SmartSDR for iOS v1.0.2 Revisited

  • 1
  • Question
  • Updated 3 years ago
  • Answered
  • (Edited)
I've been using/learning SmartSDR for iOS for the past week.  Marcus has done a tremendous job in what appears to me to have been a very quick development period and I look forward to continued improvements in its capabilities.

At the moment, here's what I have discovered after using the app and reading every post in the Flex Community and elsewhere about using it in a LAN vs WAN environment:

  • In my home LAN environment, the app is like Mary Poppins...practically perfect in every way.  My LAN is 1 GB fiber up/down Internet service (no, not Goggle); a full 1 GB home network for practically every device; and a Netgear Night Hawk 6 for use with the Flex/Apple products.

  • Attempting to use in a WAN environment has problems...no audio, no waterfall, no indication that the app is alive.  See attached screenshot photo from my iPhone 6 Plus

    .

    I have a Synology DS-1812+ server with VPN which I and my family use almost daily.  I normally use L2TP though it is capable of PPTP & OpenVPN protocols.

    I've attempted multiple connections from non-home environments but nothing seems to make any difference...no audio, no waterfall, no indication that the app is alive.

    Countless permutations of port opening/forwarding do not provide any relief of the problems noted above.  Yes, I'm familiar of the various ports used by SoftEther vs other VPN protocols/providers.

    My ISP does not block any port other than for email servers (not allowed on home user networks).  Despite that prohibition, they are also very open and helpful in customers doing "more exotic" and advanced things at home.

    Some users appear to be using the app in a WAN environment though many posts reflect that it is not always possible to consistently duplicate someone else's success in that regard. Unless I've missed it somewhere, did Marcus or Flex actually say this version was ready for use in a WAN environment?

    I don't think I saw that even mentioned in the announcement for the app.

  • My conclusion is that surely this is not qualified for WAN use at the present as there is way too much variability in what it takes to get it running for reproducible success from user to user.  If I missed it somewhere along the way, I apologize but a nice big "fat" obvious note saying "Designed for LAN Use Only for Now" would have left me with more hair on my head.

  • I love the app and my 6700...perhaps I just didn't get the memo about LAN vs WAN use.

    Looking forward to seeing the app advance even more...
Photo of Gary S Ownsby

Gary S Ownsby

  • 25 Posts
  • 4 Reply Likes

Posted 3 years ago

  • 1
Photo of Jim Gilliam

Jim Gilliam

  • 920 Posts
  • 215 Reply Likes

Not to change the subject to much but I have had flawless VPN operation using the Linksys 1900ACS router and Softether on my Dell Windows 7 with my iPhone 6 9.3 IOS. The only initial issue I had was that after I got set up, I had to reboot my router before an L2TP connection could be established with the iPhone. The VPN connection could be established over any foreign  LAN or over the Verizon LTE network.


Jim, K6QE

(Edited)
Photo of Jon - KF2E

Jon - KF2E

  • 675 Posts
  • 221 Reply Likes
I started to setup the VPN client on my Synology NAS but gave up when I read this in the setup instructions.
  • VPN Server does not support bridge mode for site-to-site connections.
I believe bridge mode support is a requirement to get the IOS App to work correctly.

I then moved on to Softether and everything works just fine.

Jon...kf2e
(Edited)
Photo of Ken - NM9P

Ken - NM9P, Elmer

  • 4173 Posts
  • 1331 Reply Likes
Jon, I think you have hit the nail on the head. You sent your response while I was typing mine. It looks like the Synology's VPN may be usable only for that device and doesn't serve other devices on the local network. Which is good for preserving total network security, but means it isn't a true VPN server, only an access portal for the NAS drive.

Nice catch.
Photo of Mark Thomas

Mark Thomas

  • 51 Posts
  • 15 Reply Likes
Bridge mode is not a requirement for the IOS App. I'm not even sure if any of the native iOS VPNs built into the iPhone support bridge mode. Bridge mode is only necessary for broadcast radio discovery when using Windows/Maestro (which unfortunately do no support specifying a fixed radio IP). With the iOS App, you can set the connection mode to "Fixed" and enter the LAN (private) IP of the Flex. This is an optional vpn-friendly alternative to broadcast radio discovery, but necessary when using most VPNs. Do you have the iOS client set to "Fixed" and the correct LAN IP for your Flex radio entered?
Photo of Gary S Ownsby

Gary S Ownsby

  • 25 Posts
  • 4 Reply Likes
Hi Jon,

Thank you for your reply.  The Synology VPN does give me full access to all devices on my home network...not just the Synology server itself.

Gary AK4ZX
(Edited)
Photo of Gary S Ownsby

Gary S Ownsby

  • 25 Posts
  • 4 Reply Likes
Mark.  Thank you for your reply.

The Flex radio has a static IP address assigned at the router level.  I use the "Fixed" option on the app.  I have NO problem at all in seeing the radio using the app at home (local network) or when I use a non-home network but on a non-home network there is no audio, no waterfall, etc.

Thank you.

