Which VPN method to use for remoting Flex?

  • 1
  • Question
  • Updated 2 years ago
  • Answered

My ASUS router at the remote is capable of either PPTP or Open VPN.   I am currently using the PPTP VPN method to operate my Flex remotely.  I have heard that the OpenVPN method is more secure and efficient?  Any IT people out there that can fill me in on the best method to use?   I also use the ASUS DDNS service which worls very well in keeping the VPN connected via the  PPTP. 

  I do not get vey many dropped packets but the signal strength indicator on the 6700 goes from excellent to red and all points in between but there are no freeze ups or audio loss even when the Ethernet status indicator shows red.  Not sure what is causing that large variation in the signal strength status through a 6ft long wired connection but that's another question.

Photo of K1UO - Larry

K1UO - Larry

  • 705 Posts
  • 117 Reply Likes

Posted 2 years ago

  • 1
Photo of Neal - K3NC

Neal - K3NC, Elmer

  • 427 Posts
  • 128 Reply Likes
If it works I would not change a thing! The security aspect of VPN is not a real concern for me, I am not too worried if someone wants to see what SmartSDR sees from my radio right now, I am only concerned that the IP address mapping functions work!

Enjoy the radio and try to ignore the signal quality indicator unless you are having performance issues with SSDR!

73
Photo of K1UO - Larry

K1UO - Larry

  • 705 Posts
  • 117 Reply Likes

Thanks Neal.   I have a tough time sticking with the "If it ain't broke don't fix it" mantra!!     I'm wondering if Maestro will pick up the Remote Flex via the VPN like my local SSDR does.


I should know in a few days :-)

Regards


Photo of Larry Benoit

Larry Benoit

  • 60 Posts
  • 14 Reply Likes
Hi Larry,

FWIW, I have an Asus RT-AC68P with support for PPTP and OpenVPN. I found that PPTP was erratic and throughput fluctuated for no particular reason that I could determine. I had the same experience that you described -- signal strength varied from solid green to red. Unlike you, I experienced occasional, brief audio dropouts and display pauses.  Over the same networks on the same computer, OpenVPN was stable and consistently stayed solid green or flickered orange when network congestion was present, but nary a hiccup with SmartSDR.

I operated my station remote from California to Maine using OpenVPN (hard wired to the local router) an hour or two daily for an entire month this past winter and had to restart SmartSDR just once, due to distorted transmit audio. The remote and QTH internet services were both 30 mbps down/5 mbps up.

Other operators may have different results, but that is my experience with the RT-ac86p. I presume there is likely a problem with Asus's implementation of PPTP in the firmware.  OpenVPN is well supported and trusted, however, no network communications software is 100% secure.

73,
Larry KB1VFU
Photo of K1UO - Larry

K1UO - Larry

  • 705 Posts
  • 117 Reply Likes
Thanks Larry..  I may build it on open VPN  (asus rt-ac5300 at the Remote (with 50/50 mbs ftth)  just to see if the fluctuations disappear.  Mt remote is only 10 miles away and there is fiber to the home on both ends and plenty of bandwidth so it may possibly be a problem inherent in the ASUS PPTP VPN side.   I also saw the same things happening when I tried a ASUS RT-AC68u at the Remote end using PPTP while trying to troubleshoot this "problem"..
Photo of Ken - NM9P

Ken - NM9P, Elmer

  • 3823 Posts
  • 1164 Reply Likes
This is what I have learned. 
PPTP is not very secure any more.  But if you are using an iPhone or iPad to remote a 6000 using K6TU or DL8MRE (to be released later) you will need to use PPTP because the iPad VPN doesn't pass the correct discovery packets through OpenVPN.  (unless they have fixed it since the last time I tried it.)  You CAN use SoftEther.net and set up L2TP and that works, but you need to have a computer or Raspberry Pi running at the shack as a Softether host.

On the other hand, If you are going to use SSDR remotely on a desktop, laptop, or Windows notebook/notepad then the OpenVPN can be setup correctly as a more secure VPN.  
(Edited)
Photo of K1UO - Larry

K1UO - Larry

  • 705 Posts
  • 117 Reply Likes

Hi Ken,  Thanks for the info.  I do have a computer at the Remote end but it is just to run a couple local control programs I use to remotely turn the Flex6700 on and off and also to steer the 8 circle receive array for 160/80 .  everything else, including the Amplifier, is Ethernet monitored /controlled from Home here..  SSDR is run on the local computer along with DXLabs logger and all other programs are here (N1MM+, Skimmer, MMTTY, SPE2K amplifier Monitor,  etc. ..   Soon to add a hardwired Maestro next week if I can get it to see the F6K over the link like the SSDR program does here.


Regards

Larry  K1UO

Photo of John-K3MA

John-K3MA

  • 102 Posts
  • 29 Reply Likes
OK OpenVPN is more secure.  What could possibly happen if one is using PPTP instead of OpenVPN.  Are we worried about other SmartSDR users discovering out connection, logging in and using our stations.  Is the extra security a minimum risk?
Photo of Ken - NM9P

Ken - NM9P, Elmer

  • 3823 Posts
  • 1164 Reply Likes
The question is not whether they can get access to your 6000 radio. The question is can they get access to your entire network at home.