Remote connection via VPN - [Resolved] but ongoing discussion

Hello, I have Roon over VPN working on my iPhone (iOS 13.4.1) and on my iPad (iOS 12.4.6). Even after a fresh restart of the Roon App. Here my findings.

The VPN server is running on my Synology Router (1900ac) with IP’s on the same subnet.

I have to disable IGMP Snooping on the router otherwise Roon will not work.

Furthermore it is important that the internet connection is fast enough. With a slow connection the Roon app is working but the Roon server cannot find the audio device on the iPhone/iPad; in that case you cannot play music on the IPhone/iPad

@Joshua_Kapell Hi, I have the same router and cannot find the core. Is this still working for you and did you mean that you enabled IGMP Snooping under the Setup>Networking menu?

[SOLVED] Got Roon playing sweet HD music on my laptop, and phone. Murphy’s Law dictates that now that I got this sorted out, Roon will come out with remote streaming. I’d prefer that to this slap-shod workaround!

My router at home has built in OpenVPN (Netgear Nighthawk R7000 with AsusWRT). When you set that up: specify a TAP type of VPN. This is a “Layer 2” type of vpn.

I did the best I could at anonymizing relevant data. If you see something I should have erased, please let me know so I can fix it.

The only thing I modified above was the port to 1195 instead of default 1194. I still have a Docker OpenVPN running on a forwarded port 1194, and didn’t want to break that for this experiment.

Notice in the above shot it says the OpenVPN software on the router “automatically generates the .ovpn file” that takes loads of work out of this setup.

OpenVPN client on Windows 10 status screen. I did have to create another user/pass for the OpenVPN to connect to above. Then when you run the regular OpenVPN Client software, use that newly created username/pass.

ovpn client config file at hastebin

Now onto my Android. It’s a Pixel 3XL. It also plays music right off Roon (!). Occasionally has some buffering issues.

Why does Android app not support TAP-style tunnels?

I managed to get a VPN layer 2 app using this one that I found from the a Medium article:
VPN Client Pro. The free version doesn’t have the “OpenVPN TAP device support without root permission” that we really need for this. There’s a 7 day trial, I activated that, and was able to connect to the TAP VPN using the .ovpn file I also used above.

the screen-shot below is where I’ve got the TAP VPN connected via LTE only. I get this error message about being connected to home wifi.

Someone around here suggested I turn on tethering. That works! I’m away from everything. LTE only. Turn on tethering, turn on the above Android layer 2 VPN, and boom! Music on Android!

This screen shot, I connected to work WIFI, and the TAP VPN, we’re rockin’!

When I first hooked this up, I was having some buffering issues. After a day, I tried again and haven’t had those issues again. From a tech guru friend: "Yeah cell latency + VPN overhead + overworked phone CPU is fouling it up and you’re dropping packets I bet. Your phone is doing 1.4MB/s - that part is fine but it’s probably the latency that’s killing throughput.

Reporting back again here a month later. My phone went through 65GB of data in about a week. Pretty sure something about having the VPN app, plus the Hotspot going was double or triple dipping the data transfers. Whelp, back to Plex.

Enjoy!

=============================================================
There is a bunch of discussion on other options getting Roon to work remotely. Some things that did not work for me:

Wireguard VPN. Works great for VPN, but got absolutely nothing for Roon Cores or music or anything.

Regular OpenVPN connection. Like above, regular VPN access to local network stuff works great, total whiff on access to Roon services.

I have this successfully working using a Unifi USG router and its inbuilt VPN it just works for this. The only issue I have is that Roon remote won’t work without WiFi on Android so have to use the phone as an access point which my DAP or laptop connect to. Can’t use the phone on its own. Anybody now a way around this at all?

With UniFi how is the vpn setup and the ip addressing?

It’s a remote user VPN. You just create a network on the router as a VPN , you assign it’s vlan, a radius id, pre shared key and thats it, that’s all I had to do. So for my DAP I just enter in these settings in the Androids VPN section on the device.

You just have to manually put in the cores IP address in the remote that’s connecting.

Here is my phone on 4g with WiFi sharing as an acces point.

And heres my dap connected to it

I can see and control all endpoints and play music on the device.

And heres it on the Unifi

I believe as long as all networks are set up as Corporate then it will route between them unless you tell it not to. I have done this for my IoT network. Main network can talk to it but not the other way around.

I’ve got all this setup on my UnIfi in the same way. I can connect to the Roon core by specifying it’s IP address, and I can control zones, but what I can’t do is see my own device to play music on it.

This is using either an iPhone or a Windows 10 client. I seem to remember that something about the iPhone VPN client stops you doing this, but do you know if this works with a Windows 10 client?

Do you have mdns on? Yes it works on my laptop which is windows 10.

I am in the same boat here. Given that @CrystalGipsy got it to work, I might try it again this weekend as I noticed mdns was not enabled.

How do I check if MDNS is on? Google searching this seems to come up with conflicting information.

In unifi controller it’s a service to turn on.

![image|690x460](upload://3wDFFxvJtwlUjRTUm0nGedVh2qd.png

However your right I am not seeing the PC in the audio bit. I am sure I have had it working before, but this is a new so things have changed.

Ah got it - I was looking for a Windows setting.

I’ve turned it on but yes, I still don’t see the PC as a client.

You’re saying that with this config it works for your Android phone though right?

Yes it does and works fine. No idea why windows doesnt

I wonder if its a windows firewall setting?

I too have a UniFi product (Dream Machine Pro) and can connect and see my Roon core, however my iPhone only shows as being a Remote. Nothing will play through it. It is playing, but no audio and I cannot select it as an output. As soon as I drop the VPN connection and turn WiFi back in I can output to the phone. I only gave this a few minutes to resolve, but will get back to it. My feeling is it has something to do with the VPN IP range being different from the LAN IP range. There is no way on this product to reserve a range of IPs with the LAN’s IP range as being for VPN access.

I might get back into this again with Unifi VPN but have indeed had it working a year ago with ZeroTier when my core was on W10 with ZT instance running and remote was MAC over wifi from a hotel connection…sadly even just visiting a friends place to try it is still out of the equation with C19 situation here. At best my inlaws house is an option. I just need to lug the MBP out which is not something I do much…maybe my FiiO M11 might oblige a connection.

I might even setup a VPN tunnel to their house just for fun with a backup USG3P.

check out Layer 2 vs Layer 3 VPNs. quora

Its strange how I can get it to work on Android and have it show up, so I dont think it’s the Unifi End that’s the problem but perhaps the OS in use with Roon. They must interact differnetly for discovery in some way. Other users have had issues with remotes working but not showing up as an endpoint on Mac and iPads on a local network before now.

From the Unifi vpn instructions, it is a layer2 vpn.

L2TP doesn’t have a route distribution method. If the setting on the client device to route “all” traffic through the tunnel is not enabled, it will be necessary to add the manual routes on the client, to point to the USG’s local networks. Search in each specific client device’s documentation on how to enable sending all traffic over the VPN connection.