Welcome to the new FlexRadio Community! Please review the new Community Rules and other important new Community information on the Message Board.
If you are having a problem, please check the Help Center for known solutions.
Need technical support from FlexRadio? It's as simple as Creating a HelpDesk ticket.

How you can access your Radio over the Internet (WAN) TODAY

245

Comments

  • Larry BenoitLarry Benoit Member ✭✭
    edited November 2018

    While I can't confirm that OpenVPN IOS versions work with current Asus routers (RT-N66U, RT-AC68U/P, RT-AC87U), they appear to be officially supported by Asus.  The Asus OpenVPN setup form on the RT-AC68P router includes separate links for OpenVPN for Mac OSX and iPad/iPhone IOS client software (OpenVPN Connect) and the Asus website includes an FAQ for setting up OpenVPN Connect for iPhone: http://www.asus.com/support/FAQ/1004471/

    I don't have an Apple device to test compatibility, but someone on the forum might be willing to try OpenVPN Connect for IOS and report the results.

    Parenthetically, I can report that OpenVPN Connect for Android requires the TUN interface and does not support the TAP interface.   Asus supports both, but not simultaneously. While that may be OK for ordinary VPN functions, it won't support SmartSDR (if it ever becomes available for Android), because TAP is apparently required for Ethernet bridging and/or other capabilities not supported by TUN.   

    73,

    Larry KB1VFU

  • edited May 8
    The reason I specified using SoftEther (and not OpenVPN itself) is that SmartSDR needs to see the broadcast packets from the radio discovery protocol.  These are sent as UDP broadcasts on the local subnet broadcast address.

    To see these local broadcast packets the VPN must work in bridged mode (referred to as TAP in OpenVPN).

    Although there are third party OpenVPN clients for iOS, they only support TUN mode (level 3 VPN, not level 2) because Apple does not allow third party apps to bridge traffic for security reasons.

    The Apple native VPN client supports a number of different VPN modes including L2TP, PPTP and IPSec.  The IPSEC approach is the Cisco supported VPN and to my knowledge is only available on Cisco products.  PPTP is for Windows - 'nuff said and then there is L2TP.

    L2TP is supported by the SoftEther VPN server and can be used simultaneously with all other supported modes.  So you can connect your Windows laptop using the SoftEther VPN client which has many features above and beyond the **** stock VPN support in the OS (like using simultaneous TCP sessions to maximize throughput, encryption, standard compression etc) AND then connect your iPad so you can still control the radio with K6TU Control.

    For those who are **** bent on using OpenVPN, I suggest you start a separate topic here on the community and describe the configuration in detail there.  That will be helpful to folks who want an OpenVPN solution.

    It is very easy to run the SoftEther server on a Raspberry Pi 2 and that is my preferred solution.  Its a small, low power solution and if the Pi gets compromised (hacked), I can simply re-format the microSD card and I'm done.  I don't keep any data on the Pi that I care about and so it serves as a sandbox in which to run the VPN Server.

    I also don't care for vendor implementations of VPN servers when this isn't the primary purpose of the device.  I have a file server that supports many different VPN server modes - I wouldn't turn on its VPN server functionality for any amount of money.  The file server is high performance, reliable, robust and fairly priced.  Its VPN server solution is a piece of **** and has more security holes in it than a block of swiss cheese.

    Personal choice is a wonderful thing.

    When it comes to network security (a topic BTW of which I have some modest background - check out my bio), I am paranoid and un-trusting.

    Also personal choice! :-)

    I figured that for most hams (especially those not network security wonks) the SoftEther VPN server was about as close to plug and play as one could get.

    Stu K6TU
  • Larry BenoitLarry Benoit Member ✭✭
    edited November 2018
    Thanks for confirming that OpenVPN for IOS does not support the TAP interface. As I mentioned, that is also the case for OpenVPN for Android, which means that neither current version will support SmartSDR (should a version ever be coded for either OS).  The constraints imposed by Apple don't apply to Android, so hopefully a future version will support TAP.

    Setup for OpenVPN on the Asus RT-N66U was posted here in May:
    https://community.flexradio.com/flexradio/topics/openvpn-with-asus-rt-n66u-router

    I can report that the same basic setup applies to the Asus RT-AC68P.  It takes only a minutes to configure.  A fellow ham has been using OpenVPN with an Asus RT-N66U router for weeks with excellent results (operates a 6700 and 6300).

