Welcome to the new FlexRadio Community! Please review the new Community Rules and other important new Community information on the Message Board.
If you are having a problem, please check the Help Center for known solutions.
Need technical support from FlexRadio? It's as simple as Creating a HelpDesk ticket.

Part 1: Raspberry Pi SoftEther Server Setup for Remote Access to your Flex 6000 Radio

K6OZYK6OZY Member ✭✭
edited April 3 in SmartSDR for Windows
In preparation for Maestro release, I have made the first of two videos on how to setup SoftEther for remote access. I know this has been posted before by Stu, but I'm hoping this video guide will help answer some questions those not famliar with Linux may have. This video applies to both SmartSDR and Maestro users. Part 2 will be a setup guide specifically for Maestro users who want to do remote access from day 1 until the native VPN client is completed. Part 2 depends on Part 1, so build yourself a server ahead of time and buy two Raspberry PI's while you're at it.


«1

Comments

  • Mike va3mwMike va3mw Member ✭✭
    edited February 2018
    Thanks Chris.  Nicely done.  I am sure this will help out many others.

    Mike va3mw

  • Lawrence Kellar KB5ZZBLawrence Kellar KB5ZZB Member ✭✭
    edited February 2017
    Concerning part two, would one be able to use that solution with a typical VPN solution like the one that comes with the ASUS routers
  • Mike va3mwMike va3mw Member ✭✭
    edited February 2018
    The Softether solution has a few parts.  The server (at the radio), the client where you SSDR or Maestro is and then the firewall/router,  just like Lawrence asked.  

    All you have to do is on you Asus router is to forward one port on your Router.  It is called either NAT or Port Forwarding.  Both are the same thing.  The default port is 5555 as described.

    This might help  http://portforward.com/.

    Mike va3mw

  • Rob N4GARob N4GA Member
    edited January 2017
    Thanks K6, really appreciate the efforts.

    I'm waiting for FLEX to produce the WAN capability. 



  • W1EQXW1EQX Member ✭✭
    edited March 2018
    There is the possibility to run SoftEther directly on an ARM based router running 3rd party firmware such as Shibby Tomato on a Netgear R7000.

    Here is a reference link: http://www.vpnusers.com/viewtopic.php?f=7&t=4871 

    Obviously running SoftEther server on a dedicated Pi is fun and will limit the potential downtime risks of experimenting on your main Internet router, but heck, this is Amateur Radio! :)

    Carmine W1EQX
  • N4TTYN4TTY Member
    edited March 2018
    Is the video available directly on YouTube?  I'd like to watch fill screen, but can't from the community page.  I also couldn't find it on YouTube either.

    Steve G./N4TTY
  • W1EQXW1EQX Member ✭✭
    edited May 2016
    Here's the direct link : https://www.youtube.com/watch?v=Jduyr5vRqzA

    Carmine W1EQX
  • N4TTYN4TTY Member
    edited May 2016
    Hey Chris, how about a post of your "cheat sheet?"  It would make it easier to have it next to me as I implement your solution without having to constantly stop and start the video as I wade thru the process.  It really shows the steps you are walking us thru.

    By the way, it is a great video!  Even with the flubs, as that makes it real for us less savvy command line/linux users!!

    Steve G./N4TTY
  • Mike va3mwMike va3mw Member ✭✭
    edited September 2018
    This format was based off of this link:  http://tomearp.blogspot.ca/2013/11/setting-up-l2tpipsec-vpn-with-softether.html.

    It might help as an initial cheat sheet.
  • N4TTYN4TTY Member
    edited May 2016
    Thanks Michael!  That seems just like what the patient needed.

    Steve G./N4TTY
  • edited December 2016
    eagerly awaiting part 2
  • Cal  N3CALCal N3CAL Member ✭✭
    edited November 2016

    me too! 

  • Mike va3mwMike va3mw Member ✭✭
    edited February 2018
    Of course, this is only temporary until we do get a VPN on the Maestro.   
  • Lawrence Kellar KB5ZZBLawrence Kellar KB5ZZB Member ✭✭
    edited February 2018
    I bet there are about 50 Maestros out there with VPN enabled :-)

  • Mike va3mwMike va3mw Member ✭✭
    edited June 2016
    Actually, no. :) We tried so it turned into necessity is the mother of invention. Mike va3mw Alpha Tester
  • G4NRT_Z21NRTG4NRT_Z21NRT Mr David N Bondy Member ✭✭
    edited January 2018
    I have a number of spare Raspberry Pi 2s which I could use for this. Is there any real technical benefit in using the Pi 3? Apart from the built-in WiFi, I am not sure that I would need the additional performance that the Pi 3 offers in the VPN configuration. I'm happy to be proved wrong! David G4NRT
  • Steve K9ZWSteve K9ZW Member ✭✭✭
    edited November 2016

    Think you would be fine if the devices will run SoftEther and achieve the connectivity needed (I have the Raspberry Pi 3 SoftEther VPN Server cabled and the Raspberry Pi 3 SoftEther VPN Bridge Wireless). 

    The hardware both ends wouldn't even have to match - just the ability to run the right software.

    Items we added to Chris K6OZY's routine included changing the device name on each Raspberry Pi to make them stand out in the network logs, and I had forgotten to use a low IP address to stay static.   Winston KC9FVR wants to add another "field recovery" Static IP on the Server, like Chris K6OZY shows in the Bridge instructions, to make it possible to move server networks more easily. 

    My email is good at QRZ if I can be of any help (I followed the instructions okay!).

    Good luck and hoping it fires right up for you!

    BTW I have better than 20 Mbps network available both ends, which helps.

