I haven’t followed all the twists & turns of previous posts, but key thing is that your solution makes an outbound connection from the remote site to whatever destination you decide to use (home or intermediate server).
Thanks. That sounds like what my partner is telling me.
I’m told that the two routers connect to a company called NordVPN (similar to OpenVPN but the subscription is slightly cheaper than Open VPN and it does exactly the same thing apparently).
That takes care of the NAT issue at the remote end and the dynamic IP address issue at my home location as the VPN provider keeps track of it?
Like I said, most of this stuff is total gibberish to me. I’m relying on the family computer engineer to sort this out for me and make it all work!!!
We go through a very defined and well rehearsed 4 stage process in our family when it comes to dealing with computers and networks:-
- I generally have a go at getting it working, usually failing spectacularly, wasting hours of my time and sometimes making things worse in the process.
- I get very stressed and frustrated when it doesn’t do what I want it to.
- I eventually reach my limit, throw a tantrum, generally I threaten to rip the server rack off the office wall and throw it out of the window.
- My partner ends up stepping in and sorting it all out in less than 10 minutes and making me look like a blithering idiot!!!
Yes, that would work provided NordVPN allows reverse traffic port forwarding back to your remote station.
Open VPN does provide free community software as well as the paid service, so if your partner had time you could consider a direct VPN link from the remote station to your home station which wouldn’t entail a subscription charge and would probably have less latency as it doesn’t go via a “broker” connection in the middle.
How would I check this?
On the Nord VPN website it says it allows P2P connections but I’m not sure if this is the same thing?
Also, do you know if Open VPN allows this (it sounds like you’ve used them before, so asking on the off chance that you will know)?
Sorry if I sound silly & ignorant. Like I say, I’m a little out of my depth with this stuff but I’m trying to pick up as much as I can.
Thanks for all the help from everybody so far. I think I’m getting there, albeit very slowly!!!
They offer a free trial you could use to evaluate it, but their website says they don’t do port forwarding. I haven’t used the commercial OpenVPN offering just the community version.
Right now I have an OpenVPN server installed on a laptop at home connected to my HF radio, and I’m sitting in a hotel in Strasbourg using a laptop running the VPN client which allows me to operate the home laptop via the VPN tunnel and make some PSK31 contacts. It’s not quite your scenario, but shows that operating over a VPN works well.
You could consider acquiring a couple of routers which would take the DD-WRT firmware, as some versions of that support OpenVPN and could provide a link back to your house. https://wiki.dd-wrt.com/wiki/index.php/OpenVPN
We’ve already installed DD-WRT firmware on an old router that we had laying around and we have a second router on order. Once that arrives we will also put DD-WRT firmware on it.
As you said, I guess the solution is to use the free trial period with both NordVPN and OpenVPN to see if it works.
Thanks for the advice.
if your home location has public IP address and your ISP is not completely blocking inbound traffic, you could set up VPN server at home and let remote location device call in and connect to it.
I had similar situation as you do a while ago. We had a bunch of devices located at clients’ locations in private networks of unknown configurations (behind NATs and all sorts of things). We needed direct access to these devices for control and administration. For various reasons custom configuring each device was not an option.
What we did was setting up an OpenVPN server at central location, which was accessible from internet, and devices contained a client. As long as they were able to access the internet, they were able to connect to our VPN server. This made them accessible over private admin network just like they were located in our lab. No third party services and no subscriptions.
In your case, as you can’t alter your remote device, you can use a couple of simple home routers that support VPN on both ends and configure them to connect over VPN. Your remote device would be accessible just like it’s located in your home.
If you have a conventional ISP at your home/flat location so you have a routeable Internet IP address and therefore can have “fixed” address, e.g. using DYN DNS then you could probably set up a router-router VPN and not need to use either of the VPN subscription services.
Be interested to hear how you get on, I’ve not used the VPNs on DD-WRT but if you get it going I may well follow suit as I’m interested in using the Remote Rig gear.
