Welcome to the new FlexRadio Community! Please review the new Community Rules and other important new Community information on the Message Board.
If you are having a problem, please refer to the product documentation or check the Help Center for known solutions.
Need technical support from FlexRadio? It's as simple as Creating a HelpDesk ticket.

IOS 10.0.1 has removes PPTP VPN. Now what?

Ken - NM9P
Ken - NM9P Member ✭✭✭
edited June 2020 in SmartSDR for Windows
After months and months of successful remote ops using my iPad and iPhone and PPTP VPN from my ASUS RT-AC66U router, the latest iOS update to 10.0.1 has removed PPTP VPN, leaving only IKEv2. IPSec, and L2TP, none of which seem to be supported by the ASUS router. Using OpenVPN I have achieved a connection to my 6500 halfway.... Using TUN, TCP mode on OpenVPN and static IP mode on SSDR-iOS instead of Discovery or Scan, I can make it connect, and it functions as a remote control surface, but no audio or pan/waterfall diaplay. I may need to switch to SoftEther.net, but would rather use my router without need for another computer or my Raspberry Pi running. Anyone else have luck getting it going this way with OpenVPN on their router? I feel like I have gone from confident expert to noob overnight! Ha ha! Ken - NM9P
«1

Comments

  • Ria
    Ria Member ✭✭✭
    edited June 2020
    PPTP VPN is horribly insecure. You should look into SoftEther or OpenVPN. I use OpenVPN without issue. 
  • Ken - NM9P
    Ken - NM9P Member ✭✭✭
    edited December 2016
    Yes, PPTP security is probably why apple finally dropped it. I have used OpenVPN successfully from my office and laptop windows machines, but haven't gotten it to completely connect using OpenVPN and the iPad. I am experimenting with some port forwarding, etc., trying to get it going. If I can't, then it is back to the Raspberry Pi3 and SoftEther.net.
  • WX7Y
    WX7Y Member ✭✭✭✭
    edited September 2016
    Can't you run Softether on your windows computer you run the smartSDR on, or even another another computer in your home  that is always on?

    I run mine on my Home entertainment (PLEX) server which is always on and is just a Intel NUC. 

    I run my Soferther VPN connection as a TAP connection and works perfectly.
    73's
    Bret
    WX7Y


  • Jim Gilliam
    Jim Gilliam Member ✭✭
    edited June 2020

    How did you update SmartSDR IOS? I don't see an update option on my iPhone.


    Jim, K6QE

  • Ken - NM9P
    Ken - NM9P Member ✭✭✭
    edited December 2016
    Settings>General>Software Update....
  • Ria
    Ria Member ✭✭✭
    edited October 2016
    Jim - SmartSDR wasn't updated. This is the iOS software update, which is the 10.0 release to debut with the iPhone 7. 
  • Ken - NM9P
    Ken - NM9P Member ✭✭✭
    edited December 2016
    I can and have run it on the main shack computer, but I want an option that will work if the shack computer is not available... thus the router. I have it working on asus' Router OpenVPN with my laptop and office computers remotely. But I am trying to get the iPad running with it again.
  • Ria
    Ria Member ✭✭✭
    edited October 2016
    For OpenVPN you need to use their app, as there is no option in iOS itself. I don't know how the ASUS router is, but it may have an option to export the config which you can then put on your phone. 
  • Lawrence Kellar KB5ZZB
    Lawrence Kellar KB5ZZB Member ✭✭
    edited December 2016
    My softether was not affected but my asus router pptp connection was.  I changed over to openvpn and installed openvpn connect on ipad but radio does not show up in finder smartsdr for ios
  • Ria
    Ria Member ✭✭✭
    edited October 2016
    Set up SmartSDR (iOS) for connection mode "fixed" rather than "discover" and manually specify the IP. 
  • iz7auh
    iz7auh Member ✭✭
    edited September 2016
    Change router and buy a Fritz!box 3490 best one for IPSec VPN and great iOS SmartSDR operation on remote!
  • Ken - NM9P
    Ken - NM9P Member ✭✭✭
    edited December 2016
    I discovered the "fixed" trick earlier and was able only to get "half-connected." i.e. I got a Connection and picture of the rig, but no audio in or out, and no movement or updates of the screen... THEN...I forwarded port 4492 for TCP & UDP, and port 4491 for UDP, and it seems to be working, sort of. I need to run some more tests. Are there any more ports that need to be forwarded? I think I almost have it whipped....
  • Ria
    Ria Member ✭✭✭
    edited October 2016
    That usually happens when smartSDR is running on my home PC and I try to use the iOS app. With a VPN you shouldn't have to do any port forwarding.
  • Tim - W4TME
    Tim - W4TME Administrator, FlexRadio Employee admin
    edited December 2016
    You do if your VPN server is behind your firewall.
  • spopiela
    spopiela Member ✭✭
    edited June 2020
    Ken,
    I tried a quick test after the ssdr update to the radio and windows 10 app. . I have an Netgear R7000 router with Open VPN. I connected to my home router through openvpn using my ATT cell data and easily connected to the radio and saw panadpter and all my functions working on IOS SSDR on my I PAd..
    good luck
    You have helped me a lot
    Stan
    N1THL
  • Lawrence Kellar KB5ZZB
    Lawrence Kellar KB5ZZB Member ✭✭
    edited December 2016
    Ken if you get it working can you detail the steps you did to do it?  I have been fighting with asus router folks (clueless)
  • Ken - NM9P
    Ken - NM9P Member ✭✭✭
    edited December 2016
    I need to run into the office in a bit. I will test from there with my iPad and iPhone via wifi. My verizon connection is marginal at the house. I'll report any success and other steps....
  • Lawrence Kellar KB5ZZB
    Lawrence Kellar KB5ZZB Member ✭✭
    edited December 2016
    Ken i got it!!!!!  Under fixed mode it would not disconnect my maestro.  I connected with my old softether connection and kicked the maestro off.  I then reconnected via openvpn on asus router and fixed mode in smartsdr for ios and it is working

