Welcome to the new FlexRadio Community! Please review the new Community Rules and other important new Community information on the Message Board.
If you are having a problem, please refer to the product documentation or check the Help Center for known solutions.
Need technical support from FlexRadio? It's as simple as Creating a HelpDesk ticket.

Soft Ether VPN for Field Day

geep
geep Member ✭✭
edited May 2020 in New Ideas
My experience with setting up Soft Ether VPN in anticipation of using it for N1MM remote operation for Field Day
0 votes

Open for Comments · Last Updated

Comments

  • Jim Gilliam
    Jim Gilliam Member ✭✭
    edited May 2020

    Softether works very well, but I found its setup very convoluted and non-intuitive. It seems anything dealing with VPN is that way I use OpenVPN and found its setup equally convoluted.


    Jim, K6QE
  • geep
    geep Member ✭✭
    edited May 2020
    Having never done a post like this before, I am not sure I did it right, but it is what it is.  My club, the Lynchburg (VA) Amateur Radio Club, like many others, is wrestling with how we're going to do FD this year.  We were first in VA and 4th in the 4th call area last year with a 3A setup, but this year will be a remoted bare bones 2A effort with only dipoles as antennas.  As the planning has gone on, it became evident to me that trying to run N1MM with Team Viewer or another remote desktop would be full of problems.  I am working to convince the rest of the group that a VPN setup to allow ops to run N1MM locally and connect with a remote computer on site to operate whatever radios we end up using.  I've volunteered my 6700 for the job, but we have a strong K3 faction, so all that is still up in the air.

    I began experimenting with Soft Ether VPN after reading articles on this site as well as the IARU AT1HQ  group's experiences.  Their step by step installation of both the server and the client proved extremely helpful, but I did run into some problems.  My experience has been that running the server on the SmartSDR computer leads to issues. With the server running, my test remote user could not connect to my radio with Smarlink even though it showed up.  He also had issues connecting to N1MM even though he was able to link to the VPN server and receive an IP address. 

    Finally, I decided the server needed to run on another computer, and researching, found that it would run on a Raspberry PI.  I set it up on a Pi 3 B+ using instructions I found in this link: https://curlybrac.es/set-up-vpn-server-on-raspberry-pi/

    The instructions were well done and easy to follow, and I had the server up and running in short order.  However, fine tuning the configuration via the CLI was cumbersome, in particular with adding users.  I found that I could run the Soft Ether Admin Tools on a Windows machine and connect to the server running on the Pi.  Making the needed changes via that interface was quick and easy.  I followed the setup instructions from the AT1HQ group, which are detailed and well done:  https://nrrlcontest.no/ln2hq/software/VPN/Server%20Side%20-%20VUCG%20-%20N1MM+%20WAN%20Setup%20for%2...

    Adding users is much easier with the GUI, and I was able to configure DHCP and the Azure VPN proxy using it, which I couldn't figure out how to do in the Pi command line environment.

    Testing everything yesterday, my test user was able to connect to and operate the radio, connect to the VPN and run N1MM at his home, and show up in the networking window on the target computer.

    Now I need to convince the rest of the members of our group that despite having to install three software packages, the average op can do it, and using the VPN with N1MM running on the local machine will be a lot easier and better than trying to work in a TeamViewer window.  And I have to convince the diehard K3 follks that a/ the 6700 is a great radio and b/ setting up a remote operating with it is dead simple, thanks to SmartLink.  Another of our ops has a 6600 and has offered it for the CW station, while mine would be used for voice and, perhaps, digital, if I can get that working.  This will be it's fourth or fifth FD, so many of our regular voice ops are already familiar with the GUI.

    I still have to put together an easy to use PTT for foot switches -- but VA3MW has a nifty guide on this site that should work nicely: https://community.flexradio.com/flexradio/topics/remote-footswitch-how-to-lan-vpn-solution

     Interfacing a mike to the local computer is also to be done, but there are many ways to do that, some hard some simple.  As a pro audio guy, I have a Presonus 4 channel external sound card that I use with SMAART (not to be confused with SmartSDR...) for ringing out theaters, USB to the computer, so I should be able to use my favorite headset or the Heil boom mike. 

