Welcome to the new FlexRadio Community! Please review the new Community Rules and other important new Community information on the Message Board.
If you are having a problem, please check the Help Center for known solutions.
Need technical support from FlexRadio? It's as simple as Creating a HelpDesk ticket.

Setting up a VPN with SoftEther

2»

Answers

  • Harold Rosee
    Harold Rosee Member ✭✭
    edited January 2017
    I guess what I am looking for is a way to may sure the PC is set up correctly.  Can I troubleshoot it through another PC?  Then when I know it's working I can figure out the iphone.
  • Harold Rosee
    Harold Rosee Member ✭✭
    edited October 2016
    Just iphone.
  • K6OZY
    K6OZY Member ✭✭
    edited September 2016
    Then why are you installing a SoftEther bridge?  You only need the server component.   Did you follow my video?
  • Harold Rosee
    Harold Rosee Member ✭✭
    edited October 2016
    Before your reply I had already seen and printed the instructions that W1EQX had written above.  The way I understood the instructions on the Softether site was that for remote access you had to Bridge the VPN Server to the LAN using the Bridge.

    I was following:
    https://www.softether.org/4-docs/2-howto/1.VPN_for_On-premise/2.Remote_Access_VPN_to_LAN

    Now I am really confused.

    I guess I will stop and go watch your video. 

    BTW, my intent is to be able to connect from outside my home network from the IOS Smartsdr app.

    Going to watch your video now.

    Thanks



  • K6OZY
    K6OZY Member ✭✭
    edited September 2016
    The connection flow will be:


    iPad / iPhone -> L2TP connection using native VPN client in IOS -> home Firewall ->  SoftEther Server (running on PC or Raspberry Pi)


  • Ria
    Ria Member ✭✭
    edited October 2016
    When you install the server it installs a bridge component. There's no reason to install that separately. For the iPhone vpn after the wizard you need to click L2TP and select a shared secret. This is also what you put in the "secret" field in the iPhone. This is different from the password for the user account, which you also need to create.
  • Harold Rosee
    Harold Rosee Member ✭✭
    edited October 2016
    OK, well, thanks for trying to help.  I don't want to fill the forum up with this.  I am not a network guy and I am totally lost.  I don't even know what questions to ask at this point. 

    I'll go read some more.  Over and out...

  • K6OZY
    K6OZY Member ✭✭
    edited September 2016
    Harold, shoot me your info offline.  I've helped dozens of people get their Flex's working via SoftEther VPN.  I think I can get you up and running very quickly.   k6ozy [at] arrl [dot] net.


  • Harold Rosee
    Harold Rosee Member ✭✭
    edited January 2017
    Ria, Thanks for you help. I am going to have to try and find someone offline to help me. 

    Take care
  • Harold Rosee
    Harold Rosee Member ✭✭
    edited October 2016
    OK. I'll do that.  Thanks
  • K6OZY
    K6OZY Member ✭✭
    edited September 2016
    Above I **** fingered, and said UDP450 UDP4500.  It's UDP 500, UDP4500, TCP 5555.  I don't want bad information to say on the net confusing people.
  • Harold Rosee
    Harold Rosee Member ✭✭
    edited February 2017
    IT Works!!!

    I have to say a big Thank You to Chris, K6OZY, for his help.  This guy is a ****.  It's 12:20 am here in Texas and he just spent a lot of his time helping me set up my VPN.

    There is no way I could have done that myself.  Of course he tells me if I had watched his video on youtube I could have done it.  He has encouraged me to get a Raspberry Pi and run the server on it as Ria also suggested.  So tomorrow I am off to the local Microcenter down the street to pick one up.

    Chris, thanks again for your time and also the offer to help with the Pi.  Help like yours is what sells Flex.  Plus the radios are pretty good too:)  

    Now I can sleep.  Goodnight
  • K6OZY
    K6OZY Member ✭✭
    edited September 2016
    Thanks for the kind words.   I just hate seeing people not able to use their radio remotely because of VPN issues.
  • Lasse Moell
    Lasse Moell Member ✭✭
    edited November 2019
    OK, so I am next in line for some hand-holding!
    Currently have a RPI running as server. Client computer do connect over my cell phone using port 5555 (it seems 443 is a no-no on that provider). But I cannot see the radio on SSDR client, unless I do connect over my LAN (and VPN).  The VPN server is on DMZ i.e. no ports should be blocked on that side.

    Where to look for those lost broadcast packets from my radio?
    Checking ports (externally) 5555 reports open but 500 and 4500 reports open/filtered (UDP), is the RPI not responding?
    Should a bridge work better? I thought starting with client it would be easier to verify things....
    Is this due to client having a different ip-subnet?
    My head about to burst :(

    /Lasse SM5GLC
  • Ria
    Ria Member ✭✭
    edited March 2017
    There does need to be a bridge. Did you use my script or set it up yourself? My script automates it all (except the port forwarding), but if you do it yourself you need to set up the bridge manually.

    Open SE-VPN server manager
    Log in to the VPN server
    Click "Local bridge setting"

    Under "New Local Bridge Definition":
    Select the virtual hub to create the bridge on (if you did a basic setup there should only be one, choose it)
    Under "type to create" select "Bridge with Physical existing network adapter"
    Select "eth0" as the LAN adapter
    Then click "create local bridge."

    The only thing that somewhat concerns me is that your vpn is on a DMZ. It probably won't work that way. It needs to sit on the LAN for the bridge unless you have a 2nd ethernet interface but that is getting into a more complicated setup. The reason is that it needs to be on the same LAN as the radio to receive and forward the VITA-49 broadcast packets. However, if you can route traffic to your LAN from the DMZ, you can specify the IP in SmartSDR for iOS and connect that way. 



  • Lasse Moell
    Lasse Moell Member ✭✭
    edited March 2017
    YES! That did it! I was setting up everyting accrding to K6OZY... and missed the part with having local bridge enabled. It's up and running, sort of.... My cell phone do not give good enough through put, but I have seen the spectrum! Now I can start to fine-tune things.
    A big Thank You Ria!
    Cheers and CU on the bands
    /Lasse SM5GLC

  • Lasse Moell
    Lasse Moell Member ✭✭
    edited March 2017
    Just one thing more, I did try the DMZ as I was a bit confused with my main router when things did not work. Back to the main router and ports properly opened.
  • Lasse Moell
    Lasse Moell Member ✭✭
    edited March 2017
    Just a quick update. The VPN runs fine, and I even managed to configure an Orange Pi Zero to do the work. This computer is half the physical size of a R-Pi, and costs about $9!  DId a small demo at the local ham club showing how to operate remote.

Leave a Comment

Rich Text Editor. To edit a paragraph's style, hit tab to get to the paragraph menu. From there you will be able to pick one style. Nothing defaults to paragraph. An inline formatting menu will show up when you select text. Hit tab to get into that menu. Some elements, such as rich link embeds, images, loading indicators, and error messages may get inserted into the editor. You may navigate to these using the arrow keys inside of the editor and delete them with the delete or backspace key.