Gary AK4ZX
Photo of Ken - NM9P

Ken - NM9P, Elmer

  • 4173 Posts
  • 1331 Reply Likes
What router are you using, and how are you configuring VPN for the flex?

SSDR for iOS will work well with a VPN connection, but it can be a pain to find the "magic bullet" through the firewalls and other blocks on the router/modem/ISP etc.

It took a while for me to get the package running with my ATT UVerse and it's clunky Motorola DSL modem which I connected to an ASUS RT-AC66U router.

For me, the problems were getting the NAT passthrough right, and then making sure that I had things set so that the subnets of the various pieces were compatible.

For example. I had to set the DSL modem to one subnet (192.168.1.xxx) and have it assign a different subnet to my router (192.168.17.xxx). Note the third number in the sequence is (1) on the modem and (17) on the router.

Then the router's VPN setup asks you to use yet another subnet to assign over the VPN to the client devices, so I used (192.168.15.xxx)
(All of these numbers are examples, and not my actual numbers)

Some of the modem/router combinations seem to have trouble if you are using the same subnet numbers at the home side and the client side. So if your client side uses a subnet of 1 or 4, the. Define the numbers at your home for 15 or 17 or something else that you think may not be commonly used where you plan to remote from.

Then set your NAT passthrough to and port forwarding to match.

Even though it is not as secure, you might want to experiment with PPTP format to begin, because it is easier. Work out the bugs, then move up to OpenVPN or l2tp format for greater security.

I am not a VPN/networking expert. But this is what I have learned on my journey to get VPN running here. Hope this helps.

It will certainly be easier when full wan is supported in v.2.0. But it Is possible to do it through VPN.

Good luck.

Ken - NM9P
Photo of Gary S Ownsby

Gary S Ownsby

  • 25 Posts
  • 4 Reply Likes
Hi Ken.  Thank you for your reply...lot's to consider in it.

I use a TP-Link TP-R600VPN router/switch (no wifi).  It has built-in VPN; however, I don't normally use it.

It also handles DHCP for my home network.  The Flex 6700 is assigned a static IP address at the router level.

I have tweaked the subnets a bit but no detectable change...no audio, no waterfall, etc.

The Synology VPN permits me to change assigned subnets for inbound connections which I tried but no change.

Thank you.

Gary AK4ZX
Photo of Tim - W4TME

Tim - W4TME, Customer Experience Manager

  • 9184 Posts
  • 3530 Reply Likes
Gary, let me address your question.

Some users appear to be using the app in a WAN environment though many posts reflect that it is not always possible to consistently duplicate someone else's success in that regard. Unless I've missed it somewhere, did Marcus or Flex actually say this version was ready for use in a WAN environment?

WAN or remote access is feasible due to the inherent features in iOS operating system for establishing a VPN connection.  The same is true for SmartSDR for Windows.  It requires configuring a VPN "tunnel" between the client operating system and the FLEX-6000 on your local LAN.  Because of the multiple different devices that can be used to establish the VPN endpoint on your local LAN, the results achieved will not be consistent.
Photo of Gary S Ownsby

Gary S Ownsby

  • 25 Posts
  • 4 Reply Likes
Hi Tim,

No criticism intended but that sounds like a fully qualified, un-conditional "yes...may be".  Along the lines of:  I guess I could be a brain surgeon with a fork and knife but a bit harder to do.  When we spoke at Huntsville Hamfest, I asked about the VPN requirement but I don't recall any discussion or cautions about the difficulty factor in getting VPN to work with it and I'm a frequent VPN user.

To me, using the app in a WAN setting is still somewhat in the experimental realm though certainly others have boldly gone there with success.  I sure hope that version 2 makes this an easier process as all of the connectivity issues makes one forget the real object, i.e., to use the radio easily from afar.  Spending several hours doing this with mixed results isn't what I had expected to be doing.  So perhaps my expectations were overly high.

This doesn't diminish my zeal for my Flex radio or the anticipation of really doing remote ops without so much "down in the dirt" trial & error work.  As a ham, I'm not necessarily looking for an "appliance" solution but less thrashing around in network land would be good for the average bear.  :-)

'Anxiously awaiting the next version of the app and headed to the grocery store to get more coffee as I continue to tinker with settings and software to make this version work in the wee hours of the morning.

Thanks for letting me bend your ear at Huntsville.

Gary AK4ZX
Photo of Tim - W4TME

Tim - W4TME, Customer Experience Manager

  • 9184 Posts
  • 3530 Reply Likes
Gary - thanks for your response, but at this time we do not officially support operating SmartSDR v1.x over a VPN, so the "yes...maybe" answer is the most appropriate FlexRadio Systems answer I can offer.  

Since I do not know everyone's skill levels, I never discourage anyone from attempting anything challenging because ham radio is a hobby of experimentation and a continuing search for knowledge.  Once you have met the challenge of setting up a configuration outside of your comfort zone, there should be a great sense of accomplishment (at least that is how I feel once I figure something out).  Fortunately, the Community is full of knowledgeable elmers to assist you on your journey.