  • Ken - NM9P
    Ken - NM9P Member ✭✭✭
    edited December 2016
    One other note. I received a new ASUS router firmware update yesterday, too. Between the ASUS router update and the iOS update, apparently the OpenVPN may be working a little differently. One other thing is that I apparently needed to export the OpenVPN client definition file from the router again after the two devices were updated. I don't know which firmware was the one that required the new file, but it apparently helped.
  • Ria
    Ria Member ✭✭✭
    edited October 2016
    Makes sense Tim. I assumed it was part of the firewall, as mine is.
  • Tim - W4TME
    Tim - W4TME Administrator, FlexRadio Employee admin
    edited December 2016
    Mine isn't.  Using an RPi3 as the VPN server.  Too stingy to replace the firewall ;-)
  • Jay -- N0FB
    Jay -- N0FB Member ✭✭
    edited September 2016
    I'm waiting for the new version of OSX Server to be released. This is my methodology of doing VPN. I alsready have OSX Sierra installed, but server is not available yet.
  • Lawrence Kellar KB5ZZB
    Lawrence Kellar KB5ZZB Member ✭✭
    edited December 2016
    Jay: avid Mac user here. Can you explain or give a link on how you are getting OS X Server to be a vpn server?
  • John-K3MA
    John-K3MA Member
    edited June 2020
    I hate when Apple decides what is best for me.  No PPTP No Headphone.  Except for Smart SDR for iOS I would not have a Apple device.  I guess I will not be updating it to iOS 10 since I have a ASUS router also.  Hopefully, someone finds a work around using the ASUS router.

    Ken thanks for posting this issue as I was going to upgrade just before taking the iPAd on vacation.
  • Chris DL5NAM
    Chris DL5NAM Member ✭✭✭
    edited December 2016
    ...  there any download possible where i can get a image ( copy of a SD card) for a VPN server running on a Raspi3? Want run SSDR-IOS remote . Any hint welcome dl5nam@gmx.de
  • VK7WH Winston
    VK7WH Winston Member ✭✭✭
    edited December 2016
    Chris, I would be grateful if you could pass on to me any useful information you receive to me. I have a Raspberry Pi 3 setup and ready to go but, alas, I lack the Programming skills to do it myself. winston(dot)henry(at)bigpond(dot)com Thank you Winston
  • David Decoons, wo2x
    David Decoons, wo2x Member, Super Elmer Moderator
    edited June 2020

    I switched over to OpenVPN and here are the steps I did with an Asus RT-AC3200 router. I have previously set the radio to a static IP address on my network. (new feature in 1.9.7 SSDR)

    1) Under VPN in router disable PPTP (unless you have other clients that support it)

    2) Click on OpenVPN tab then enable it.

