from the central hub's interface — it loads your QUI Core dashboard in an iframe with the WebRTC connection handling the traffic.
[Screenshot: Remote access settings panel]
What Works Remotely
Everything that works locally also works remotely:
- QUI Core dashboard (all tabs)
- Concierge chat with terminal access
- Service monitoring
- Billing and account management
- All settings and configuration
The remote browser renders the same QUI Core frontend — it's loaded through the WebRTC connection or tunnel proxy. Authentication headers are injected automatically so that your QUI Core recognizes you as a remote user.
Security
| Layer | Protection |
|---|---|
| Authentication | Central hub verifies your identity before allowing connection |
| Trust score | Only trusted devices (score ≥ 75) can connect remotely |
| Encryption | WebRTC data channel is encrypted end-to-end |
| Zero-knowledge | In P2P mode, the central hub sees no traffic content |
| Per-device control | You choose which devices can access remotely |