    73,
    Larry KB1VFU



  • W5UN_DaveW5UN_Dave Member ✭✭
    edited February 2019
    As a total novice to VPN I have a question: is openVPN thru put faster than Softether VPN? I do have the SoftEther VPN configured and running. It only took me a few hours. I "messed" with openVPN for a month, and never did get it to work. I am just not knowledgeable enough, even after reading everything I could find about it on the internet. I am out here on the ranch, and there is no fiber optics within seven miles. My only choice for 'reasonable' internet is Wi-Fi. I have the Verizon home fusion which is acceptable, and am testing Sprint Wi-Fi whose upload speed is atrocious. Data limitations are the order of the day. I need a mentor for these things, hi.
  • Walt - KZ1FWalt - KZ1F Member
    edited November 2016
    Dave, VPN, regardless of who wrote it, will not cure bad upload speeds. As Stu said earlier, if you can't get 3MBs upload there is not much hope for remote goodness. I frankly, am not convinced compression will buy you much, if anything. The packets we're talking about are small and non text, if you gain 10%, that is negligible and remote audio is already compressed. Have you talked with Verizon and Sprint and gotten suggestions from them?

    Actually Dave, something just occurred to me. You need not worry about the upload speed to your ISP, rather, the upload speed to your router. Just for grins and chuckles I tested my Nexus 9 tablet. 22Mbs down, 2.23Mbs up. Far below what Stu suggested. But that was round trip from CT to NY not my family room to my radio. I have a linux environment, servers and laptop alike. I used iPerf to measure the speed from my laptop, 5G to my desktop. I set iperf to be upd and upload 4Mbs packets. there was zero loss at 3Mbs and a total of 3400 packets. At 8Mbs (1MB/s there was 0 packet loss with 6800 packets although one was received out of order.

    So if your Internet Service Provider (ISP) is 200 miles away, it doesn't matter, so long as you are within WiFi distance to your router. Now, if you want to take your laptop on the road, that is entirely different, then your ISP does matter. But for around the house, out in the back yard, you should be good.
  • Walt - KZ1FWalt - KZ1F Member
    edited November 2016
    So what is interesting, and a bit disturbing, also a different thread, my laptop with the alleged **** wifi chip did a sustained for almost 13,600 UDP packets at 8Mbs with 0 packet loss yet cannot do ssdr remote. For 2 mins sustained at 8Mbs it processed 81,603 udp packets, dropped 91 (0.11% loss) and received 2 out of order, yet it can't do SSDR remote. Perhaps it is Windows, the above was Linux. Switching over to WIndows, it can not reconnect network drives (although I can open them) and while SSDR is running and receiving the UDP packets (the panafall is doing its thing) the strength meter is 3 amber bars to 4 green back to 3 amber. Linux was solid with about 1/10 of 1 percent loss.
  • Larry _ W8LLLLarry _ W8LLL Member ✭✭
    edited December 2016
    I got softether working last night and it was very smooth with my 30 Mbps download and 3 Mbps upload which is actually just under 5Mbps when I check it. One Dax channel running in the back ground made it a little jittery. I also connected to the server using a windows vpn connection instead of the client software at  the vpnazure.net address and it is way slower for what ever reason. And while talking with some locals using my blue yeti usb microphone I was asked why I sounded so much better today, they could not tell I was remote until I told them.
  • edited May 8
    Walt,

    The compression helps significantly.  I see about 40-45% improvement because the data sent for the meters, pan adaptor and waterfall stream are NOT compressed and have a large amount of data redundancy.  Compression requires using the SoftEther VPN stream on port 5555 - this is TCP over SSL and enables compression.

    The L2TP support does not provide any compression however.

    Regardless of compressed or otherwise, the quality of the uplink on the Internet link is critical.

    BTW, on your home WiFi, try resetting the WiFi device by a power cycle and also try the 5G side rather than 2.4G (or vice versa).  The WiFi device in my office gets itself into a mode where it drops packets - power cycling the device cures the problem for several days at a time.

