Remote connection via VPN - [Resolved] but ongoing discussion


(Johan N) #82

I just installed and set up OpenVPN server on my Roon Core Server, opened for openvpn & added route to the VPN subnet in my router and then it worked. My Roon Core server runs Ubuntu Server 17.10.

openvpn was set up to use TUN & UDP and in my case I set it up to use certificate based auth.
So far I’ve only tried with iOS and MacOS clients connecting over mobile network and that works fine.
Even works during my drive to and from work. :slight_smile:


(BryanA) #83

Nice to know it’s working on a TUN interface. But you’re running OpenVPN server on the same server that is running Roon correct? If that’s the case, then I think that’s why a TUN interface is working for you (because you’re on the same box as the Roon server technically)

I’ve also got it working over my cell phone and I have an unlimited data plan so it tends to work fairly well. I have a modest vacation place (cabin) and it’s only got 128K DSL and this won’t work over a link that slow. So as long as you have a fairly good link it works well.

I suppose doing a lot more caching on the client side would help with the slow connection but there’s no control of that which I’m aware.

I’d also recommend going on the DB/Server side and setting the client’s DSP settings under Sample Rate Conversion and setting it to custom. Make sure everything is 44.1Khz (Unless you have a super fast Internet at both ends then go ahead and stream 24bit or DSD if you think you can do it). But I’ve tried DSD over a neighbors 75 Mbps connection and it didn’t work very well (I have FIOS Gigabit Internet) YMMV. Here’s a screenshot of what I’m talking about.


(Johan N) #84

Yes, as I stated above, I installed and set up OpenVPN server on my Roon Core Server.
I think It works since I don’t have any issues with multicast including IGMP routing when running in the same server.


(Johan N) #85

I can stream DSD128 and 384KHz 24bit PCM over mobile network even when driving to and from work when using a compatible DAC. In my case an iFi iDSD Nano. Note that it’s not for anyone without unlimited data plan.
Also to be noted that my car infotainment system downsamples to 44 or 48k anyway so rather meaningless but cool that it can work. :slight_smile:


(Johan N) #86

Just in case it wasn’t clear, Robert was the one who came up with running the OpenVPN server in the same server as where Roon Core runs. So he should get all credits for it.


#87

@DrTone I am mucking around with a Synology rt2600ac. So are you using the Synology SSL VPN + Synology VPN client on your remote pc/iOS devices? Or are you using L2TP and standard built-in clients?
I am assuming that based on your screenshot it’s the former. But I only ask as there was no mention of having to install Synology vpn client apps etc. And some others like @jato1569 and @Leon_Jehae seem to be getting it to work with L2TP??

I have tried both standard L2TP and the Synology VPN client on an iPhone and can’t get Roon on the iPhone to connect either way … ugh. Must be missing something. I have IGMP proxy enabled (version 2).

One thing I do notice is that if I try to set client ip’s to the local network under L2TP it doesn’t work when saving - I get an ‘operation failed’. I can only set up an L2TP VPN using the default 10.0.0.0 network which obviously isn’t going to work.

If I create a Synology SSL VPN I am able to use local network for client addresses and if use the iPhone VPN Client then I do a local network address assigned … but still no love from Roon.


(Jeff) #88

Just tried it again for the first time in a long time and something has broke it, it no longer works for me either. I’m going to guess an IOS update.

I seldom use it, so sorry for not noticing it earlier if you bought the router just for Roon and iPhone VPN.


#89

Ok thanks, and which protocol were you using - standard L2TP or Synology SSL VPN (and associated client)?


(Jeff) #90

SSL VPN with local IP pool. No IGMP proxy was required because it should be the same network.


(Robert Sink) #91

It no longer works for me over my OpenVPN connection, either.

What’s more perplexing is, over the VPN connection, I can see the zone (my iPhone) pop up in the zone list and I can stream music to the device, however, the iOS device while playing music just sits there spinning on “Chose your Core.”

sigh

I give up.


#92

ugh, I wonder if a recent/last Roon update is the culprit here - intentional or not? Given that it has stopped working for different VPN protocols and different people. that said, in theory, if the remote client entirely looks like it’s on the local subnet I don’t see why it should stop working.


(Robert Sink) #93

No idea why it quit working. I run Roon on Linux and see stuff in RoonServer_log.txt that show my iPhone is 1/2 way working, but I no longer have the energy to debug it, especially considering Roon doesn’t really consider this to be a supported feature.

So, when I’m on the road, I’m stuck switching back to Vox and the Tidal iOS app. Yay.


#94

@qdtjni is your OpenVPN setup still working for you?


(Johan N) #95

Yes it is till working for me.
Although it stop working shortly some week back, where re-install of OpenVPN App in my iPhone resolved it.


#96

Very interesting. I was playing around a bit more yesterday and learnt a bit more from the roon server logs. I also was able to get the remote client to find the core sometimes by manually restarting the core. It was hit and miss - so unclear as to what variable is at play there. And even when it found the core, it did not list the remote endpoint (in the remote core) even though it seems to get created as an endpoint/zone in the roon server logs!

Would you be able to do a few things in the sake of community interest:

  1. provide a copy of your openVpn server.conf? I don’t think there is anything private in that file.
  2. specify what router you are using in front of your linux ubuntu box (which has core and openVpn)?
  3. any relevant firewall/igmp/routing settings on your router …

I know this might be a big ask but it would really help me/us diagnose what’s missing!


(Johan N) #97

I’m not at home now but will provide you with the conf file later.

My router is an ASUS RT-AC88U

The only settings in the router is the port mapping for OpenVPN and a static route to the VPN sub net.


#98

Ok thanks that’s one thing I was wondering about that you mentioned earlier … I don’t have a static route setup. I need to understand my new router a bit better and get that created … I was going to use a remote vpn subnet of say 192.168.0.224/27 … need to figure this out.


(Johan N) #99

I just used the default 10 C net for OpenVPN in the server where OpenVPN and Roon Core run.
So in the router I have a static route pointing to my servers address on my 192.168.0 net.
Both networks have a normal C mask.

I didn’t really see the point of messing around with netmasks using just a 192.168.x address range since I would still need a static route.


#100

Hmmm interesting that you are using the default 10.8.0.0 net for openVpn remote net. I now understand why you are using a static route to push 10.8.0.0 traffic back to the openVpn server. I tried to going back to the 10.x C net and my vpn completely works except for Roon. Will be interested to see what your server.conf looks like. I must be missing something.


(Johan N) #101

You can get away without the route if you setup NAT in the VPN server but I choose to use routing instead.

I’ sent you a server.conf stripped from comments and commented out settings in a PM.