SmartSDR v3.8.19 and the SmartSDR v3.8.19 Release Notes | SmartSDR v2.12.1 and the SmartSDR v2.12.1 Release Notes
SmartSDR v1.12.1 and the SmartSDR v1.12.1 Release Notes
Power Genius XL Utility v3.8.8 and the Power Genius XL Release Notes v3.8.8
Tuner Genius XL Utility v1.2.11 and the Tuner Genius XL Release Notes v1.2.11
Antenna Genius Utility v4.1.8
Need technical support from FlexRadio? It's as simple as Creating a HelpDesk ticket.
Remote connections between SmartSDR and 6700 without SmartLink
I need to access my Flex 6700 from multiple locations, but I don't want to use SmartLink as a connection broker. Had someone managed to create such configurations (using VPN, port forwarding on your firewalls, 1:1 NAT, etc? I could not find relevant information in the documentation available. Since LAN connection on the same subnet works just fine, I obviously can sniff IP traffic and find out all the details, just want to save myself some time.
Thanks,
Gene W3UA
Best Answer
-
Gene
On a local LAN, the radio broadcasts is IP address to the entire subnet and the client hears it and then shows it in the radio chooser.
If remote, you will require a VPN that supports Layer 2 broadcasts on the same subnet as SmartSDR does not have a direct IP addressing option. That feature has been requested. SmartSDR for MAC does.
In your case, the reliable and easy solution is to use SoftEther VPN. Be aware that LAN traffic is not compressed. SmartLink traffic is compressed so it uses less bandwidth.
The details are published here: http://wiki.flexradio.com/index.php?title=SmartSDR_Ethernet_API under discovery protocol and how we use VITA49.
73
1
Answers
-
Hi Gene, SoftEther VPN can be used (I think it was the solution before SmartLink came into being), but SmartLink works much better. Is there a specific reason you want to stay away from SmartLink?
0 -
Hi Gene,
Several configuration were discussed previously, mostly when SmartLink had some issues and was not available. You can find those discussions here in the forum.
If you want to go with your own solution and you do not have the hardware in place yet (routers, computers) I suggest you to find routers which integrate VPN servers. For example, Mikrotik routers have OpenVPN integrated and I'm sure other brands have similar solutions too.
This way you don't need any computer at the remote site, stability and reliability will be improved.
73, Max
0 -
Thanks Len,
The main reason I want to stay away from SmartLink is its privacy/security. I don't want to depend on some third party identity management service in this particular case. I have no idea how they manage my credentials and other information. Especially if it does not provide me with any added value. I just need to connect my own resources, why should I depend on the third party? And I simply hate using usernames and passwords ;)
I use VPNs everywhere, the problem is with network discovery and connection establishment. I know IP addresses of Flex and remote computers (both Maestro and desktops with SmartSDR). I have solid connectivity between the sites. The only problem is that Flex and remotes are on different subnets, and SmartSDR does not allow manual configuration. So, effectively, my question is -- how does SmartSDR search for the Flexes on LAN? Broadcasts? In the worst case scenario I'll wireshark the traffic and figure it out, then set firewall rules, NATs and policy routes accordingly, but maybe someone did that already, so I just can use somebody else's wisdom...
73, Gene W3UA0 -
Gene,
SmartSDR allows manual IP configuration when done from a local computer. The other option is configure the DHCP to provide a fixed, known IP to the radio.
0 -
Thanks Mike,
That really answers my question. Will configure my VPNs accordingly. Also, will be waiting for manual IP configuration in Win SmartSDR and Maestro.
Another question arises then -- why SmartSDR compresses traffic when it's routed through SmartLink, but not locally? If it's a lossless compression, it makes sense to compress it always, and if it's lossy, then it would nice to have a toggle in SmartSDR to switch compression on and off. Sounds like a feature request ;) . But definitely not urgent. I would rather see Oauth2 authentication in SmartLink, allowing people to select their trusted identity providers. It would be much better than obsolete "second factor" with SMS of OTP.