    Stu K6TU
  • Walt - KZ1FWalt - KZ1F Member
    edited November 2016
    Hi Stu, I recycled it yesterday for something else, so it is relatively a fresh boot. What was weird is Linux thought the wifi connection was solid, and that was testing UDP at 8Mbs (1MBs). I am not questioning the C# code for the signal bars, I've seen it, it sort of looks fine (like ICMP, do you check connectivity to the IP stack or to the application itself. It is more meaningful to test RTT to the application not the IP stack). That aside...I'll switch it back to Linux and test it for 30 mins rather than 2. Both sides were using 5G. East Coast things are rather dead today. W1AW, 45 miles away sounds like Europe, all on 17m; 10, 12, and 15 are all deader than the proverbial doorknob. 

    When I mentioned compression I was more thinking in comparison to HTTP gzip compression ala web servers dealing largely in text, which compresses very nicely. I'll report back Microsoft has decided to force an update right now.
  • Walt - KZ1FWalt - KZ1F Member
    edited November 2016
    30 mins running on Linux, with my SSDR receiving all vita-49 packets and doing panafall display on Linux concurrently the results are for 5G (wifi) network:
    8Mbs thruput, 0.050 ms (50us) dropped 1386 out of 1,224,245 packets or 0.11%, 1/10 of 1 percent. and received 3 packets out of order. Not too shabby. I suspect the issue is not the wifi circuitry but the Windows device driver for it. This is using the same physical wifi device.

    Where this is iPerf and UDP I am not really sure what the 50us is actually measuring, 5 hundreths of a millisecond is a pretty small number.
  • Walt - KZ1FWalt - KZ1F Member
    edited November 2016
    I realize this is tangential to your thread here Stu and I do not want to hijack it but to all those running Windows laptops or tablets that complain about very bad remote access it's probably the device driver.
  • Jim GilliamJim Gilliam Member
    edited June 2015
    Device driver to what?
  • edited August 2016
    Wifi chip set in laptop.

    Stu K6TU
  • W5UN_DaveW5UN_Dave Member ✭✭
    edited November 2016
    right now my download speed is 2.8 Mbps and my upload speed is 3.88 Mbps on my Verizon wifi connection. Sprint is awful, mostly 3G (sometimes 4G) even though their tower is closer. Even when 4G the thruput sucks. I'll try an external antenna on the 341U USB modem/router for Sprint. If that doesn't help, I'll terminate them (still within first 14 day trial period). When I go to my kid's homes I think I can use their high speed internet to work my radio from there.

    As far as running the 6700 remote here on the local LAN, no problem with that.
  • edited August 2016
    Dave,

    "Wired when you can, Wireless when you must" - for a home Internet connection I would always go Wired if I could - my choice these days, all other things being equal would be fiber, cable then DSL.

    Also there is a huge difference between consumer grade Internet (which I would describe as "the least you can get away with so the majority of customers don't whine") versus business grade service.

    Yes, business grade is more expensive and there are good reasons why.

    If your location dictates that you have to use Wireless (especially if its wireless cellular), an outside antenna will likely be necessary.

    Good luck!  I know how frustrating this can be.
    Stu K6TU
  • KY6LA_HowardKY6LA_Howard La Jolla, CA. Paris and Sablet FranceMember ✭✭✭
    edited June 2015
    @Dave As. You know I run remote a great deal, so i have a lot of hands on experience with 3G//4G connections using WIFI hotspots. I find that using an external gain antenna can mean the difference between a great 5 Bars 4G signal and a poor 2 bars 3G signal from exactly the same physical location. Suggest you put your hotspot as close as possible to the antenna to minimize signal losses.
  • W5UN_DaveW5UN_Dave Member ✭✭
    edited November 2016
    Stu, great advice "get wired". There is absolutely NO possibility of doing that here.

    Thanks for posting the SoftEther  idea.
  • W5UN_DaveW5UN_Dave Member ✭✭
    edited November 2016
    Howard, I have the external "11 db" (ha) LP antenna mounted and pointed. I am awaiting the 2-way antenna connection adaptor required for the 341U USB modem. I hope you are right. We shall see how it does when that arrives. Right now the signal varies from 2 bar 3G to no bar 4G. I am ever hopeful for a 4 bar 4G signal. The modem, connected through my Cradlepoint MB1200B router would give me all I need for the entire LAN.

