Welcome to the new FlexRadio Community! Please review the new Community Rules and other important new Community information on the Message Board.
Need the latest SmartSDR, Power Genius, Tuner Genius and Antenna Genius Software?
SmartSDR v3.8.20 and the SmartSDR v3.8.20 Release Notes
SmartSDR v2.12.1 and the SmartSDR v2.12.1 Release Notes
Power Genius XL Utility v3.8.9 and the Power Genius XL Release Notes v3.8.9
Tuner Genius XL Utility v1.2.11 and the Tuner Genius XL Release Notes v1.2.11
Antenna Genius Utility v4.1.8
SmartSDR v3.8.20 and the SmartSDR v3.8.20 Release Notes
SmartSDR v2.12.1 and the SmartSDR v2.12.1 Release Notes
Power Genius XL Utility v3.8.9 and the Power Genius XL Release Notes v3.8.9
Tuner Genius XL Utility v1.2.11 and the Tuner Genius XL Release Notes v1.2.11
Antenna Genius Utility v4.1.8
If you are having a problem, please refer to the product documentation or check the Help Center for known solutions.
Need technical support from FlexRadio? It's as simple as Creating a HelpDesk ticket.
Need technical support from FlexRadio? It's as simple as Creating a HelpDesk ticket.
Remote access via VPN
KC9EI - Dave
Member ✭✭
There are 4400+ conversations regarding VPN and remote access. I "think" I may be overlooking the obvious but here is my question:
Setup:
WIN10 Professional
Firewall: PFsense - HA
VPN is PFsense's OpenVPN
Using hotspot from phone but have tried numerous hotspots with same results.
I can connect the VPN fine via an outside the firewall hotspot.
I am able to ping all my local IP's
I can remotely monitor local IP cameras with no issues.
BUT,,,, I cannot get the DAX or CAT functions to connect, even though for my purposes I appear to be on the local subnet and pingable.
My IP assigned by the VPN is "not" on the same subnet as the local site. Since the local IPs re pingable, doesn't this mean the networks are "bridged" already?
Any suggestions are appreciated.
See you all in Dayton!!
Setup:
WIN10 Professional
Firewall: PFsense - HA
VPN is PFsense's OpenVPN
Using hotspot from phone but have tried numerous hotspots with same results.
I can connect the VPN fine via an outside the firewall hotspot.
I am able to ping all my local IP's
I can remotely monitor local IP cameras with no issues.
BUT,,,, I cannot get the DAX or CAT functions to connect, even though for my purposes I appear to be on the local subnet and pingable.
My IP assigned by the VPN is "not" on the same subnet as the local site. Since the local IPs re pingable, doesn't this mean the networks are "bridged" already?
Any suggestions are appreciated.
See you all in Dayton!!
0
Answers
-
I don't know if PFsense has the option to choose TAP or TUN protocol check and make sure you are using the TAP protocol. I am using OpenVPN via Asus router with securepoint VPN for the Client. Everything works just like it was on the same LAN. I have to use this option because my ISP appears not to support fragmented packets so Smartlink does not work very good (ie..no waterfall) On a side note my latency is about 50ms better on VPN than smartlink and I can use my antenna rotor software,and DAX so VPN kinda works better for me.1
-
I would start with turning off your firewall. These seem to be the source of most problems when working on a local subnet.0
-
Clarification: the PC software firewall, not the network firewall0
-
I will check it
Thank you all
0 -
Hi,
I believe the answer is NO to the question: "My IP assigned by the VPN is not on the same subnet as the local site. Since the local IPs re pingable, doesn't this mean the networks are bridged already?"
Flex radio discovery API wants the radio base to be in the same broadcast domain as the client -- IPs within the same subnet.
I can ping my radio base from my WAN VPN just fine, but flex radio discovery does not work and SmartSDR (and Maestro) have no provision to specify the target radio IP manually, such as when not on the same subnet. There is further discussion about this here, and some work-arounds: https://community.flexradio.com/flexradio/topics/will-maestro-smartsdr-2-0-support-connecting-to-a-l...
-Mark KC3DRE
1 -
I'm in the same boat as Mark regarding Flex discovery with my VPN. I can ping the radio and I can use every other piece of IP connected gear on my network when connected via VPN, but the lack of a provision to "connect by IP" to the radio is a shortcoming in SSDR to me.
Flex has made their position clear on this, and we just disagree.
73,
Doug K4DSP
2 -
In this day and age it's just ridiculous to restrict the network connectivity. I can access my IC7800 from anywhere by IP.
Cliff, G4PZK
2 -
The PFsense forums always provide a wealth of information. You need a bridged VPN.
https://forum.pfsense.org/index.php?topic=38605.0
0 -
Unfortunately, in many WAN and multi-subnet LAN environments, passing broadcast packets is either impossible or undesirable. Broadcast traffic is considered network noise by those who work on network performance problems, not something you would want passing over a potentially bandwidth constrained remote link.
I cannot use my Maestro or SmartSDR on my existing WiFi infrastructure, because the configuration (deliberately) uses a different subnet than the wired ethernet. I set up a separate same-subnet wifi access point exclusively for access to the Flex Radio base! (Why should I have to do this?)
I cannot use my Cisco AnyConnect VPN and existing ASA firewalls for remote Maestro or SmartSDR Flex access, even though it works great for security cameras, remote climate control apps, media streaming, SmarSDR for iOS (allows entering target radio IP address!) and native iOS VPN, other remote radio control solutions, and remote voice-over-IP access.
I cannot access my Flex from SmartSDR in VMware Fusion on a WiFi connected Mac Laptop, because WiFi adapters can't be put into promiscuous mode for the sake of guest VM traffic and a shared guest IP interface.
I cannot use my Maestro at my office, because the site to site IPSEC WAN VPN cannot pass broadcast traffic, and due to security constraints I cannot change that.
I cannot use my Maestro or SmartSDR from my favorite vacation spot, because of the broadcast VPN limitations, and hotel NAT that is incompatible with SmartLink, yet otherwise works just great with my AnyConnect SSL VPN.
If there were a simple box where I could enter the target radio IP address, all these "cannots" would be "can" and I would be a happy customer. "Flex" is an amazing and awesome piece of radio gear, but when it comes to networking is UN-FLEXIBLE due to this basic fundamental SmarSDR client-enforced limitation.
1 -
Mark,
I'd even be happy with a command line option, something like:
SmartSDR.exe -a 192.168.0.100
73,
Doug K4DSP
1 -
Seems we are back to begging for the ability to use our radios...0
Leave a Comment
Categories
- All Categories
- 294 Community Topics
- 2.1K New Ideas
- 538 The Flea Market
- 7.6K Software
- 6K SmartSDR for Windows
- 139 SmartSDR for Maestro and M models
- 337 SmartSDR for Mac
- 251 SmartSDR for iOS
- 226 SmartSDR CAT
- 175 DAX
- 345 SmartSDR API
- 8.8K Radios and Accessories
- 7K FLEX-6000 Signature Series
- 46 FLEX-8000 Signature Series
- 860 Maestro
- 45 FlexControl
- 838 FLEX Series (Legacy) Radios
- 809 Genius Products
- 425 Power Genius XL Amplifier
- 280 Tuner Genius XL
- 89 Antenna Genius
- 246 Shack Infrastructure
- 168 Networking
- 377 Remote Operation (SmartLink)
- 130 Contesting
- 644 Peripherals & Station Integration
- 116 Amateur Radio Interests
- 882 Third-Party Software