Best VPN Service for Secure Networks - Tailscale
https://tailscale.comTailscale is a zero config VPN for building secure networks. Install on any device in minutes. Remote access from any network or physical location.
Welcome to the new FlexRadio Community! Please review the new Community Rules and other important new Community information on the Message Board.
Need the latest SmartSDR, Power Genius, Tuner Genius and Antenna Genius Software?
SmartSDR v3.8.23 and the SmartSDR v3.8.23 Release Notes
SmartSDR v2.12.1 and the SmartSDR v2.12.1 Release Notes
Power Genius XL Utility v3.8.9 and the Power Genius XL Release Notes v3.8.9
Tuner Genius XL Utility v1.2.11 and the Tuner Genius XL Release Notes v1.2.11
Antenna Genius Utility v4.1.8
SmartSDR v3.8.23 and the SmartSDR v3.8.23 Release Notes
SmartSDR v2.12.1 and the SmartSDR v2.12.1 Release Notes
Power Genius XL Utility v3.8.9 and the Power Genius XL Release Notes v3.8.9
Tuner Genius XL Utility v1.2.11 and the Tuner Genius XL Release Notes v1.2.11
Antenna Genius Utility v4.1.8
If you are having a problem, please refer to the product documentation or check the Help Center for known solutions.
Need technical support from FlexRadio? It's as simple as Creating a HelpDesk ticket.
Need technical support from FlexRadio? It's as simple as Creating a HelpDesk ticket.
Easy Solution for Double NAT: Tailscale VPN and Smart SDR Using "Sub Net Routes"
Alan
Member ✭✭✭✭
I found an easy solution for using Smart SDR outside your home network (WAN), including when you have a double NAT (think cellular and StartLink). Also, perhaps, an easy work around to the current SmartLink not working with static Flex IP addresses.
Disclaimer - I have not give this a lot of testing, but it appears to be working in my situation with a Starlink connection on one end and a cellular connection on the other end (both have cellular grade NAT). I am so excited to share, I hope it works as well for others.
I have been a user of Tailscale, an easy to use VPN with secure validation. For one user, there is no charge.
Up until the latest TailScale update, it was necessary to install the TailScale client on each machine in your network.....this prevented accessing the Flex Server thru Tailscale because it is not possible to install Tailscale on the Flex Server itself.
Tailscale recently announced two new features, "Sub-Net Routes" and "Exit Nodes". Of interest for Flex WAN access is "Sub-Net Routes". Current users of Tailscale must upgrade to get this new feature.
From the Tailscale description:
===============
However, you may have machines you don’t want to, or cannot, install Tailscale on directly. In those cases, you can set up a Tailscale “relay node” to advertise whole subnets at once. Relay nodes route all traffic from the Tailscale network onto your physical subnet. This makes it easy to incrementally deploy Tailscale, even on legacy networks.
=================
Here is a link to the installation instructions.
I updated my TailScale and ran the command to link my local subnet to the TailScale network of devices (devices I installed Tailscale on and validated myself).
Then with my laptop, running Tailscale, connected only to my cell phone, I ran Smart SDR (outside my LAN). Smart SDR showed my Flex Server on its local IP address. I clicked to connect and it connected and ran very smoothly......easy peasy!
Note - Tailscale has apps to install on all devices and operating systems. However, for now, they warn the machine providing the "Sub-Net Route" link to the Tailscale network must be a unix machine.....they plan to include the option for Windows and Mac on upcoming upgrades.
Alan. WA9WUD
0
Comments
-
False Alarm....Sorry!
Seems I had another connection to my LAN from the laptop that I missed during the test.
After correction, we are back to the level two bridge problem.....I can see the discovery VITA packets, but the UDP port 4992 packets cannot get thru.
In any evert, the Tailscale subnet routs seems to work with other devices on my LAN.
I will keep experimenting with SmartSDR, perhaps a solution will appear.
Alan. WA9WUD
0 -
Had me excited their Alan for 74 minutes, lol.
0 -
Alan - did you persevere with this at all? I found this topic when hitting the same issue myself and wondered if you may have found some magic incantation... :D0
-
G7UFO
I have not found a direct solution to use Flex SmartLink directly with Carrier Grade NAT, as used in cell phone hot spots and StarLink.
I had some success using PepLink routers, with "Pep Link" VPN, level two binding, with "speed fusion". This solution is expensive and was bandwidth challenged. The connection to the Flex Radio Server, was sometimes lost.
I am now setting up a screen share solution, using "Tailscale" VPN, to get through the double NAT. I have a NUCi7 at the remote station running Windows 10 pro....Microsoft Remote Desktop enabled. At the shack, I can access the remote NUC desktop as if it were running locally.
For audio, I found if I enabled audio on the Remote Desktop, then DAX would not work. So.... I am using "Dante" audio connectors, connected directly to the speaker and microphone jacks of my Flex 6600. Then, "Audio Movers" to move the audio over the internet (via the double NAT WAN), from the remote site to my station. Except for the audio latency, it works very well. Latency is comparable to the same with Flex SmartLink.
Digital modes run on the remote NUC, so no issues there.
Here are links to the products I mention:
- Dante https://www.audinate.com/products/devices/dante-avio
- Audio Movers. https://audiomovers.com/wp/
Alan. WA9WUD
1 -
Tailscale Update
For the group's information, I have submitted a "Feature Request" to Tailscale, for adding a Level Two Bridge option.
Alan. WA9WUD
2 -
Alan, based on your conversation with Tailscale, did they ever do any adjustments to their VPN to allow the passing of the Flex data?0
-
Tailscale Tech Support says their current version of "Sub Net Routing should be used,(https://tailscale.com/kb/1019/subnets/
I tried it out, and it works great for TCP packets.
Followup with Tailscale found I needed to build a UDP/TCP bridge on both ends, and pass through Tailscale with a TCP packet.....That was a show stopper for me.
I went back to my hardware based PepWave routers VPN, with level II bridge built in....works reasonably well....but expensive.
Alan. WA9WUD
0 -
This should work with ZeroTier, you'd just need to configure your ZeroTier endpoint on your network to allow traffic out from the VPN onto the local LAN. Best thing is its free and open source.0
-
Try ZeroTier Bridge https://zerotier.atlassian.net/wiki/spaces/SD/pages/193134593/One+Port+Linux+Bridge
0 -
Roland,
Thank you for posting the link to bridge ZeroTier. Have you tried it yourself and had success? I am getting stumped at the “systemd-networkd” steps. Can you help? It’s beyond my ability at this point.
Thank you,
Mark - W0QL0
Leave a Comment
Categories
- All Categories
- 282 Community Topics
- 2.1K New Ideas
- 565 The Flea Market
- 7.7K Software
- 6.1K SmartSDR for Windows
- 154 SmartSDR for Maestro and M models
- 383 SmartSDR for Mac
- 248 SmartSDR for iOS
- 241 SmartSDR CAT
- 176 DAX
- 352 SmartSDR API
- 8.9K Radios and Accessories
- 7K FLEX-6000 Signature Series
- 103 FLEX-8000 Signature Series
- 885 Maestro
- 43 FlexControl
- 842 FLEX Series (Legacy) Radios
- 840 Genius Products
- 432 Power Genius XL Amplifier
- 296 Tuner Genius XL
- 112 Antenna Genius
- 262 Shack Infrastructure
- 183 Networking
- 426 Remote Operation (SmartLink)
- 132 Contesting
- 685 Peripherals & Station Integration
- 125 Amateur Radio Interests
- 911 Third-Party Software