Part 2: Raspberry Pi SoftEther Bridge Setup for Maestro Remote Access to your Flex 6000 Radio

  • 4
  • Praise
  • Updated 2 years ago
In Part 2, I am completing the configuration of a second Raspberry Pi for Maestro remote access.  I do make a few mistakes and have to correct them, but hey, we're all human!



I am pasting my notes here for easier duplication.

Setup vpnbridge account on home Pi Server

sudo raspi-config

Expand File System
Boot options B1 Console only

Finish reboot

Setup static IP for backup reconfiguration

sudo pico /etc/network/interfaces

auto eth0:1
iface eth0:1 inet static
address 10.10.10.1
netmask 255.255.255.0
save exit

sudo reboot

Reboot & login verify eth0:1 is up

ifconfig 

Install SoftEther Server

wget http://www.softether-download.com/files/softether/v4.21-9613-beta-2016.04.24-tree/Linux/SoftEther_VP...
tar zxpvf v4.21-9613-beta-2016.04.24-tree/Linux/SoftEther_VPN_Server/32bit_-_ARM_EABI/softether-vpnserver-v4.21-9613-beta-2016.04.24-linux-arm_eabi-32bit.tar.gz
cd ~/vpnserver
./.install.sh
cd

sudo mv ~/vpnserver /usr/local

sudo chown root:staff -R /usr/local/vpnserver

sudo pico /etc/init.d/vpnserver

#!/bin/sh
# chkconfig: 2345 99 01
# description: SoftEther VPN Server
DAEMON=/usr/local/vpnserver/vpnserver
LOCK=/var/lock/vpnserver
test -x $DAEMON || exit 0
. /lib/lsb/init-functions
case "$1" in
start)
$DAEMON start
touch $LOCK
;;
stop)
$DAEMON stop
rm $LOCK
;;
restart)
$DAEMON stop
sleep 3
$DAEMON start
;;
*)
echo "Usage: $0 {start|stop|restart}"
exit 1
esac
exit 0
chmod +x /etc/init.d/vpnserver
update-rc.d vpnserver defaults
service vpnserver start

Run wizard and setup bridge (See Video)

Setup wpa_supplicant.conf with a list of AP's to join.  Replace network ssid & password below with your hotspot info.

sudo pico /etc/wpa_supplicant/wpa_supplicant.conf

network={
    ssid="iPhone"
    psk="flexradio"
}

sudo ifdown wlan0
sudo ifup wlan0

ifconfig wlan0  
verify you have acquired an IP from your hotspot.

sudo poweroff

Tether to Maestro, open iPhone Hotspot page

Boot Pi, wait for connection to Phone, spot check Pi server for connection

Turn on Maestro

Once working, backup SD card in case of corruption from pulling power on the Pi inappropriately
Photo of K6OZY

K6OZY, Elmer

  • 540 Posts
  • 210 Reply Likes

Posted 3 years ago

  • 4
Photo of N4TTY

N4TTY

  • 48 Posts
  • 4 Reply Likes
Part 2!  Awesome!  Awaiting the arrival of another Pi 3 and notification that my Maestro is ready to ship!!

Not having actually done this procedure yet, I surmise that you will have to edit the "wpa_supplicant.conf" file each time you find yourself trying to attach to a different wifi network.  Am I understanding that correctly?

Steve G./N4TTY
Photo of Jeffrey Kerber, N3VE

Jeffrey Kerber, N3VE

  • 127 Posts
  • 20 Reply Likes

I too am waiting for my second PI to arrive today.  I built the first image yesterday.  Is there a youtube video for Part 2?  Thanks, Jeff N3VE

Photo of K6OZY

K6OZY, Elmer

  • 540 Posts
  • 210 Reply Likes
Click the YouTube icon in the embedded video and it wil pop out.
Photo of W5UN_Dave

W5UN_Dave

  • 315 Posts
  • 30 Reply Likes
I'd love to be able to do this, but with my failing 81 year old memory I am afraid to try. At one time I programmed in C, Basic, Basic Visual, C++,  and some command line Linux, but that ability has left  me. If someone is willing to be my Elmer, I will purchase two of these units.  I'm good to go with Teamviewer, hi.
BTW, my Maestro invoice arrived ten minutes ago.
Photo of Steve - N4TTY

Steve - N4TTY

  • 103 Posts
  • 11 Reply Likes
Dave, have you had any responses?

