Purpose
I have recently moved my core from a Windows 10 Machine to a Grimm MU1. My home Windows 10 was running the core and I used some software called Zerotier which allows you to set up a virtual network. I set up the network with the same range as my home LAN. With Zerotier on both my Work PC and home core I can easily connect both PCs to the Virtual network and the core sees my Work PC as an Endpoint - Lovely.
However now I have moved my Core to another device and I can’t (and won’t try) install Zerotier on the Grimm. If I used a Roon Rock I would be in the same situation. It doesn’t matter what OS your Roon core is on if you cannot install this Zerotier software on the core then it’s not so easy to do this.
I can set up a VPN to home. Most Routers allow this however you always end up with a different LAN Range for the connected remote devices and hence the Roon core will not see the remote endpoint.
I have found a solution to this and sit here at work listening to smooth Jazz as I type so I thought I would share in case it’s of use to anyone else.
Why not use ARC?
Yes of course I use ARC as well and it’s great but it’s much nicer to sort out your library or deal with Playlists with a large PC screen than on a Mobile.
You could also use this on a Laptop when away from home on Holiday (for example). No need to de-authorise your core.
Prerequisites
-You need a router (in my case an ASUS Rapture GT-AX6000) that is capable of OpenVPN in “TAP” mode. You will see this option in the Advanced settings for OpenVPN on the router.
-You will need decent upload from your home network. If you live in the middle of nowhere this may not work well for you.
-If you do not have a Static IP address at home you will need to configure your router with a Dynamic DNS Address. On the ASUS Router you can find this under the “WAN” settings and you would need to set this up first.
-Your work machine needs to be on a different LAN to your home LAN.
-You do have to have some basic computing knowledge.
Step 1 - Set up router
I can only show you the settings for an ASUS Router. Log into the router and navigate to “VPN” on the left hand side and enable “OpenVPN”:
Use the following settings:
Server Port: Anything from 1025 to 65535. I chose 1025 for this screenshot.
RSA Encryption: 1024 bit should be sufficient but you can use 2048 bit for greater encryption but this may slow the connection down
Client will access: Local Network Only. Unless you want to route internet traffic through your home connection as well.
Click on “VPN Details” and put the settings into “Advanced/Professional” Mode. The key settings are “Interface type TAP”, “TCP” and to ensure DHCP is on. Here are the settings:
Once you have it working you may want to restrict it to only work for specific clients.
Ensure you click “Apply All Settings” to save.
Click “Renew Certificate” to refresh a new Certificate Key pair and then export the OpenVPN configuration file and save this. You will need to import it later onto your Work/remote PC.
Finally you need to set up a user for the VPN. Click the add icon to add a new user:
You can set a username and then use a site like LastPass to come up with a complex password:
You are then done on the Router side.
Step 2 - Set up Work PC
This is assuming you are using a Windows PC you need to install a “TAP” driver which will create a Virtual Network Adapter on your PC. You can find this software here:
Top option “Windows 64-bit MSI installer”.
Install that and you will end up with a new network adapter called something like this:
If you’re not sure which one it is look at the properties and you will see that the Network hardware is the TAP Adapter:
You just need to edit the text file that you export in step one and amend a few lines:
The top line will show the Public IP of your home router (if you have a static IP) and the port you chose to use. If you set up a Dynamic DNS address then this line should look something like “myhomeserver.asuscomm.com 1025” if this is what I had configured on the router:
The second highlighted line needs to be name of the TAP Network Adapter In Windows.
You then save the config file and import it into the OpenVPN Client. There should be a small icon in next to the clock:
When you connect if will ask you for the Username and Password that you configured in step 1 and then once you connect (hopefully successfully!) your work PC will have an IP on the same range as home as your router will use DHCP to give it one. It should find the Roon Core.
One final step I had to do is change the Setting to “Private” for the “Local Area Connection 2” (in my case) as it was set to “Public”. If you see this in control panel then the Roon Core will not see the Audio Devices on your Work Endpoint:
To change that you type “powershell” in the start menu and run this command however the Ethernet connection name may be different in your case.:
Set-NetConnectionProfile -Name “Local Area Connection 2” -NetworkCategory Private
You have essentially connected your Work PC to your home network and the communication is bi-directional and so you can access resources on both sides.
Just be aware of this. You may want to increase the encryption level and also disconnect the VPN when you are not using it.
Just wanted to share. I did so much Googling and eventually found the information I needed. Hopefully is will be of some use to people.
Cheers