does anyone have a good white paper or notes on tunnel set up? I am starting to plan a tunnel and wish to accomplish the following:
link mesh islands
link Rasp Asterisk systems
give myself a way to access the mesh and manage while traveling for business or in my RV.
thanks,
Keith - AI6BX
link mesh islands
link Rasp Asterisk systems
give myself a way to access the mesh and manage while traveling for business or in my RV.
thanks,
Keith - AI6BX
Tunnel support is built into the AREDN firmware. Just go to the Setup page and select either Tunnel Server or Tunnel Client from the menu bar at the top of the page. Before you begin, make sure that you have an Internet connection to the node. Confirm an Internet connection by looking at the main status page and see that there is an IP address for the "default gateway" on the lower left.
The tunnel software pakage needs to be installed, so click the Install button and wait until the pakage is downloaded and the node reboots.
After the reboot, go back to the Setup page and fill in the required information. If your are establishing a Tunnel Server, you will need to have a publicly available Tunnel Server DNS Name for the tunnel clients to connect to. One way to do that is to setup a No-IP or DynDNS account, name your server, assuming your mesh node gateway is on your home network, and forward port 5525 on your ISP router to the mesh node. Complete the server setup by entering the exact client name and password.
Setting up a Tunnel Client is easier since it does not need port forwarding on your home router. Just enter the server DNS name, password and network address that was established in the Tunnel server this client will connect to.
I got my tunnel clients working fairly easily, and am enjoying their connectivity. However, I am now trying to set up a server on a nano-loco that is connected via an Air Router to one of my "node" connections at the switch. I will try to diagram this for you, all are CAT5e connections here:
Starting at the nano-loco, it is connected to the Air Router, which is configured as a mesh node.
The Air Router connects to the GS108Ev3 WAN connection at the tower junction box, where the other nodes are connected also. This switch is just set up as seven nodes and a WAN connection.
My home network (internet) router connects to the WAN port on the switch in the tower junction box.
My home network router connects to the ComCast modem. Comcast modem is not used for anything except the internet provider connection to my home internet router system (wired and wireless). The only "mesh" connection to this system is from the GS108Ev3 on the tower.
I have established an account via no-ip. So far, I haven't figured out how to get from that account to the server on the Nano-Loco.
I know this sounds really dumb, but I need help. My background is electronics technology and police work, and I am trying to learn about this networking stuff, but it is slow going.
Thanks and 73,
Jerry
Take a look at the advanced settings on your home router to find the port forwarding setup. If you still have difficulty, please identify the model number of the Comcast router so that we can look for documentation and try to assist you.
-Randy
I have read all the comments above trying to set up a tunnel at my home qth. I want to get this figured out as I plan to connect 2 mesh Islands at a public service event in a few weeks. I had a tunnel working for a short while earlier today. When I went back to it if no longer was working. I'm lost at this point. Here is my set up.
The tunnel server and client are both AirRouters. The ethernet ports of the AirRouters are connected to ports 1 & 2 of a linksys wrt54g2, the home network. The wrt54g2 has port 5525 forwarded to the 192.168.1.x address of the AirRouter acting as the server. I have a noip dns name, the ip address is the 172.31.x.x address issued by the tunnel server. The client is set up with the noip dns name, the password I created setting up the tunnel server and the 172.31.x.x address issued by the tunnel server. The enable box is check on both the server and client.
What am I doing wrong here that the tunnel does not like?
Thanks,
Jerry
w5mig
This isn't guaranteed to work, I've worked with a number of systems that forbade this (I actually seem to recall a RFC that actually said you were not suppose to allow this but I can't find it right now)
The prime RFC I found that says this should be allowed didn't come out till 2007.
If you want to truely test this you will need to do it remotely, if you just want to test the tunnel works use the 192.168.1.x address of the AirRouter.
Ok. I have a remote mesh that I am able to vpn into. I have two nodes locally and three nodes at the remote site. So I set up tunneling from there and it works! Great. All was working great for a while but now, for some reason, in the local mesh, when I try to connect to any node in the local or remote mesh I get a "this site can't be reached" message in my browser. I can still connect to any node from the remote mesh. I tried rebooting the tunnel server but no change. What happened at my end?
AREDN network is just a data network. In theory you could set up any radio system that uses a data network. (VoIP etc work on AREDN net because users have set up their own servers to manage and connect those VoIP devices together) For an HT over rf- Allstar would work. https://www.allstarlink.org/
You would need an ASL Asterisk server on the AREDN network as well as multiple interfaces to connect repeaters/radios to each other. The RTCM device is used commonly on repeaters to allow communication via the ASL system. (http://micro-node.com/thin-m1.shtml). Many end users like you and I use a small radio interface (https://dmkeng.com/Products.htm), a radio, and a R-Pi to create a way into ASL over rf from an HT etc. at their home or in their RV/mobile/etc. You can also use an Android app to connect to ASL and connect/talk on ASL. Connect to an ASL node that is linked to a repeater or end user and you will be heard over rf on those systems.
Lot of info- and I am no expert- but hoping it sheds some light on your question.
73-
Clifford
I have Allstar/Hamvoip running very nicely over my mesh network in Idaho using several Raspberry PI 3Bs installed with this:
https://www.hamvoip.org/
A couple of the PIs (3B) are installed on a couple of our local repeaters (the PI is actually the controller for one of them.) and each are connected over part15 links using their eth0 ports thru to the Interwebs with public node#s for outside access - and are running just fine. However, on each of these I also have a second "private" node# configured in that PI and accessible thru its eth1 (USB-eth adapter) linked to over our mesh system.
I have another PI configured in the same way (but without a radio attached) down in the valley which allows me another public node "entrance" into my system and I "bridge" that over to its second [private] node# which I then link/bridge as needed into my system. There are a couple of other "portable" PIs setup with a dongle and they use both nodes in each install in a similar way (see: http://chilinodz.wikidot.com/ ). Unfortunately the locally-made ChiliNodz are not currently in production. As previously mentioned, one can connect many different sorts of audio dongles and radios to Hamvoip - there are many home-brew designs. What I have in the case, however, is much more portable than most.
Bottom line: with a little bit of networking one can easily and effectively marry the Allstar system into an AREDN mesh and also have it setup to run without an internet connection when necessary (and still work the mtn top rerpeaters).
I've even used (in a test mode) a mesh tunnel to connect in from out-of-state and connect to/thru my mesh/Allstar setup. The possibilities for distributing access to our mtn top repeaters over our local local mesh when/if direct 2M connection is not possible via RF and the internet is down ... are terrific.
Hope this makes sense,
- Don - AA7AU