    73

    Steve K9ZW


  • G4NRT_Z21NRTG4NRT_Z21NRT Mr David N Bondy Member ✭✭
    edited January 2018
    Anyone planning to follow along with this tutorial should be aware that the way of setting static IP addresses seems to have changed.  The method outlined in the video didn't work for me and I had to edit /etc/dhcpcd.conf to make eth0 have a static IP rather than getting one through DHCP!

    David G4NRT (trying it on Pi 2s) 
  • G4NRT_Z21NRTG4NRT_Z21NRT Mr David N Bondy Member ✭✭
    edited December 2016
    Thanks Steve .. I was typing my comment as you were typing yours but you pressed submit first!!
  • Steve K9ZWSteve K9ZW Member ✭✭✭
    edited November 2016

    Selecting an IP that wasn't in the dynamically assigned range was my first (and biggest) error that Winston KC9FVR corrected for me.  Expect doing this is so second nature to Chris K6OZY that he wouldn't have thought someone like me would just go up one from the initial assignment when trying to put it to static. 

    When we moved down into the static assignment area all became very well quickly!

    73

    Steve K9ZW

  • G4NRT_Z21NRTG4NRT_Z21NRT Mr David N Bondy Member ✭✭
    edited December 2016
    It seems that in the May2016 Jessie build, they deprecate adding lines to /etc/network/interfaces and recommend adding lines instead to dhcpcd.conf (there is plenty of stuff on this available via Google).

    That is what I did and it worked for me.  I have the vpnserver running and am now downloading the manager.

    David G4NRT
  • Steve - N4TTYSteve - N4TTY Member
    edited May 2016
    Did you remember to comment out the line 'iface eth0 inet manual' and add in a paragraph beginning with the following two lines:
         auto eth0
         iface eth0 inet static

    then followed by the lines specific for you network?

    It worked fine for me just editing the 'interfaces' file.

    Steve G./N4TTY

  • G4NRT_Z21NRTG4NRT_Z21NRT Mr David N Bondy Member ✭✭
    edited December 2016
    Yes. I do this for a living! When my DHCP IP address was persistent, I researched the issue and found the notes about a different method. I really don't think it matters as long as one is able to drive a persistent, static IP address. I was just trying to highlight a problem which I encountered which I hoped would help others! David G4NRT
  • Steve - N4TTYSteve - N4TTY Member
    edited May 2016
    Used to do things similar to this is for a living as well, so I apologize if I gave the impression I was inferring you had done something wrong. That wasn't my intent at all.

    Your point is well taken that if it doesn't work one way, try a different approach.

    I was was just pointing out the fact that it worked for me in the way shown in the video, so maybe everyone's mileage will vary.  It is interesting that it worked one way for me and another for you.  Not that it really matters since we both have it working, but I wonder what's the real difference?

    Steve G./N4TTY
  • Steve K9ZWSteve K9ZW Member ✭✭✭
    edited November 2016

    After doing all update Winston KC9FVR mentioned something about this. 

    Between typical "I don't have a clue what you just said" and eagerness to get results I'd not captured exactly what he told me - but it was about editing a different file to get the IP set correctly. 

    I don't do any of this for a living and have to thank folk like those here for help.

    It could be really useful to do some project notes that are inclusive of the changes you all found and some of the stuff that Chris K6OZY raced through, remembering what is instinctive for you as professionals is nearly magic for someone who seldom gets to do anything command line anymore.

    Have a Maestro running on a file cabinet in my office this morning, as I want to let it run for an extended period to watch stability.  All I can do to not start watching DX Spots though....

    73

    Steve  K9ZW

  • George K7GRJGeorge K7GRJ Member
    edited June 2016
    Chris,
    Followed your video to install Softether on a Beaglebone Black running latest Debian Jessie console.  Works great!  Will use to connect to SmartSDR remotely.   Thank you.

    73 
    George Jones, K7GRJ
  • K6OZYK6OZY Member ✭✭
    edited February 2017
    I've had a few requests for scripts that I used since the video may be hard to see the details.

    My /etc/init.d/vpnserver script contains this:

    #!/bin/sh

    ### BEGIN INIT INFO

    # Provides:          vpnserver

    # Required-Start:    $local_fs $network

    # Required-Stop:     $local_fs

    # Default-Start:     2 3 4 5

    # Default-Stop:      0 1 6

    # Short-Description: vpnserver

    # Description: SoftEther VPN Server

    ### END INIT INFO


    DAEMON=/usr/local/vpnserver/vpnserver

    LOCK=/var/lock/vpnserver

    test -x $DAEMON || exit 0


    . /lib/lsb/init-functions


    case "$1" in

    start)

    $DAEMON start

    touch $LOCK

    ;;

    stop)

    $DAEMON stop

    rm $LOCK

    ;;

    restart)

    $DAEMON stop

    sleep 3

    $DAEMON start

    ;;

    *)

    echo "Usage: $0 {start|stop|restart}"

    exit 1

    esac

    exit 0

  • K6OZYK6OZY Member ✭✭
    edited February 2017
    Make sure to then run these commands after creating that file:

    chmod +x /etc/init.d/vpnserver
    service vpnserver start
    update-rc.d vpnserver defaults
  • Tim VE6SHTim VE6SH Member ✭✭
    edited March 2019
    Many thanks! 73 Tim VE6SH

Leave a Comment

Rich Text Editor. To edit a paragraph's style, hit tab to get to the paragraph menu. From there you will be able to pick one style. Nothing defaults to paragraph. An inline formatting menu will show up when you select text. Hit tab to get into that menu. Some elements, such as rich link embeds, images, loading indicators, and error messages may get inserted into the editor. You may navigate to these using the arrow keys inside of the editor and delete them with the delete or backspace key.