[arm-allstar] OpenVPN help
stanley stanukinos
ka5iid at swbell.net
Fri Dec 27 22:31:52 EST 2019
AT&T does not allow inbound connectivity as they are double NAT the connection. If you want to pay for a reserved IP address the VPN to the AT&T network will work but the up front and monthly will make your wallet hurt. From past post the solution is to have a node on a public IP somewhere else and have the remote set to always connect with the VPN to it and then you will have access to the remote node. If the remote node is only doing outbound connections then it should not have any issues.
Stan
Sent from my iPhone
> On Dec 27, 2019, at 9:02 PM, Bryan St Clair via ARM-allstar <arm-allstar at hamvoip.org> wrote:
>
> I had openvpn on the hamvoip node, connected through 'private tunnel'. I
> think that is the issue. They don't seem to allow incoming traffic down
> the tunnel.
>
> I am going to setup a hub for him and reverse tunnels to bypass the need
> for the vpn.
>
> Thanks for the reply.
>
> Bryan
>
>
>> On Fri, Dec 27, 2019 at 6:51 PM "Mike Sullivan via ARM-allstar" <
>> arm-allstar at hamvoip.org> wrote:
>>
>> What OS are you running the VPN on? Do you have port forwarding set up on
>> the VPN?
>>
>> I use Ubuntu with OVPN for a couple nodes, think I finally have the “magic
>> code” figured out.
>>
>> Mike
>>
>> On Fri, Dec 27, 2019 at 21:48 "Bryan St Clair via ARM-allstar" <
>> arm-allstar at hamvoip.org> wrote:
>>
>>> For those using openvpn (on a ATT connection) I have a question.
>>>
>>> I am helping someone who has a node on a ATT Netgear device. It is
>> online
>>> and was able to make outgoing connections. We were not able to get ATT
>> to
>>> allow incoming connections so we setup a openvpn connection and have it
>>> running. The new IP is registering and we are on port 4570, showing
>>> correct port id on both host and client-side DNS queries.
>>>
>>> Problem is, I reboot the node, it starts the VPN, connects and registers.
>>> Seems it take about 30 seconds before an outgoing connection can be made,
>>> however, an hour later, no incoming connection can be established.
>>>
>>> (node numbers as example, all are public nodes)
>>>
>>> node 1234 can connect to 9876.
>>> node 1234 is on the vpn, node 9876 is not on a vpn, different networks.
>>> node 9876 can not connect 1234, gets the following messages:
>>>
>>> chan_iax2.c:4099 __auto_congest: Auto-congesting call due to slow
>> response
>>>
>>> no incoming connection for any source can get into node 1234. However
>>> outgoing from 1234 it seems to be fine.
>>>
>>> I don't use vpns often in allstar, is their any diag steps to ensure the
>>> 4570 port is getting back to the node? I even tried to ssh directly to in
>>> ove the vpn and get no response to the login attempt.
>>>
>>> Any ideas?
>>>
>>> --
>>> Bryan
>>> K6CBR
>>> bryan at k6cbr.us
>>> _______________________________________________
>>>
>>> ARM-allstar mailing list
>>> ARM-allstar at hamvoip.org
>>> http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
>>>
>>> Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
>>>
>> _______________________________________________
>>
>> ARM-allstar mailing list
>> ARM-allstar at hamvoip.org
>> http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
>>
>> Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
>
>
>
> --
> Bryan
> K6CBR
> bryan at k6cbr.us
>
> Allstar Hubs: 43919, 47036
> _______________________________________________
>
> ARM-allstar mailing list
> ARM-allstar at hamvoip.org
> http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar
>
> Visit the BBB and RPi2/3/4 web page - http://hamvoip.org
More information about the ARM-allstar
mailing list