Remote connection via VPN - [Resolved] but ongoing discussion

I currently use a Synology Router ( RT2600AC) and tested the Synology VPN Plus and I was able to stream to my iPhone.
The VPN connection is not very stable and lost connection several times as I was driving.
I also tried from an hotel using wi-go and found the VPN connection more reliable.

Everything works fine here too. Roon on a Synology DS918+ and client is an Iphone 8Plus (With new Bose Soundsport free airbuds for the gym)…There is free Wifi on the gym…superb.

Short instruction : 1.) Port forward the (UDP) ports 1701, 500 and 4500 on your router, in this example Pfsense. 10.10.10.1 is the internal ip-adres of my Synology (where also the Roon server resides) 2.) install VPN-server on synology, i choose LT2P/IPSec because the Iphone supports that OOB. See picture. 3.) Configure VPN-client on iphone, see picture. The server is your ISP-adres or, in my case, my domainname. The password is the same as your normal password for the Synology admin-account and the secret/key (Geheim in Dutch) is the same as you choose for the VPN-server of course.

2 Likes

Could someone step by step in simply way describe
how to connect iPad to Roon Core via VPN?

1 Like

Sadly, there is no easy way, until Roon addresses it on their end. Everything above requires that you run your own VPN or have specialized routing hardware.

Mods have shifted this thread to Tinkering as it’s about users helping each other with non-supported use of Roon. It will find a knowledgeable user audience here and we’re trying to keep Support as an emergency ward.

A mobile solution remains a goal for Roon. VPN has worked for some, but is highly dependant on upload bandwidth from your Core computer.

@andybob, Thank you. I believe that an internalized Roon feature would be the easiest for everyone, including myself, and I’ve been a systems engineer for 22+ years (maybe a seasoned network engineer would have a better time of this, I don’t know). I have made SoftEther L2TP VPN work from my Linux, but that solution (on my environment) remains cranky and maintenance-heavy. I plan on rebuilding the Linux server it lives on very soon to see if it’s my environment.

For a product feature justification, I suggest looking at Vox Loop (https://vox.rocks/) for a potential market.

What Vox Loop has allowed me to do is upload all my music (large FLAC, embedded CUE + artwork) and allow me to access that music anywhere I have an Internet connection just as I see it locally on my Foobar2000 setup. I pay roughly $100/yr. for this service, but am locked into using their player (Vox), which is nice, but it isn’t Roon, and it doesn’t integrate with Tidal (that I can tell), so I’m having to switch between Vox and Tidal while on the road.

What I think we’re all trying to accomplish here is being able to access our music as it is represented in Roon while not in the house. This functionality already works via wifi, so via true remote would be the next logical step.

For bandwidth considerations, there are upstream and downstream requirements that will come into play. For instance, using Vox while on the Amtrak Acela between DC and NYC doesn’t work (well), and IIRC, Vox is in Amazon AWS/S3, so there will always be the issue of “is your local Internet good enough?”

On the upstream side, I find that to be less of an issue, having had cable Internet for over a decade and now FiOS gigabit. While each individual’s situation will be different, a simple “go to SpeedTest and see if you meet these requirements” would be in order.

For Vox’s Loop and Tidal, I’ve been able to combat the bandwidth issue with downloading music I think I will be listening to, to local storage on the iPhone, which is also a way to hedge against bandwidth issues, but that remote “streaming” and sync connectivity component needs to be there in Roon, to begin with.

1 Like

With the gobs of memory available on mobile devices these days I find it easy to get buy without roon remote but that said I would much prefer the option to use that if it was possible.

My carrier provides uncapped traffic allowance for Tidal as I subscribed through them to the service - cheaper that tidal direct too so mobile I can use Tidal without data penalties. That would not be the case with Roon via mobile. I have a 6GB/Month limit data cap for everything (bar Tidal)

Of course with Tidal one can download locally to ones mobile device for off the air listening too - like on a plane. If Roon can do this that would be a great step too.

I think Brian once mused that eventually the Core might run in the Cloud. If our local library could be stored in a fast data repository also, then we would only need download bandwidth to play music and upload for control/editing. This was nowhere near the roadmap, just thinking about what might be theoretically possible in the future (hopefully before jet-packs kill us all).

Sadly in Australia our Internet infrastructure got caught up in politics. The scoreboard reads something like Party Politics 5, Internet 0.

1 Like

I hear ya Andrew…my oldies are in Oz and got dropped to 4GB per month at A$50 a month on 4G dialup broadband - Ive got them on a 50GB plan now for about A$80 a month shared with 2 mobiles numbers included in that cost - but the coverage is pretty patchy at home so 4G rates are far from ideal maximum rates.

at home in Singapore I have 1GB/600M Down/Up connection at A$60 per month no data caps

its a shame in a 1st world country that internet and the god awful NBN is crippling you guys down under. Politics sucks big time everywhere tho.

Remote Connection to Roon,

Robert, as I’m new to this form you can jump in and correct me.

I have Roon working remotely and it is via VPN. The solution is not easy but it can be done. The issue is that Roon wants all connectivity to be on the same network subnet where the Roon server resides. So one would think all you might have to do is build a VPN and off you go, well that sounds easy but it does not work. So how did I do this, well here is the quick version and I will just hit the high points.

So the problem is Roon wanting to address clients who reside on the same subnet as the Roon server. If you try a VPN tunnel it will work you will be able to launch the Roon Control program but what you will notice is that the audio zones are missing. The reasons that the audio zones are missing is that Roon (and this was my assumption) needs full control of the device via the TCP/IP connection. So the trick is to make the remote Roon user appear to be on the same subnet as the server.