    3) add a user and password then click apply.

    4) On the OpenVPN server tab change VPN server details from General to Advanced.

    5) On the advanced tab change settings to screenshot below. The VPN subnet can be a different subnet but should be unique and different from your home network and remote network.

    Speaking of that, you should change your home network to a subnet that will not conflict with remote subnets. It should not be 192.168.1.0 or 192.168.0.0. I use 10.4.0.0 for the home network and 10.8.0.0 for the VPN subnet.

    6) On the iPhone/iPad, download OpenVPN Client app from the AppStore.

    7) In the router under the OpenVPN General tab click on export and save the client.ovpn file to your computer. Email it to yourself.

    8) On the iPhone open the email containing the ovpn file and tap on the file. Under the choices select OpenVPN (you might have to scroll to the right to see that choice.

    9) It will open the OpenVPN client and you will see your home IP and a green + Click on the + to add the profile.

    10) Enter the username and password you created in step 3.

    11) Optional, click save if you do not want to enter your password every time (careful! Security)

    12) click connect

    13) once connected open SmartSDR for IOS and click on settings (gear icon on bottom right)

    14) Change connection mode to fixed and enter the IP address of you radio.

    15) Click on Panadapter and then click CON on top. It should connect.


    Make sure you are not on the same WiFi network as the radio when testing or it will not connect.

    Be careful to turn off the VPN connection when not in use and if you are using cellular data keep an eye on you datausage. You don't want overages!


    Dave wo2x


    image


    image
  • David Decoons, wo2x
    David Decoons, wo2x Member, Super Elmer Moderator
    edited September 2016

    John, see my response below. Just upgraded to OpenVPN and working fine with IOS 10.


    Dave wo2x


  • Ken - NM9P
    Ken - NM9P Member ✭✭✭
    edited December 2016
    I had it working from the office last night on both the iPad via wifi & OpenVPN and via the iPhone and Verizon Cellular and OpenVPN.  Here are a few highlights:

    A]  ***Be sure that your home router and the remote location you are using have their IP addresses on DIFFERENT Subnets.  This has probably been one of the most common problems in people getting these VPN connections working.  The subnet is the third number in the sequence of four in your IP address:  192.168.{Subnet].[device number], etc.

    (I have my home network on a much higher subnet than most people think about.  it can be anything from 1-254.  I would pick something over 10 when defining my home network IP addresses.)

    B]  Be sure to set up a DDNS account via ASUS.COM or NO-IP, or something else acceptable to your router.  I am using one coordinated by ASUS.  (NOTE:  This is not needed if your ISP has given you a Static IP address.)

    C]  In the ASUS VPN Tab, slide the "Enable OpenVPN Server" switch.
    Then select ADVANCED SETTINGS:
    The parameters I am using are.....(there may be better ones, but these are working.  If the Network Gurus on the board have better settings, PLEASE SHARE THEM...I am all ears!)

    Interface Type: TUN 
    Protocol: TCP
    Server Port: (Default : 1194)
    Firewall: Auto
    Authorization Mode: TLS
    Username / Password Auth. Only: Yes
    Extra HMAC authorization: Disable

    VPN Subnet:  [set this to a public subnet that is DIFFERENT from the subnet at either your shack or remote location]
    Netmask:  [I use a standard 255.255.255.0]

     Poll Interval   0 minutes 
    Push LAN to clients:  Yes

    Direct clients to redirect Internet traffic: Yes/No  {your choice]  
          YES=all internet traffic goes through the VPN internet connection at the shack...  
          NO=regular internet traffic continues through the local connection at your remote location (i.e. your hotel room, etc)

    Respond to DNS: Yes
    Advertise DNS to clients: Yes
    Encryption cipher:  AES-256-CBC
    Compression:  Adaptive 
    TLS Renegotiation Time:  -1 seconds (Default : -1)
    Manage Client-Specific Options: Yes
    Allow Client <-> Client: Yes
    Allow only specified clients: No

    BE SURE TO HIT "APPLY" before you leave this screen....