I can’t understand why you are talking about NordVPN and OpenVPN subscription charges when I gave you here the clue to have the Remoterigs working without any need to 3rd party subscriptions.
Let me show you what I’m talking about and how it looks like on the Remoterig devices.
This is from the Remoterig device located at the remote station side:
You’ll need to tell the full “Own host name” to your Remoterig CONTROL, which is the one you have located where you are operating from, your shack in a hotel, for instance, by writing it in the box called Sip contact (Radio RRC IP/hostname):
I did try that and unfortunately it didn’t work. A look on page 240 of the Remote Rigs manual explained why.
Unfortunately, in the UK all of our mobile broadband suppliers seem to run Carrier Grade NAT (or CGN). This is basically a private IP address. This seems to cause a lot of problems for the Remote Rig boxes.
The general consensus seems to be that using a VPN is the quickest and easiest way to work around this problem.
As I said before, I’m not really clued up on computers & networking so I’m kind of relying on help from people that have more of an understanding than I do.
Here are several quotes from the Remote Rig users manual (page 240) which will explain it better than I can:-
CGN is no problem for most subscribers if
they only need to browse the web sending emails etc. But it makes communication in the
other direction, from outside Internet and in, impossible. This means that a Remoterig Radio-
RRC cannot be used with an ISP using CGN.
If your ISP is using CGN you must talk to him and tell him that you cannot use a subription
with CGN you must have a public IP-address.
Note! This is only important at the Radio side.
Unfortunately this means that that the boxes can’t talk to each other using just the dynamic DNS functions (if I could do it this way I would). Hence the need to find a way of bypassing the CGN.
It wouldn’t be a problem if I was using the 4g at the control head end and the standard internet connection at my home address for the radio body.
Unfortunately there is no internet connection at the remote site so I have to use 4g, which introduces problems as we have to work around the CGN NAT issues.
Thanks for the explanation. I think I understand better the problem you are facing.
Don’t you have a way to get internet at the remote QTH through a radio signal coming from some repeater in a nearby mountain like I have?
Also, have you looked to the possibility of trying satellite internet?
SSH will do what you need. It’s available for free with all good computers be they Linux, Windows or Mac.
Before you go any further have you done a site survey for mobile signal performance? That’s going to the remote site with the mobile modem, connecting to the mobile provider and checking you can maintain the data throughput for your expected network requirements and is not the same as seeing if you can use your phone at the site to download a webpage or two. If you can’t maintain the throughput from the site then there’s no point going further at this time.
Assuming the mobile performance is OK, you also need to decide what will “drive” the mobile broadband modem to make it go online etc. When you know these two things you can go further. Till then you are not solving the problem you have which is getting something designed for true IPv4 end to end comms (remote rig boxes) to work over CGN and all the breakage it injects into how IP stuff was meant to work.
This suggestion did come up before but I wrote it off because (to my understanding) I would need a computer at both ends? This means that the remote computer needs to be powered (and a computer generally uses more power.than a router).
Not a problem at home where I have mains power but power is very limited at the remote site (no mains, so will have to use solar).
Having said that, one of my work colleagues has just suggested that a Raspberry Pi has very low power consumption and may do the job.
I’m led to believe that Raspberry Pi’s run Linux, or can apparently be made to run a stripped down version of Windows. Might be worth considering.
I think the biggest challenge (apart from the internet linking) is going to be keeping everything powered. By my very approximate calculations (won’t be able to calculate it accurately until I haver the final setup and know exactly how much current each item draws), I need roughly 100-150 watts of solar panels and a fairly large leisure battery.
have you done a site survey for mobile signal performance?
I have tried several different SIM cards in my phone and results varied from non-existent signal on one provider to about 50% on O2.
To be honest, the signal was a bit flaky and not very reliable on my phone. It depends on where abouts in the field that you are standing.
