You are here

Tunnel Set Up on AirRouter

15 posts / 0 new
Last post
k6mby
k6mby's picture
Tunnel Set Up on AirRouter

Good day,

I have followed the general instructions found here on the forum for tunnel set up but the tunnel server does not appear to be working.
The tunnel server is an AirRouter with AREDN 3.6.1.1.  Its WAN port is connected to my home router which has port 5525 forwarded to the IP address assigned to the AirRouter.  A No-IP DDNS is used in the server and a single client  is built into the server.  Both the server and distant client show "Not Connected."

Attempted pings into the server using either the home router public IP address or the no-ip ddns address do not get a response from the tunnel server.

I have read most of the posts in the tunnel forum but nothing jumps out, however, I am not all that knowledgeable regarding networking.

Attached, I think, is a support data dump.  I do not see a way to attach files so the attachment is a copy and paste.

Any thoughts would be appreciated. 

Bob
K6MBY
Sequim, WA

K5DLQ
K5DLQ's picture
at the very bottom of the
at the very bottom of the post reply page is the "Support Attachments" section.  That is where you can attach your support dump.

Question:  what are the node names of the server and client that you are trying to connect?  The length of the node names may be the problem.
 
k6mby
k6mby's picture
Node Names and file
Not sure I am giving you what you are looking for in a "name", but,  K6MBY-M2-AR1 is the server and K7WWP-A1 is the client.

Bob
Support File Attachments: 
K5DLQ
K5DLQ's picture
here is a quick test to see
here is a quick test to see if your external router (ie. your home router) is setup properly to forward port 5525 to your node:

FROM THE CLIENT (or any network other than your own...):
telnet to your ddns name at port 5525.  ie.  if on MacOS or linux:  telnet w6mby.no-ip.com 5525
if it is configured properly, you should see something like:
Connected to K6MBY-M2-AR1.
Escape character is '^]'.
VTUN server ver 3.X 04/12/2017

If NOT, it means either:
  1. your external router is not configured properly to the forward 5525 to the WAN address of your K6MBY-M2-AR1 node
  2. your node does not have any tunnels clients defined and enabled
  3. your ISP may be blocking port 5525 to you
k6mby
k6mby's picture
Going with number 3
I had the client end, K7WWP, test both my current public IP as well as my ddns.net.  Neither received the VTUN response.   The home router has been checked and doubleched and is set up properly.  There is a tunnel client defined and enabled.

I have an email off to my ISP to see if they block 5525.
Bob
K6MBY
Sequim, WA
 
K5DLQ
K5DLQ's picture
When you look at the tunnel

When you look at the tunnel server's node status, the IP listed under the WAN address (ie. 192.168.1.x probably) is the address your router is forwarding 5525 to, right?
 

k6mby
k6mby's picture
Port Forward and ISP comments
Yes, The WAN address noted in the AirRouter, which is the tunnel server, is a 192.168.0.xxx number.  It is the IP Address that 5525 is being port forwarded to.

My ISP indicates they are not blocking port 5525 which then leads me to wonder about the AirRouter.  I have another AirRouter which I will configure and replace the existing Airrouter.

Bob
K6MBY
K5DLQ
K5DLQ's picture
the tunnel server is not
the tunnel server is not running (according to your support dump).
Can you send a screenshot of your Tunnel Server screen?
email at my callsign@aredn.org
 
k6mby
k6mby's picture
The lightbulb just came on
In an off forum email discussion with Darryl he pointed out that the Client Name in the tunnel server set up was the Node Name of the Client, i.e., K6MBY-AR1, and not the public ip address of that client.   The server does not need to know the public IP of the client as the server is just listening on port 5525.  The "call" is initiated by the client.  That point, while clear now, past right over my thinking process....

Our clouds in the client and server are now blue.  I moved my antenna so that K7WWP and I no longer had an RF connection yet we were able to continue a call on FreePBX.

Thanks again Darryl....

Bob
K6MBY
Sequim, WA
 
K5DLQ
K5DLQ's picture
Happy to be of assistance! 
Happy to be of assistance!  happy Meshing!
KG7LMI
KG7LMI's picture
setting the tunnel network address

I just got my tunnel server and client working after some trial and error wrt the names the server and client setup wanted also. (For those who are also trying to figure this out, the client setup page has the DDNS hostname in the "Server" field and the server setup page has the client node name in the "Client" field. When you get it right, the cloud icons next to the net address will turn blue.)

To confirm, when I set up the tunnel server the last 2 octets of the network address were already filled in. I assumed these are defaults and I kept them. Is this correct?

73, Rob

K5DLQ
K5DLQ's picture
correct.  They are auto
correct.  They are auto-defaulted.
KG7LMI
KG7LMI's picture
Cool. Thanks73, Rob
Cool. Thanks. One other question: when I configured the tunnel node, I set up the Internet VLAN and enabled DHCP on the WAN interface but did not enable the Mesh Gateway. This made the most sense to me, and it all seemed to work, but can you also confirm that this is correct? 73, Rob
K5DLQ
K5DLQ's picture
that is correct.  If the
that is correct.  If the local node has VLAN1 (internet) access, it (and any local LAN device on the node) will use it whether or not the "Mesh Gateway" is set.  If set, it just tells all the other nodes on the mesh that this node should be the gateway and has "internet".
KG7LMI
KG7LMI's picture
That's what I thought it
That's what I thought it would do. Perfect. Thanks again! 73, Rob

Theme by Danetsoft and Danang Probo Sayekti inspired by Maksimer