    D] Then....IN OpenVPN GENERAL SETTINGS:
    1) Setup at least one user name and password.  This will be the VPN client and password you will need to enter from your remote location to open the VPN.
    2)Hit APPLY again for this screen.

    Then hit the EXPORT button and save the file.
    You will need to email that file to your iPad/iPhone or transfer it in some other way (iCloud, Dropbox, etc.) in order to import it to your OpenVPN client.

    E]  In the WAN> NAT PASSTHROUGH tab:
    Set these to ENABLE  (I don't know if they are all necessary.  Since PPTP has been disabled in IOS and it is insecure, I set that to DISABLE.)

    L2TP Passthrough
    IPSec Passthrough
    RTSP Passthrough
    H.323 Passthrough
    SIP Passthrough

    F]  Download the OpenVPN Connect App to your iPhone/iPad  (or install OpenVPN client to your Windows machine.)

    After installation, import the Client.ovpn file you exported in step D, above.
    The easiest way would be to transfer it via iCloud or Dropbox.  Open your cloud folder and click on the Client.ovpn file.  The OpenVPN App should open and allow you to import it.

    G] Run the OpenVON Connect App on your iPad, or other client.

    When setting it up, you need to enter the following pieces of information:
    Your VPN Username: (the one you set up in Step D)  WEnter it in the slot with the little human looking icon on the app...)
    Your VPN Password:  (that you set up in Step D)

    Slide the switch to "Save"
    Then slide the switch below it to "Connect"
    If you have done things correctly, you should get a connection....

    Rejoice!  your VPN connection is now active.......But you are not done.....

    H]  open your SSDR-IOS app.
    Go to Settings:  In Connection Mode:  select "Fixed"
    Enter the Reserved or Static IP Address that you have set up for your Flex Radio.

    The best way, most of the time, is to use your router to set up a RESERVED IP address that is linked to your FlexRadio.  Set it up OUTSIDE the range usually assigned to other DHCP users on your LAN.  So if you have your router's DHCP set up to assign 192.168.90.20 through 192.168.90.100 to users on your system.  ( or the DHCP Range is set to begin at 192.168.90.20 and maximum allowable assignments of 70)  set your Reserved IP to 192.168.90.150 or something like that.

    NOW.  go to the Panadapter screen on SSDR-IOS and hit CON or "Tap Here to Connect"

    If you get the "please select your device" and your rig shows up, GREAT!  Click it and you should be in business.

    BUT SOMETIMES you have to work it to get a connection...
    I have had times where the rig didn't show up immediately.  in that case, Here are a few steps I took:
    a) Tap another place on the screen and try again.
    b) Close the App and open it again.  Double check your selection of Static IP in the Settings.  It may not have been saved correctly.
    Sometimes it took two or three times before it recognized my rig....but it finally did.

    In other cases, depending upon your firewall situation It may be necessary to go to your router and/or modem/firewall and forward a couple of ports...

    If you need to do this, 

    Go to WAN> Virtual Server/Port Forwarding:
    On the Port Forwarding List,
    Forward Port 4992 to BOTH TCP and UDP
    Forward port 4991 to UDP

    I thought I needed to do this.  It worked.  But then I removed the port forwarding and it still worked, but required me to tap and close a few times before it recognized the rig.

    I hope these steps will get you going with your SSDR-IOS on your ASUS router and OpenVPN.

    Good Luck!  Let me know if you get it going or need other help.
    Any additional helpful feedback from Networking experts is welcome!

    Ken - NM9P
  • Ken - NM9P
    Ken - NM9P Member ✭✭✭
    edited December 2016
    Ha, David!
    You and I must have been typing at the same time!
    I'll read yours and see if it is any different!
    It looks like IOS 10 added some things to the mix, because I couldn't get it going with OpenVPN before.  Perhaps I never tried the "Fixed" option before, either.

    Ken - NM9P

Leave a Comment

Rich Text Editor. To edit a paragraph's style, hit tab to get to the paragraph menu. From there you will be able to pick one style. Nothing defaults to paragraph. An inline formatting menu will show up when you select text. Hit tab to get into that menu. Some elements, such as rich link embeds, images, loading indicators, and error messages may get inserted into the editor. You may navigate to these using the arrow keys inside of the editor and delete them with the delete or backspace key.