Bear in mind that the internal antennas on modern phones aren’t particularly great as the manufacturers try to cram everything (including the antenna) into a small case.
It was much better on a broadband router especially with external antennas (similar to what you would use on a house or caravan).
I have in the past set up a 4g router when we did a bonfire night party to provide the guests with WIFI.
Using external 4g antennas on a mast at around 10ft off the ground it seemed solid. It was fine for a couple of people making WIFI calls, streaming from spotify & YouTube etc, so hopefully will be ok for what I want.
It bogged down once you loaded it up with more than around 3-4 people (which you would expect for a 4g connection).
I don’t think getting 4g into the field is my biggest problem to overcome if I’m honest (we’ve done it before).
you also need to decide what will “drive” the mobile broadband modem to make it go online
Sorry, I’m afraid I don’t understand what you mean by “driving” the modem.
I did look into it after somebody suggested it before (I think that might have been you actually).
Prices are ridiculously expensive to get it set up and the subscription costs around 4-5 times that of a 4g connection.
Also, I’m not sure how much of an issue the latency would be? The Remote Rigs user manual talks about a 3g connection at one end being ok for SSB but possibly problematic for CW. They advise against using a 3g connection at both ends.
I would assume that satellite would have more latency than a 3g connection, and with a minimum cost of a couple of hundred £ to set it up, I think that would be an absolute last resort.
Don’t you have a way to get internet at the remote QTH through a radio signal coming from some repeater in a nearby mountain like I have?
I also looked into that, along with getting an internet supplier to put in a wired connection. The site seems to be in a bit of a no-man’s land. The nearest farm house (which apparently has a BT line) is around a mile away. I was under the impression that it would be prohibitively expensive to have a line put in.
I think 4g is my best bet at the moment, with satellite being an absolute last resort if all else fails.
Also, I’m not sure that my poor little brain could cope with learning how to set up yet another networking/internet technology as I’ve never had the chance to play with satellite internet before!!!
Out of the box, everything you need is available in the standard Raspbian Linux. All the networking code and tools you would ever need.
If you have a 4g router, you have something that knows how to go online but will have a large power requirement and probably runs a scabby Linux with a load of thrown together web based tools that have more security holes in them than Gruyere cheese. There are OpenWRTs that work but that’s adding more complexity.
That’s the last thing I’d have considered because I don’t have one to play with and power will be key. I was assuming you’d be using a cheap as chips USB broadband dongle. Hence the need for something to tell it what to do. That would be a Pi though other cheap single board computers are available. But why make life hard when there are a gazillion people providing Pi add ons and the Linux on a Pi is in the mainline Kernel so is constantly upgraded and fixed.
Is that before or after derating for UK WX and expected load and usage?
I measured the current draw of all of the components of the system on standby (when everything is powered up and the radio is turned on and receiving, but not transmitting). I added a bit of extra current draw for good measure, de-rated the output of the panels by 50% and assumed 4 hours of sunlight a day
In reality we get more hours of sunlight than that (even in the winter), and I very much doubt that I will ever have the radio turned on for 24 hours a day non stop.
I’m hoping that this (what I would consider to be) fairly pessimistic assessment of the worst case scenario on standby will allow for a bit of tolerance with the British weather and transmit cycles.
Truth be told, I expect transmitting cycles to be relatively light (how much time do you spend actually transmitting when chasing an average of 3-4 SOTA stations a day). Most of the time is spent receiving.
Of course, there is only one way to find out for certain and that is to try it & see what happens!
I will most likely set it up in the back garden and hook it up to the existing antennas for a week or so (and run it as if I was remote) to see how copes before actually taking it to the remote site.
Lets not forget that the remote site is… well, remote…about 45 minutes in the car (each way) from my home, so I really don’t want to have to be driving over there in the car to solve problems.
Thanks for all the help and advice. I’ll put the Raspberry Pi suggestion to my partner as an easier/less complicated solution and see what sort of response I get.