You can contact off list if you prefer: n4tty (at) arrl (dot) net

Steve G./N4TTY
Photo of Cal Spreitzer

Cal Spreitzer

  • 356 Posts
  • 67 Reply Likes
K6OZY,  thank you very much for taking the time to post these videos!  

Since I already have Softether VPN Server configured and running on a windows machine at my home QTH I'll assume I only need to do Part 2 of your video with a RaspberryPi-3 running the client/bridge software?   Hopefully this type setup will work? 

Cal/N3CAL

 
(Edited)
Photo of K6OZY

K6OZY, Elmer

  • 540 Posts
  • 210 Reply Likes
Hi Cal, correct. Watch part 2 and you should be good.
Photo of Lawrence Kellar KB5ZZB

Lawrence Kellar KB5ZZB

  • 200 Posts
  • 32 Reply Likes
Thanks for the write-up  I had one question.....I am using an ASUS router with their built in PPTP VPN solution for my iPad setup using K6TU's program.  Can I configure a raspberry pi to connect to my VPN and bridge the connection over to my Maestro like you did for softether? Thanks Lawrence
Photo of K6OZY

K6OZY, Elmer

  • 540 Posts
  • 210 Reply Likes
You certainly can, there are many PPTP choices available, but the issue is that the Maestro won't appear on your home network that way.  The Pi will appear on your home network.   The "Bridge" part of the SoftEther setup is what is key here.   It makes everything that is on the ethernet port of the Pi appear as if it was on your home network.
Photo of Lawrence Kellar KB5ZZB

Lawrence Kellar KB5ZZB

  • 200 Posts
  • 32 Reply Likes
Using my vpn connection and softether bridge and securenat I got my laptop to obtain an IP address on my vpn tethered to my iPad Air. Next to try on maestro. I set this up on a Asus Windows 10 tablet
Photo of Lawrence Kellar KB5ZZB

Lawrence Kellar KB5ZZB

  • 200 Posts
  • 32 Reply Likes
Ok an update. I can surf the internet with a laptop connected to softether bridge, however no radios show up in the radio chooser.
Photo of Lawrence Kellar KB5ZZB

Lawrence Kellar KB5ZZB

  • 200 Posts
  • 32 Reply Likes
Asus VPN proved to be unstable Spent last night taking my windows 10 tablet and turning it into a softether vpn server. I tested with a couple of other devices and I could surf through them. I suspect I could follow the tutorial from part 2 out? One question: I'm going to be using a Mac to program ( a lack of any spare windows devices around). What and how can I program the pi with it? Putty for Mac? Terminal? Thanks again. Sorry if I'm rambling. I stayed up till 3am getting server going
Photo of Peter Bacon

Peter Bacon

  • 33 Posts
  • 10 Reply Likes
Are there any measurements of the actual internet bandwidth required to support one slice remotely?
Peter G3ZSS
Photo of K6OZY

K6OZY, Elmer

  • 540 Posts
  • 210 Reply Likes
As my video said, it depends on your FPS and rate settings. It will usually max out at about 2-3Mbps inbound per pan adapter. Upstream is about 80-90kbps (8-9Kbps). The slice count doesn't matter, it's all visual bits that eat bandwidth. Set it to 1 FPS and Rate and you can sip bandwidth. These radios want consistent latency without packet loss. That usually is the thing that causes the most problems.
Photo of Chris DL5NAM