    Finally, I have to work up a suitable interface for the paddle guys but have found several ideas for that, also here on the community site: https://community.flexradio.com/flexradio/topics/remote-cw-contest-setup and here: https://groups.io/g/RemoteKeyerInterface/topics

    I hope this might help others who are working on remote FD operations.  Soft Ether is free and once I figured out the problems, it appears to be working very nicely.  BTW Tim, if you are reading this, the issues I had with Win 7 re-appeared on 10, and related to running the Soft Ether server on the host machine.It had to do with the VPN IP address being assigned to the 6700 instead of retaining the normal network DHCP address.  That seemed to drive SmartSDR nuts.  Once the radio was returned to the correct subnet, the problems went away.  I'd have expected SmartSDR to simply say it couldn't find the radio, but that's not what happened.

    That was a mistake on my part.  Moving it to the Pi works nicely, and I can keep the Pi server on my home network, let the two computers that will be on site connect to it, and as other ops log on, they will be tied to to master running on the remote site, and logs will all be up to date as we swap remote ops.

    I hope this will be of interest as people plan FD operations.  73 es GL

    Geep
    WA4RTS






  • geep
    geep Member ✭✭
    edited May 2020
    One more setup gotcha -- I found that the virtual LAN adapter would override the normal one when a client connection was made.  I'd lose internet access, and that would be signified by the LAN icon in the system tray changing from the normal square looking thing to a globe.  The solution is, when setting up the client, to go into the advanced settings for communications at the bottom right on the setup screen.  There you will find a checkbox that says "no adjustments to the routing table,"  Check that box.  If you have already set up the client, make sure it is disconnected, right click on the setup and select "properties" which will take you to the setup screen, where you can get into the advanced communications propertys, check the box, and then reconnect.  Checking that box stopped the problem for me.

  • K1VL
    K1VL Member ✭✭
    edited May 2020
    Softether works great! I would suggest you set it up as a site to site VPN bridge using two Raspberry Pi's. This way no one needs to log in to the VPN and the Flexradio resource (or any other IP resources) will be simply available to all users on the local field day LAN over the secured bridged VPN connection. There are detailed instructions on how to install SoftEther as a site to site VPN on a simple router or on a Raspberry Pi (recommended) at https://nandm.sbitani.com/2018/05/#router  Make sure you use the latest version available at www.softether.org to stay current on bug fixes. Bear in mind that SoftEther has a new built in HTML5 based web admin console that is on by default. You easily disable this feature by setting the "DisableJsonRpcWebApi" option to "true" in the configuration file if needed and use the SoftEther server management client to manage the link you set up.
      
    I've done this type of site to site "always on" SoftEther VPN link to operate a remote Flex 6500 for years. It's stable and very fast. It's literally an extension of the LAN to a remote location. W1EQX
  • geep
    geep Member ✭✭
    edited May 2020
    Thank you!  I'll have a look.

  • Tom Porada
    Tom Porada Member ✭✭
    edited May 2020
    N1MM is now setup to run Hamachi VPN. All computers end up in a mesh network, no central db. Sets up without a lot of VPN knowledge. Our club W4AC used it for the Florida QSO party a month or two ago. 7 individual stations using a common log. Worked fine. It was fun watching other stations log Qs. The N1MM team responded very quickly to questions via groups io. We bought up to the 32 user version of Hamachi to allow up to 32 users on at once. Free version allows 5 Tom W4IEE
  • geep
    geep Member ✭✭
    edited May 2020
    I looked at Hamachi, and was impressed, as it looked pretty easy to run.  However, we'll run this once a year, so the additional expense didn't seem to be worth it.  Besides, I wanted to play with the Raspberry Pi! According to the posts I've read, the Hamachi support in N1MM also adds support for Soft Ether as well as Open VPN, so everybody wins.  I think the Soft Ether is going to work well for us, and I've already had fun watching my tester log Q's in the dummy log.  We're going to have to test it pretty thoroughly before the big day, but there's time.  Thanks for the comment.

Leave a Comment

Rich Text Editor. To edit a paragraph's style, hit tab to get to the paragraph menu. From there you will be able to pick one style. Nothing defaults to paragraph. An inline formatting menu will show up when you select text. Hit tab to get into that menu. Some elements, such as rich link embeds, images, loading indicators, and error messages may get inserted into the editor. You may navigate to these using the arrow keys inside of the editor and delete them with the delete or backspace key.