Welcome to the new FlexRadio Community! Please review the new Community Rules and other important new Community information on the Message Board.
If you are having a problem, please refer to the product documentation or check the Help Center for known solutions.
Need technical support from FlexRadio? It's as simple as Creating a HelpDesk ticket.

VPN Fixed Ip on SmartSDR where?

iz7auh
iz7auh Member ✭✭
edited November 2019 in FLEX-6000 Signature Series
I am not shure but not possiblem to Fix Flexradio IP on VPN operartion only on Maetsro can possible Fix a static IP of Flex for VPN operation....


Answers

  • Mack
    Mack Member ✭✭✭
    edited March 2019
    Please look at section 30.5 of the software manual for detail on how to establish a static IP address.

    Mack
    W4AX
    Alpha Tester
  • iz7auh
    iz7auh Member ✭✭
    edited December 2016
    I try to read but not see how-to please help me if you can...
  • Mack
    Mack Member ✭✭✭
    edited December 2016
    Frank, Sorry but I don't understand what isn't clear or what help you need. I'll do my best. Mack W4AX Alpha Tester
  • Larry _ NY8T
    Larry _ NY8T Member ✭✭✭
    edited December 2016

    Is this what your looking for?


    image
  • iz7auh
    iz7auh Member ✭✭
    edited December 2016
    Larry, this section not modify available when not connection... why? 
  • Larry _ NY8T
    Larry _ NY8T Member ✭✭✭
    edited December 2016
    Not sure why you cannot modify it, i am sure someone else will resppnd.
  • Eric-KE5DTO
    Eric-KE5DTO Administrator, FlexRadio Employee admin
    edited December 2016
    Make sure that you first connect to the radio.  Once you are connected, the controls should be enabled.
  • iz7auh
    iz7auh Member ✭✭
    edited December 2016
    from PC at office is connect to my VPN LAN2LAN but SmartSDR can't see my Flex at home and not possib le to modify on static ip. I don't understant if possible use SmartSDR by VPN
  • iz7auh
    iz7auh Member ✭✭
    edited December 2016
    Eric what is the point of this? when one tries to connect the Flex over a VPN as IP fix can flex without it being seen, in SmartSDR IOS this is possible without problems, in fact I use it slla my office VPN was hoping to find the same function in the Windows version but it has not been done that is the question!
  • David H Hickman
    edited December 2016
    The windoze client does not support static ip addressing. It can only set a static ip address. Thus you have to use a full ethernet frame VPN for it to work like an OPENVPN Tap or softether VPN. 1. What is your vpn server? 2. Is it configured for Bridge (tap) or routed ( tun) mode? If you are considering run softether there are alternatives that will work if you plan on running a bridge on the remote end to connect your laptop to. There are other cascade methods that work but get complex really fast. If you are comfortable with running vmware or other virtualization software, it is trivial to set up a vpn server on your network, expose it, and then install a second vm on your laptop to run the bridge software. works like a charm and isolates the vpn software from your production system.
  • Eric-KE5DTO
    Eric-KE5DTO Administrator, FlexRadio Employee admin
    edited March 2017
    I think there may be some confusion here.  So I want to make sure several things are clear:

    1. Both SmartSDR for Windows and SmartSDR for Maestro both support setting the *Radio* on a Static IP.  With modern networking, we would recommend using something like a Static DHCP Reservation in your router instead of this, but the feature is implemented as a result of popular demand for those that may need it.
    2. For now, both SmartSDR for Windows and SmartSDR for Maestro require access to the broadcast Discovery packets in order to connect to a radio.  This restriction is imposed purposefully as there is currently no authentication provided in the API.
    3. This restriction will be addressed when our WAN Remote feature is released in SmartSDR v2.0.
    4. A VPN connection can be used today to access the radio remotely, but the VPN must be setup to pass broadcast traffic to address the issue above in #2.  There have been several write ups here in the community that address how to setup such a VPN.
  • Frank, HB9FXQ
    Frank, HB9FXQ Member ✭✭
    edited March 2017
    Eric, 

    Any Idea, when I can stop deploying https://github.com/krippendorf/flex6k-discovery-util-go on my VPN Routers? I mean, it works with multisite routed VPNs, but do we really have to wait for 2.0 to get rid of that broadcast thing? Routed VPNs are not good with relaying UDP broadcast ;-) Bridges are not good for security reasons. 
  • Eric-KE5DTO
    Eric-KE5DTO Administrator, FlexRadio Employee admin
    edited March 2017
    Yes.  See #2 above.
  • George KF2T
    George KF2T Member ✭✭✭
    edited February 2019
    FWIW, MacOS Server has a fine VPN function that works very well. No router modifications (other than setting DHCP reservations and port maps). Run it on a Mac Mini in your world and life is quite easy.
  • Frank, HB9FXQ
    Frank, HB9FXQ Member ✭✭
    edited December 2018
    My suggestion would be to only the permit user to enter RFC 1597 private IPs in SmartSDR and you'll prevent unsecure port-forward WAN solutions. Before recommending users to realize bridged VPNs. Bridged VPNs have so many disadvantages - Good luck with IPv6 in that situations. Anyway, I don't want UDP broadcast traveling across my VPNs. 
     
    Still not sure if it's worth to restrict direct IP access for non-IOs users. In my eyes FRS isn't responsible for network security. It's up to the network owner to maintain a secure setup. We're talking about multi-radio multi-site VPN in my case, not about a dummy plastic router with the radio on a DMZ port :-) You can warn OMs to not put the radio out into the wild. Still I'd prefer my secure VPN with strong encryption and auth mechanisms, compared to a built-in FRS security solution. That'll a) be closed-source (I bet) and b) will you lock down radios when you discover zero-day exploits etc?  
    Currently we share radios across OMs and I'll never bridge our home networks together just to realize broadcast domains etc.... People using the IOs app simply address the radio directly, can't understand how you can promote that app on the on side and technically restrict it for richClient users... that's somehow in consequent.  

    Using openVpn/Pfsense with my flex6k-discovery-util-go utility, on  APU2 64bit routers with hardware accelerated crypto (https://www.pcengines.ch/newshop.php?c=4) deployed on all sites.
  • Nick RN3KK
    Nick RN3KK Member ✭✭
    edited November 2019
    Not need run two application on different raspberry. SmartSdr need only broadcast from radio device. If you know IP and other param you flex-6xxx , you need only one program on PC with SmartSdr.
    https://www.youtube.com/watch?v=xmvIX-27EhQ&feature=youtu.be
    https://github.com/rn3kk/Flex-6xxxDeviceEmuliator

Leave a Comment

Rich Text Editor. To edit a paragraph's style, hit tab to get to the paragraph menu. From there you will be able to pick one style. Nothing defaults to paragraph. An inline formatting menu will show up when you select text. Hit tab to get into that menu. Some elements, such as rich link embeds, images, loading indicators, and error messages may get inserted into the editor. You may navigate to these using the arrow keys inside of the editor and delete them with the delete or backspace key.