Chris DL5NAM

  • 650 Posts
  • 142 Reply Likes
pse change
from

tar zxpvf v4.21-9613-beta-2016.04.24-tree/Linux/SoftEther_VPN_Server/32bit_-_ARM_EABI/softether-vpnserver-v4.21-9613-beta-2016.04.24-linux-arm_eabi-32bit.tar.gz

to

tar zxpvf softether-vpnserver-v4.21-9613-beta-2016.04.24-linux-arm_eabi-32bit.tar.gz

and


not working

Now i stop as "Linux Lid" :-)
(Edited)
Photo of K6OZY

K6OZY, Elmer

  • 540 Posts
  • 210 Reply Likes
Follow video, notes were just chicken scratch for myself to not get side tracked during the video creation. :)
Photo of Walt - KZ1F

Walt - KZ1F

  • 3040 Posts
  • 645 Reply Likes
It does my heart good to see more Linux saavy people on here.
Photo of Chris DL5NAM

Chris DL5NAM

  • 647 Posts
  • 142 Reply Likes
Walt, i am a double left hander but i must try every thing ;-).
Photo of Walt - KZ1F

Walt - KZ1F

  • 3040 Posts
  • 645 Reply Likes
Chris, I am the polar opposite of ambidextrous and left handed too. What does dbl lefty mean?
Photo of Chris DL5NAM

Chris DL5NAM

  • 647 Posts
  • 142 Reply Likes
Sorry, normaly i am a "right hander" and if i am doing a job that i have never done or the skill's to low, we say here your a double left hander ( joking ).
Photo of N4TTY

N4TTY

  • 48 Posts
  • 4 Reply Likes
Have two Pi's running now.  One as the server as shown in Part 1, and the other as the bridge as shown in Part 2.  The "bridge" does connect to my iPhone, but how do I really tell if things are right since the Maestro hasn't arrived yet.  Tracking number says Wednesday!

Should "Managing Sessions" on the server show 'vpnbridge' as connected without anything plugged into the ethernet port on the Pi?

Steve G./N4TTY
Photo of K6OZY

K6OZY, Elmer

  • 540 Posts
  • 210 Reply Likes
Correct.  On the PI server you should see the user "vpnbridge" logged in.  You could always attach a laptop to the Bridge Pi with DHCP enabled on the laptop and it should grab an IP of your home network.  

1) Boot the Pi Bridge, make sure you see it join your HotSpot
2) Verify user vpnbridge is connected on your home Pi Server
3) Boot the client computer or Maestro on the Pi Bridge ethernet interface connected to it.

Glad you've gotten it this far!
Photo of N4TTY

N4TTY

  • 48 Posts
  • 4 Reply Likes
Thanks for the reply Chris!

Well I have an issue and I guess this isn't the place to do trouble shooting except maybe others might benefit if they run into the same issues.

I took we several tries to get it to the point I mentioned above, and although I thought it might be working, it looks as if something is amiss.

I see my iPhone pick up the connection as it is supposed to, but when looking at the VPN Server connections I don't see user 'vpnbridge' connected.  And the laptop I have connected to the Ethernet port is not picking up an IP address (obviously because the vpnbridge didn't get logged in.  So somehow I have missed something. 

Are there any log files that can be looked at?

Steve G./N4TTY
Photo of K6OZY

K6OZY, Elmer

  • 540 Posts
  • 210 Reply Likes
Yes, on both Pi's look at logs in:

/usr/local/vpnserver/security_log/VPN
/usr/local/vpnserver/server_log
Photo of N4TTY

N4TTY

  • 48 Posts
  • 4 Reply Likes
Have looked at the logs on the VPN server side, but not sure what I'm seeing or even what I'm looking for.

Have to reconnect to the VPN Bridge to take a look at those logs.