    I tried the 341U  USB modem on my laptop downtown, 9 miles away. 5 bars and 16 Mbps download, 12 Mbps upload. Oh! if only....
  • edited August 2016
    Dave,

    I empathize.  A high gain antenna will help.

    Stu K6TU
  • KY6LA_HowardKY6LA_Howard La Jolla, CA. Paris and Sablet FranceMember ✭✭✭
    edited June 2015
    @Dave Good luck with your experiments
  • Ross - K9COXRoss - K9COX Member ✭✭
    edited June 2015
    Why don't you just use your "Mighty Big Antenna"?
  • Walt - KZ1FWalt - KZ1F Member
    edited July 2017
    If you can wait a few months I'll have a web based access to your flex, if you can hit google, you can hit your flex.
  • W5UN_DaveW5UN_Dave Member ✭✭
    edited November 2016
    Howard

    Would make a suggestion on the type of external gain antenna to use? I'm open to all advice.
  • KY6LA_HowardKY6LA_Howard La Jolla, CA. Paris and Sablet FranceMember ✭✭✭
    edited June 2015
    I am runing portable from an International MIFI hotspot when I travel. So I am using a n 8dBi manufacturers specific external gain portable mag mount antenna which likely would not work for you. In the USA as the bands are different. There are many gain antennas for 3g//4g USA on the market but I have no experience with them
  • W5UN_DaveW5UN_Dave Member ✭✭
    edited February 2019
    Walt, I do that now with Parallels, and it works well. Fast on my iPad, slooow on my laptop
  • W5UN_DaveW5UN_Dave Member ✭✭
    edited February 2019
    I am using Windows Remote Desktop to access the server from my client laptop. Is there a better way?
  • K6OZYK6OZY Member
    edited June 2015
    OpenVPN does pipe broadcast traffic if you use a TAP interface, but I agree that SoftEther is a nice wrapper for a variety of VPN protocols, including OpenVPN, with a good interface for new users.   I do prefer running the VPN server on an appliance, like my pfSense router, but SoftEther is a good quick fix for most.
  • K6OZYK6OZY Member
    edited June 2015
    I would recommend not using DAX over a VPN link because it is not compressed.   If you are metered, it will eat up bandwidth fast.   

    https://community.flexradio.com/flexradio/topics/remote-digital-using-smartsdr-1-4-lan-over-vpn
  • Jim GilliamJim Gilliam Member
    edited June 2015
    I have used Teamviewer, Parallels Access, Remote Desktop, and LogMein, and I see little difference in the performance. It is just a matter of personal taste. There has been discussion about using a VPN which attaches a virtual long Ethernet cable to the serving router or computer. I haven't found it to be any more efficient than the above mentioned.
  • edited May 8
    Maybe I wasn't clear enough - has been known! :-)

    With the the VPN configuration I described, I run SmartSDR ON THE REMOTE LAPTOP.

    The only data going over the link is that required to run SmartSDR and is usually way (and I mean WAY) less than trying to run a similar quality pan and waterfall on the computer at the home end using LogMeIn or any of those solution. When faced with huge graphic loads, these remote access programs have to move gobs of bit mapped data and that compresses poorly, consumes lots of bandwidth.

    Remote audio runs the audio to and fro, the pan adaptor data and waterfall refresh can be adjusted for the quality of the link you have.

    I have access to one 6700 that is on a 100 MBPs link into the Internet (not a typo). I have run 8 pan adapters and 8 Dax channels without a dropped packet from my work location some 30 miles from the radio using SmartSDR on my Mac at the office.

    Networking is wonderful but it is the prima facia example of "you get what you pay for".

    Stu K6TU

Leave a Comment

Rich Text Editor. To edit a paragraph's style, hit tab to get to the paragraph menu. From there you will be able to pick one style. Nothing defaults to paragraph. An inline formatting menu will show up when you select text. Hit tab to get into that menu. Some elements, such as rich link embeds, images, loading indicators, and error messages may get inserted into the editor. You may navigate to these using the arrow keys inside of the editor and delete them with the delete or backspace key.