Hi @Vexari I actually cannot take credit for the udp proxy program at all. That all goes to @Aaron_Turner, who is also on this thread. I’m nowhere near that savvy. I asked Aaron about his program, but I don’t have it running on my setup.
But yes, I know exactly what you’re talking about with the phone. That’s the one problem that remains unsolved for me. I can easily access my Roon remotely using Wireguard on PFSense, but it won’t show my phone, or iPad, as a device when accessing Roon remotely. Not sure if you have a laptop to test, but mine is able to access my setup remotely and does show up as a device. I have no idea what the difference is, and it does take a few minutes to show up, but it does. The trick for that I’ve noticed though is I have to open Roon soon after activating WireGuard. Sometimes I have to close Roon and open it a second time.
If you aren’t tech savvy, I’d start with trying to get OpenVPN to work. There seems to be more (consistent) success with that one. And, there are more instructions for getting it setup with OpenVPN on this thread and others. Not sure if you’ve already come across those since it seems you’re using it. When I had my Netgear router, setting up OpenVPN as tcp rather than udp worked more consistently. But even then, I had to make sure Roon was fully closed first, then activate OpenVPN and then open Roon soon after. And, if I lost signal for whatever reason, I had to close Roon and try again. Not very safe when one is driving.
hello,
Sorry for the confusion, I meant to address my message to @Aaron_Turner but somehow typed in your name. This is my first message on the Roon forums so maybe that explains partly why.
Anyway, thanks for your lengthy reply. As I mentioned in my previous post, from a computer, I’m actually using OpenVPN in tap mode and it is working. If I connect to my OpenVPN server when Roon is already open I do have to restart it as well, but that’s pretty fast.
@Vexari So I haven’t tested udp-proxy-2020 with that router. A quick google search says it runs a flavor of Linux. I release binaries for various flavors of ARM on Linux so it should work if you copy the appropriate binary (you’ll probably have to test a few to see which works) and figure out how to get it to auto-run at boot as a service.
That said, you will probably need to ask for help from a forum that knows more about that router and it’s OS than I do about that last part.
I am running pfSense on a Netgate 6100 as a gateway for the network that the Mac mini Roon Core runs in. I got other needs for bridging subnets off-site therefore I run OpenVPN server in TAP mode anyway, where connected client devices will get a (DHCP) IP within the same subnet that the Roon Core runs on.
Just running the stock OVPN config in pfSense I managed to get Roon end points in and out of the physical LAN behave like they were in the same LAN. Cross remote or playback work also, no delay in seeing a newly woke up device even. Usually with OPVN the limiting factor is the computing power of the server since encryption is involved, but my Netgate 6100’s C3558 has native AES-NI so the transfer bottleneck becomes my ISP bandwidth on both ends (I got 1G fibre for both). I have not tried but I think only direct streaming of a 5.1 channel SACD rip without PCM conversion would find the bandwidth not enough.
By running OVPN TAP mode there are Pros and Cons:
no need to do extra configs as outlined by most of this thread
(pretending) to be on the same subnet also gives you other networking benefits
not all client devices support this sort of network bridging, namely iOS devices
OpenVPN TAP is not the easiest thing to setup, and sometimes is not fully supported on some router OS unlike pfSense
So the interesting challenge with ARM is that it is not like other CPU’s from Intel/AMD/etc. Companies license only certain “features” (instructions) and then make custom ARM cpus with those features. Hence all the different binaries for ARM…
Anyways, some googling indicates that we need to use ARMv5 for that hardware. I’ll see if I can get you a build this evening.
So getting this to work with ARMv5 has been quite the challenge. Long story short, i have it building for ARMv6, ARMv7 and ARM64… but not v5 which as far as I can tell, uses a different build chain. Anyways, I’m asking around to see if I can get some help on this. No ETA at this time.
Hi @Percy_Chan I thought about trying OVPN in TAP mode, but never followed through when I discovered it doesn’t work w/ iOS. It seems to be something with iOS that’s preventing it from working consistently. I am able to connect w/ my laptop, usually after a few tries though, just not my iPad or iPhone.
I believe Apple’s network implementation in iOS fundamentally limits the possibility of subnet bridging, using OpenVPN TAP or not. The official API for iOS VPN services specifically only allow tunnel type connections. This is one of the reasons why the solution offered in this thread is ultimately more useful since it enables broadcasting in TUN, which is like almost all VPN setups out there.
But as far as Roon goes, I thought OpenVPN TAP would be a solution for some since Roon will just work out of the box, as long as you set the VPN up correctly then Roon has to work since every one is going to be within the same subnet (the same broadcast domain to be specific).
For my use case, we run a music related business and Roon is an internal-use music server, where our normal WFH file exchanges happen on an OVPN setup anyway since we like the extra security, then choosing TAP mode specifically because of Roon. For iOS playback / remote out of the premise, I specifically created another L2TP VPN tunnel straight to the Roon Core machine (a Synology NAS actually), with intense firewall rules limiting its access to only for Roon. Currently the Roon Core can talk to all devices on all 3 networks no problem.
Morning @Aaron_Turner I have some questions w/ integrating udp-proxy-2020 please.
To get it on my PfSense+ on the 6100:
Do I login via ssh, press ‘8’ to get to the shell, and create /usr/local/etc/udp-proxy-2020.conf by using the mkdir command first?
By editing the .conf folder, “as necessary,” do you mean telling the program what the interfaces are?
If I do need to create the file /etc/rc.conf.local, do I add it to the .conf folder created in step 1?
Do I add the line, “udp_proxy_2020_enable=YES,” using “echo,” and, “>>,” or , “sed,” command?
Do I copy over /usr/local/etc/rc.d/udp-proxy-2020 into the /usr/local/etc/udp-proxy-2020 folder created in step 1?
Is there a way to pull the correct files/folders from the command line using the, “clone,” or, “wget,” command?
Is there a way to pull the correct binary from the command line using the, “clone,” or, “wget,” command? Or do I use the command line to pull the binary from my downloads folder on my Mac?
If you’re able to help I’d sincerely appreciate it.
@Vexari, So, 2.6.36 is over 11 years old. And not supported on ARMv5 (need 3.1+). But I see from the output that your system is armv7l, not armv5 like my research suggested.
No, /etc/rc.conf.local is a different file and not related to /usr/local/etc/udp-proxy-2020.conf .
You can add it any way you like. echo, sed, vi, etc.
No, step one is to create the file. It’s the same file.
Sure. Use wget and copy the URL from your browser.
Right mouse click, “Copy link” and then paste into your shell. so wget https://github.com/... or you can download on your Mac and use scp <file> <ip of firewall>: and it will place it in the home directory of the user when you login and press 8.
Thank you again @Aaron_Turner. I’ll keep this handy. I’m gonna take a break from this for a bit though because the Roon folks are holding this side project against me now w/ regards to another issue that came up several months ago. I’ve spent so much $$ to make an awesome setup and it’s turning into quite a flop. I need to find a way to fix the picture issue and then go from there.
I really appreciate all the help you’ve given to me thus far, and to all the others I’ve seen you help over the last couple years! I can tell you have a lot of fun w/ it.