And a very odd, to me at least, occurrence happens if both devices are sitting on the same subnet at the same time.  I will lose connectivity to both devices.  Usually on the bridge first, then shortly thereafter on the server.  :-(
Photo of K6OZY

K6OZY, Elmer

  • 540 Posts
  • 210 Reply Likes
Be careful not to bridge your network to itself.   If you are bridging eth0 on the bridge Pi and have eth0 attached to your home network to work on the bridge Pi, you will cause an amazingly fantastic broadcast loop that will trash your home network.  

Stop the SoftEther server on the Pi bridge to work on it safely

sudo service vpnserver stop
(Edited)
Photo of Steve - N4TTY

Steve - N4TTY

  • 103 Posts
  • 11 Reply Likes
@K6OZY - I've looked at the log files, but not really knowing what I'm looking for I don't see anything obvious.  Any suggestions on what I should be looking for.  Also any ideas about what might be an issue about why my 'vpnbridge' isn't logging into the vpn server.  All the items from your video seemed to have gone good and responded as I thought they should.

Steve G./N4TTY
Photo of Steve - N4TTY

Steve - N4TTY

  • 103 Posts
  • 11 Reply Likes
@K6OZY - Looks like you were replying to me as I was entering another comment!  Thanks!!!  And that has to be the reason I was seeing those results.

But with the bridge server disconnected from my home network and just connected to my iphone via the wifi hotspot I don't seem to be establishing the connection to my home VPN server.  I'm reasonably sure I got the passwords correct as I just used the demo 'raspberry' password everywhere.  All to be changed later after I get things working and have a better understanding of what is going on.

Thanks for your assistance!

Steve G./N4TTY
Photo of K6OZY

K6OZY, Elmer

  • 540 Posts
  • 210 Reply Likes
Lets dissect the issue.   

Does your Pi Server work properly?  By that, I mean are you able to use a Windows laptop outside your home network and connect to it, run SmartSDR and use the radio using the native Windows L2TP client?
Photo of Steve - N4TTY

Steve - N4TTY

  • 103 Posts
  • 11 Reply Likes
I have not had a chance to try my laptop from outside of my home network to try connecting thru the Pi SoftEther Server.  Only by using the bridge to try connecting to the server.  But I guess that puts two possible points problems.  Will try today to get to another outside network to connect using my laptop and see is I'm able to use SmartSDR.
Photo of Steve - N4TTY

Steve - N4TTY

  • 103 Posts
  • 11 Reply Likes
@K6OZY - I may be on to something!  I noticed when I went into the Windows SoftEther Server Manager that my VPN Server wasn't using the Dynamic DNS host name I thought I had setup!  It was showing up as a random number preceded by the letters "vpn."  When I used that DNS name I was able to connect to my VPN server via a native Windows L2TP client.

I'll update when I've taken another look at the settings in my VPN Bridge.

Steve G./N4TTY
Photo of Steve - N4TTY

Steve - N4TTY

  • 103 Posts
  • 11 Reply Likes
@K6OZY - After looking at settings on the VPN Bridge, it did indeed have the DNS I thought was on the server.  After changing it to match what was on the server, I was able to connect the Bridge via my iPhone to my home network!  I then connected my laptop's Ethernet cable to the Bridge and was able to connect and acquire an IP address on my home network. So then I started SmartSDR and there was the radio!!!

After connecting to the radio, SmartSDR only stayed running for a minute or less before losing its connection to the radio.  And the radio no longer appeared in the radio selection screen.  Strange occurrence, but none the less I got connected to my home network via VPN.  Small steps but making progress!

Steve G./N4TTY
Photo of Steve (N9SKM)

Steve (N9SKM)

  • 198 Posts
  • 24 Reply Likes
Am i correct in assuming that i can use a pi on the remote side to access the built in VPN on my router?
Photo of K6OZY

K6OZY, Elmer

  • 540 Posts
  • 210 Reply Likes
You can but you may not be using softether unless the other side is L2TP or OpenVPN. I am unsure bridging would work either. Too many variables.
Photo of Steve (N9SKM)

Steve (N9SKM)

  • 198 Posts
  • 24 Reply Likes
Roger, My home network is a total mess becasue it is a connection wirelessly bridged from another QTH. I need to get a few things sorted before i even concider remote operation haha.
Photo of Steve K9ZW

Steve K9ZW, Elmer

  • 1336 Posts
  • 688 Reply Likes
A big thank you to Chris K6OZY for putting these how-to guides together.

