> The 'honourable people in charge' of this forum give a huge amount of > their time and expertise to keep the Squeezebox experience going. The > software is no longer developed by Logitech and is very much a community > affair and even the seemingly simple task of writing documentation takes > a lot of time and effort. The general advice from those in the know is > not to remote access LMS even if it is password protected, but if it > must be done then use a VPN or SSH. I would imagine that there are too > many different routers and VPN services to be able to give definitive > guidance by way of a guide - you hit the nail on the head when you say, > '...in spite of lots of research - instructions are often outdated, > based on old firmwares, depend on which router you have etc.' >
Turns out it's not that difficult. But believe me, there are so many posts and articles about this, each of them gives their own procedure, often using complex ssh scripts and all kinds of stuff. AFAIK all VPN stuff is based on the OpenVPN protocols, so it shouldn't be that difficult. On my Asus router with Merlin firmware, in the end, successfully establishing a VPN server that gives me remote access to home network with no errors or error messages, was literally a matter of less than twenty clicks and typing >5 digits. My problem was, with the router VPN server running, with the default settings, the router DHCP (local network IP address allocation) page would report that there was somehow a conflict between the IP addresses on my network - i.e. between the IPs usually there - and the ones allocated when they connected remotely through OpenVPN Connect app. Actually connecting to the VPN server and accessing home network resources seemed to work fine the few times I had a chance to test it, but there were error messages, but I'm hard-pressed to point out any occasion I tried it where it failed, but I didn't do extensive testing since I wasn't happy anyway because of the error messages. Like I think I said, I have literally spent weeks trying to figure this out - because it would be good for a lot of other networking stuff too. In the end, I just chanced upon the solution last night, and it was this: Under "LAN - LAN IP - Configure the LAN setting of RT-AC87U", where it used to say the standard value that I had on every router I ever owned: IP Address 192.168.1.1 Subnet mask 255.255.255.0 I changed the "IP Adress" from 192.168.1.1 to 192.168.1.35 The router itself takes the first IP address, so its admin interface is now not at 192.168.1.1 like it always has been, but at 192.168.1.35. And all other home network devices have IP addresses with higher numbers. The DHCP router page no longer reports any error or conflict. The VPN OpenVPN Server config page, with default setup/PIA .ovpn file, has, under advanced settings, one single line that could be related to this: VPN Subnet / Netmask 10.8.0.0 255.255.255.0 I did not change anything there. So literally the only thing I had to do to make this work without any error messages was change 192.168.1.1 to 192.168.1.35, on the LAN IP page, next to the DHCP page. The DHCP page now remarks, however, in yellow letters, that the router IP address is 192.168.1.35, but it does not report this as an "error" or "conflict". So it seems the problem in this case is simply that the default subnet specified when you create a default configuration VPN Server on the router is wrong, it conflicts with the default values for the router. A very unfortunate oversight from the programmers ? Still seems strange, since the OpenVPN Server page says 10.8.0.0, that it should be affected by changing 192.168.1.1 to 192.168.1.35. Can anybody explain that to me ? In my reading I've read there are three "classes" or ranges of IP addresses set aside for "internal" network use, the 192.168.X range, the 10.0.X one, and I think the 127.0.X one. So if to begin with, with the default configurations for both the LAN IP/DHCP stuff and the OpenVPN server stuff, and them having specified two different ones of these ranges, why would there be a conflict ? How could have changing LAN IP from .1 to .35 fixed it ? The battle now will be getting the router VPN server and router VPN client to work at the same time. When I had it set up before - setting up a router as VPN client is a lot more complicated, strangely, since it's more typically done by nothing more than downloading the VPN provider's app and typing your username and password. But I used a .ovpn file generator from my VPN provider privateinternetaccess.com, and I could have one or the other working, but not both at the same time, like you're supposed to be able to. If I was connected to the VPN server, as soon as I turned on the router as a VPN client, the VPN server connection would drop its connections. So I think these are "subnets". I think it had something to do with something called "subnets" the whole time. Someone could have told me a bit more than "use a VPN", most people think of a VPN of what is actually using a device that is a VPN -client-, not connecting through your own home network by setting up a home network VPN -server- to connect to. ------------------------------------------------------------------------ echable's Profile: http://forums.slimdevices.com/member.php?userid=69542 View this thread: http://forums.slimdevices.com/showthread.php?t=111300 _______________________________________________ Squeezecenter mailing list [email protected] http://lists.slimdevices.com/mailman/listinfo/squeezecenter