Case closed, thanks a bunch.
73, Gene W3UA0 -
On a local LAN, the compression would not be significant enough to make a performance difference. On a SmartLink connection, every bit helps.
I can't remember if it is lossless or lossy but I do know that they a bunch of testing on it a long time ago (I wasn't involved).
A lot of the way a solution comes together is related to the KISS model and ensuring that it doesn't result in a LOT of post-sales support phone calls. And, we agree, there may be better or different ways but can the install base (customers) handle the technology. Look at LOTW as an example. :)
73
0 -
Mike,
I totally agree. Learning curve is everything; the good news with SDR (versus LotW) is that the customer base is a bit more tech savvy. But LotW set a great example, how need overpowered the complexity. But this topic is kinda unrelated to the content of the thread, so I would rather discuss it in private. If you are interested, of course.
Thanks again for your help. Just trying to figure out, why UDP broadcasts don't go through this particular SSL VPN. Will check IPSec one later tonight.
73 Gene W3UA0 -
I’ll just mention some things about the identity stuff.
you are opening two ports in your firewall to the radio, not any PC. You create the email and password. It should not be the password for that email account. You don’t even need to use a valid email, unless you plan to use the forgot password recovery. You set up the username and password in your client one time, so you do not need to enter it every time. And last, the SmartLink server only knows the external IP and the radio that resides there.
One more note from someone who has been down the VPN path before. With default settings using VPN I was using more than 1 gigabyte of data per hour. Depending on you service provider at both ends, you might get flagged as a “heavy user”. Also it will not play very well over a so-so cellular connection. The low data mode in SmartSDR for IOS works well on poor connections. Just tested my Verizon “5G” speed at my kitchen table and got a whopping 1.14 Mbps upload and I am in a very populated area 30 miles from NYC.
If the VPN works for you then good! If not, at least you have some idea of what information is shared.
73
Dave wo2x
1 -
Dave,
Radio IS a computer, so having it accessible by an outside connection poses security risk. At least theoretically. I decided to give SmartLink a try, so for that purpose I moved the radio to the DMZ subnet (which is shared by various cloud gizmos like Nest thermostats, Alexas and Chinese surveillance video cameras) which does not have access to my internal network. Then I created username and password, just to discover that SmartLink uses Auth0 for user management. It immediately raised the question -- why don't they use better authentication, which can be integrated in just a couple of hours, and would satisfy both security paranoiacs like myself, and those who simply value convenience and like to login without usernames and passwords? Second factor as an added benefit, without much of a hassle. Integration is easier than adding WSJT to SmartSDR. I did that last night, it took me more than two hours to put together all the pieces. Excellent Mike's youtube video really helped, but connecting amplifier, logger, configuring various parameters, figuring out times, delays, etc. took time. Auth0 integration is much easier to do IMHO ;)
73
Gene W3UA0 -
Parallels Access.
0
Leave a Comment
Categories
- All Categories
- 289 Community Topics
- 2.1K New Ideas
- 530 The Flea Market
- 7.5K Software
- 6K SmartSDR for Windows
- 146 SmartSDR for Maestro and M models
- 359 SmartSDR for Mac
- 249 SmartSDR for iOS
- 230 SmartSDR CAT
- 172 DAX
- 352 SmartSDR API
- 8.7K Radios and Accessories
- 7K FLEX-6000 Signature Series
- 20 FLEX-8000 Signature Series
- 841 Maestro
- 43 FlexControl
- 847 FLEX Series (Legacy) Radios
- 793 Genius Products
- 415 Power Genius XL Amplifier
- 277 Tuner Genius XL
- 101 Antenna Genius
- 243 Shack Infrastructure
- 166 Networking
- 404 Remote Operation (SmartLink)
- 130 Contesting
- 630 Peripherals & Station Integration
- 125 Amateur Radio Interests
- 869 Third-Party Software