When SmartSDR v2.0 is released that fully supports operating our products over the Internet without a VPN, then the answer will be a resounding yes.
Photo of George Molnar, KF2T

George Molnar, KF2T, Elmer

  • 1644 Posts
  • 600 Reply Likes
I think what Tim is saying is that WAN operation is not officially supported, but some users with appropriately configured VPNs have had a fair bit of success. Version 2.0 firmware should provide a better - more reproducible - experience without the need for too much network configuration. For me, with an end-to-end Apple environment including running Apple's OSX server, it's very enjoyable provided the bandwidth is there. Your mileage may vary. California estimates lower. You must be 18 or older to enter.
Photo of Gary S Ownsby

Gary S Ownsby

  • 25 Posts
  • 4 Reply Likes
Hi George,

Coming from a 30+ year IT career in large company, I appreciate the nuances of "not officially support" vs "yeah, one can do it if..." so your point is well-taken.

I also have an OSX machine around here so I may venture down that path too.  I know that those at Flex already realize that customer satisfaction and acceptance is highly conditioned upon how easy it is to go from "unboxing" to operating.

I, too, hope that the next versions make the reproducibility of installations much easier and standardized as to what VPN software works, etc.

Thank you for your thoughts and observations.

Gary AK4ZX
Photo of Bob Wright, N7ZO

Bob Wright, N7ZO

  • 277 Posts
  • 74 Reply Likes
Hi Gary,

I know this doesn't directly help, but I have been running SSDR for iOS over a VPN from both my iPhone and iPad connected to 4G LTE cellular.  It seems completely functional.  My VPN server at home is SoftEther running on either my PC or a Raspberry Pi 3.   I just use the normal L2TP VPN settings on the iOS devices.

SSDR for iOS is in normal discovery mode.

I have had problems with the VPN when connected to other WiFi LANs (such as at hotels or friend's homes) but this is a result of their router's firewall settings.  My router at home is an ActionTec MI424WR-GEN3I as supplied by Frontier for FIOS and has the appropriate ports and protocols enabled.

73, Bob, N7ZO
(Edited)
Photo of Gary S Ownsby

Gary S Ownsby

  • 25 Posts
  • 4 Reply Likes
Hi Bob,

Thanks for your reply.  Based on the success of others, it may be boiling down to the selection of VPN software.  I'm not opposed to going some other direction but just seems odd to me that Synology's VPN works for everything I use it with but the IOS app doesn't seem to like it but it may be too soon to conclude that.

At this point, I've tried remote connection through ComCast, a AT&T cellular hotspot, and our local 1 GB ISP with the same results (no audio, no waterfall, etc.)...so it may be a VPN functionality issue.

I'm also willing to concede that my home network might be a little more complex than most as we have multiple servers, SSL certificates, etc.; however, I keep coming back to the fact that everything works with what I have except the IOS app.

'Still scratching my increasingly bald head..."  Thanks again.

Gary AK4ZX
 
Photo of KY6LA - Howard

KY6LA - Howard, Elmer

  • 3726 Posts
  • 1578 Reply Likes
@Gary

Sometimes we try too hard to make things work when there are much easier solutions out there.

I too have a very complex home system with multiple servers, VPN,etc etc Yet I have run my Flex radios FROM 27 different countries over all sorts of types of connection. I was part of the alpha team testing the iOS app remotely so I can attest that it works great and is EASY to remote from virtually anywhere. (I am currently in France)

SUGGESTION; Stop screwing around with the Synology VPN as clearly some gremlin inside it is blocking the iOS app. Install SoftEther VPN. With your IT background it should be a oiece of cake. Problem should solve itself with SoftEther.
Photo of Ken - NM9P

Ken - NM9P, Elmer

  • 4173 Posts
  • 1331 Reply Likes
Glad you got it going!
Photo of KY6LA - Howard

KY6LA - Howard, Elmer

  • 3726 Posts
  • 1578 Reply Likes
Clearly a case of GREMLINS hidden in Synology. Hi. Hi.
(Edited)
Photo of Bob Wright, N7ZO

Bob Wright, N7ZO

  • 277 Posts
  • 74 Reply Likes
Gary,

Although I initially brought the VPN up with the SoftEther server on Windows, I didn't want to continue running it on my working PC either for a variety of reasons.  The Raspberry Pi 3 SoftEther server was easy to configure and keeps up with my 30Mbps FIOS.  (The Raspberry Pi 2 could only do about 15-17 Mbps with SoftEther.)
Photo of Gary S Ownsby

Gary S Ownsby

  • 25 Posts
  • 4 Reply Likes
Official Response
Hi Howard,

You must be a mind reader.  I was doing that very thing just about the time your wrote your post.

SoftEther VPN is in place.  I'm connected to the Flex through AT&T cellular network from my iPhone 6 Plus.  Audio, waterfall, and app are certainly alive and well.

Yeah, I'll have to talk to the Synology folks about this problem.  I'd prefer to keep VPN on it rather than on a PC but for now this definitely works.

My thanks to all that replied to my post including you Howard.  Now if I can get my hair to grow back!

Gary AK4ZX

This conversation is no longer open for comments or replies.