So this is how I did it.

1.) I built a SoftEther VPN Server on a Windows 10 box behind my firewall.
2.) I opened up the required ports on the firewall to support the VPN
3.) I created a VPN Soft client and loaded it on another computer which resides outside of the Roon server subnet
4.) I used the VPN soft client to login to my network remotely, the attached VPN client was assigned an IP address on the same subnet as my Roon Server resides on.
5.) Once connected via the VPN the Remote User was assigned an IP address on the same subnet as my Roon server.
6.) When I started the Roon Control Program on the Remote User side of the VPN it work flawlessly.
7.) Next, of course, we all want to see if we can access the Roon application from our smartphones. I used a VPN connection from my iPhone 7 to my Roon sever via the SoftEther connection and that worked as well. The issue with the VPN over the Cell network is that you have to be on an LTE connection for it to work.

Now, here is the part we all have to remember WiFi along with our beloved smartphones all works on radio frequencies. At the end of the day its a radio and it is subject to all things that affect radio signals.

Robert, for me the SoftEther connection worked fine the WiFi functions fine I have not had it drop off or had any really big sound quality issues. I have some very high-end equipment so when I do critical listening it is via a hardwired connection.

David

3 Likes

Hi David,

I’m glad you got SoftEther to work! I could get it to work, but not reliably and it always wanted to gobble up my default route and make all Internet traffic slow as molasses. I installed a new version of Ubuntu, hosed out my firewall rules to a bare minimum, and made sure my FiOS router wasn’t interfering (disabled firewall, DMZ host was my Linux router), and no real change with or without SecureNAT enabled.

I finally threw the towel in on SoftEther for good today and refocused my attention to ZeroTier (free for individual use), but I went on ahead and subscribed to their $29/mo. plan as my wife’s a road warrior and I don’t want their service to go away.

With the help of zt-travs and zt-grant on the ZT Slack channel, I figured out what the issues were with ZeroTier that are, in my opinion, a little unorthodox, but probably necessary due to how they’re doing things.

We’re all here for L2 routing that makes the Roon streaming tick, so that’s what I’ll focus on.

In the past, when I’ve bridged two devices, the bridge device gets the IP/netmask/etc. info and the other devices get folded into the bridge. So, if you take a segment that has a DHCP server on it, and throw it together in a bridge device with clients that need IPs, the DHCP server gets used for any of the bridge devices (assuming no advanced measures were taken otherwise on the DHCP server).

Now, that’s what threw me with ZeroTier. They NEED to hand out the DHCP info whether or not you have your own DHCP server on your bridged LAN. So, here’s the pertinent settings that I used on their web UI to make my iPhone bridge:

  • Managed IP addresses, set to the same network and netmask as your home LAN that you want to bridge to.

  • Set IPv4 auto-assign range to a range of IPs that exist on your LAN (this is what threw me the most–it should’ve been using my existing DHCP server, given my past experience)

  • ZeroTier server (in your house, also referred to as the bridge, running the zerotier-one software): do not auto-assign IPs
    ** Set to bridge mode

  • Your client
    ** Set to bridge mode
    ** Set to auto-assign IPs

It was this last bit that enabled me to communicate with my network, including streaming Roon.

3 Likes

Thanks @David_Carmichael and @Robert_Sink,

Those were two very helpful posts for other users. This will now be my goto thread for enquiries about VPN.

TLDR; if you run ROCK and OpenVPN on the same device, you can go with a plain vanilla tun configuration.

I installed ROCK on my Ubuntu Linux router, simply as an app that I wrote init.d scripts for, backed up, and restored my Roon library to it. My music files were already living there, and previously I was running Roon from a Mac.

Now that my OpenVPN server, music, and ROCK server live on the same Ubuntu Linux machine, an OpenVPN client connection from my iPhone allows me to stream music. In my opinion, this is the most streamlined iteration so far, because I’m relying on one Linux box to do it all, and OpenVPN is the VPN software that I know the best.

I’ve added this Kindle book to my reading list to better, and hopefully gain an understanding of IGMP/multicast.

Hope this helps someone.

2 Likes

I wonder (it looks like it might) if DietPi @Dan_Knight has a VPN client that would work like this gaining access to the network… especially running roon server with DietPi on AMD64 platform

I have an RT2600AC being delivered today. It was mentioned the VPN Plus Server provided by Synology worked with Roon from mobile devices. I’ll let everyone know if it works for me as well, as this would be the simplest solution for those patiently waiting for Roon developers to get past MQA onto the more important mobile stuff. :innocent:

My wife asked me to check what she was playing on Roon this morning and stream it in the car seeing it was on Tidal…I had to explain that Roon wouldn’t load up the history while we are not in the house…I am so wanting to get this VPN setup working. Maybe I better just start some tinkering too.

It certainly did, thanks a lot! :+1:

Works fine for me with Roon Core and OpenVPN server in Ubuntu Server 17.10.
So far Roon works well for me with my iPhone connected with WiFi disabled connecting over OpenVPN.
I’ll test it driving to work tomorrow :smiley:

1 Like

Synology router with VPN Plus works great. There are a couple values to be set but nothing too serious.

Make sure the Client IP range is part of your local network and Enable split tunneling.

1 Like

It works like a dream with OpenVPN server in the Roon Core server. Used it in the car to and from work as well as in the office. Note that using it over mobile network will is not great if you don’t have an unrestricted plan for mobile data.

What endpoint are you using?

Thanks
PK