Still have some optimizing to accomplish, but it is so cool to rack up QSOs while at the office via the SoftEther VPN Raspberry Pi !!  





Son Winston KC9FVR helped correct crucial errors I had made, and geeked things into submission.

Very pleased that the project caught his interest, especially so close after finishing semester finals.  

I'll have more pictures on my blog soon!

73

Steve
K9ZW
(Edited)
Photo of K6OZY

K6OZY, Elmer

  • 540 Posts
  • 210 Reply Likes
Thank you! This kind of feedback motivates me to continue these type of guides. I'm glad it worked!
Photo of Steve K9ZW

Steve K9ZW, Elmer

  • 1336 Posts
  • 688 Reply Likes
You should take a bow!  

Still need some tinkering and have some questions for after Dayton.

Tunneling a VPN for Maestro is my quick write up.

73

Steve
K9ZW
Photo of W1IMD

W1IMD

  • 51 Posts
  • 25 Reply Likes
Chris, is it possible to set up a Raspberry Pi for Softether using the built in GUI? I know nothing of Linux but have used the Windows setup of Softether with a lot of success. Having watched your videos several times, the tasks seem a bit daunting for the uninitiated. I need to set up a server and a bridge for my setup and take the Win 10 computers back for other projects.  Thanks.
Photo of Ria - N2RJ

Ria - N2RJ, Elmer

  • 2276 Posts
  • 919 Reply Likes
I believe his videos show the GUI. Once you get SoftEther running you can use the GUI. 
Photo of Bill  /  VA3QB

Bill / VA3QB

  • 125 Posts
  • 14 Reply Likes
After a week I finally got mine working through my cellphone at home. Next test is to take it to a friends to confirm it works. I had some challenges with softether that I will post later.
Photo of Ria - N2RJ

Ria - N2RJ, Elmer

  • 2283 Posts
  • 925 Reply Likes
I just did a configuration for a friend, and I'm actually doing the wifi in a different way, whereby you're not tied to hacking config files to select your wifi. 

The wifi setup is similar to the chromecast. Basically the pi will look for a known SSID, then if it doesn't find one it will set up its own access point. Connect to it with your smartphone, select a wifi from the captive portal screen, then it will connect the wifi from there.

So far, so good. Works really well. One other thing I've added is a shutdown button to safely shut down the pi rather than roll the dice with just pulling power. Basically a pull up resistor and SPST switch on one of the GPIO pins and that triggers a python script. This will (hopefully) prevent corruption of the SD card. 

I'll get a script up sometime soon. 

But if you're interested in hacking this yourself, you can look for the radiodan wifi setup package and that is going to be the wifi setup component. The only thing is that it doesn't really do captive portal yet (eg hotel wifi) but I might have a workaround for that too. However I have found that most of them block VPNs anyway so this may be an exercise in futility. 
(Edited)
Photo of David Decoons wo2x

David Decoons wo2x, Elmer

  • 1237 Posts
  • 264 Reply Likes

Yep. we tested this last night with my Maestro and it worked well. Ria did an excellent job on the script. Very cool being able to set the Pi WiFi info from the iPhone.

As she stated, the info is available on RadioDan  

Dave wo2x

Photo of Ria - N2RJ

Ria - N2RJ, Elmer

  • 2283 Posts
  • 925 Reply Likes
This is it:
https://planb.nicecupoftea.org/2016/03/20/wifi-connect-quick-wifi-access-point-to-tell-a-raspberry-p...

They have instructions, just ignore the part about provisioning the SD card and skip straight to checking out the radiodan code. This will pull the code from github and build it, pretty much turn key from there, although it did fail a few times when I tried.