Call Search
     

New to Ham Radio?
My Profile

Community
Articles
Forums
News
Reviews
Friends Remembered
Strays
Survey Question

Operating
Contesting
DX Cluster Spots
Propagation

Resources
Calendar
Classifieds
Ham Exams
Ham Links
List Archives
News Articles
Product Reviews
QSL Managers

Site Info
eHam Help (FAQ)
Support the site
The eHam Team
Advertising Info
Vision Statement
About eHam.net

   Home   Help Search  
Pages: [1]   Go Down
  Print  
Author Topic: Struggling with Hamachi VPN and IP-Sound  (Read 3973 times)
WD4ELG
Member

Posts: 860




Ignore
« on: October 09, 2012, 09:10:20 PM »

OK, probably human error by me...as usual.

Remote in the hotel: Lenovo laptop, Windows 8, IP Sound v 0.57a, LogMeIn Hamachi 2.1.0.215

Base station in shack: Windows 7, IP Sound v0.57a, LogMeIn Hamachi 2.1.0.215


Scenario 1, using the hotel internet LAN connection plugged into my laptop:
1. I am able to browse the web
2. I am able to connect to my Hamachi network 5.*.*.* from my hotel and from the base in the shack.  I see a green light with both computers present.
3. At the hotel, I double-click on the green circle icon for the shack computer, and it successfully pings the shack computer.
4. I cannot connect using IP-Sound.  There are two connections in IP-Sound, one for the public IP address of my cable modem at my shack, and a second is set to the 5.*.*.* address of the Hamachi LogMeIn host in my shack.  I suspect that the hotel internet is re-routing the IP-Sound packets (common with hotels).
5.  I CAN get the DNS resolution in IP-Sound to confirm the correct IP address for the shack computer.

Scenario 2, using a Verizon wireless USB aircard plugged into my laptop:
1. I am able to browse the web on my aircard
2. Without even using my Hamachi network, I am able to connect IP-Sound from my laptop in my hotel to my host computer THROUGH MY FIREWALL in my house, using the public IP address of my cable modem at my shack.  It works perfectly and does auto-answer. 
3. When connecting to my Hamachi network, I can ping the shack computer from the hotel over Hamachi but I still cannot get the IP-Sound connection to work over Hamachi.


CONCLUSIONS:
1. The firewall at my house is correctly configured to forward the IP-Sound packets, exactly as I set it up to do.
2. The hotel is re-routing the IP-Sound packets.
3. I have something incorrectly configured with Hamachi LogMeIn that is preventing IP-Sound from working.  Possibly the IP address?
4. The air card is not fast enough to handle the audio and the video I want to display using an additional tool (not relevant to this thread).

I did not see any guidance on what IP address to enter for the IP-Sound software for Hamachi LogMeIn.  It seems like it should be the 5.* address, but that's not working. 

Any suggestions?  Thanks in advance.
Logged
W9IQ
Member

Posts: 102




Ignore
« Reply #1 on: October 10, 2012, 12:41:47 AM »

Hi Mark,

I don't have direct experience with the LogMeIn hosted VPN application but let me offer some general comments related to VPN that may help you with the issue.

A VPN connection in this case creates a "tunnel" between your portable computer and the computer at your house. Once this tunnel is established through the log-in procedures, all traffic is routed through that tunnel. It is as if the two computers were on their own private network.

Some VPN tools allow certain traffic to be passed outside of the tunnel but a glance at the LogMeIn manual didn't show this option. There is an option in LogMeIn to see all port connections that are established or in progress. See Dashboard (Detailed mode) > Performance Info > Open TCP/IP Ports.

Once the VPN tunnel is established, then the IP address of the computer in your house becomes directly available at the remote computer. If the public IP address of your router is 92.125.125.4 and the IP address of your home computer is 192.168.10.2, then pinging 192.168.10.2 would result in a ping response. The public IP address, (92.125.125.4 in this example), no longer matters since the VPN software has created the tunnel effectively "directly" connecting your two computers.

Similarly, if the VPN tunnel is successfully established, then the potential of port blocking by a hotel or network provider no longer matters since all your communication goes through the encrypted tunnel. The hotel can no longer tell what ports or protocols you are using since they are all in the tunnel. I have run into some hotels that block VPN but based on your description, this is not your problem.

You never mentioned if you have ever had this system working or if this is an initial configuration problem. It would help to know. I suspect that you have incorrectly configured your IP-Sound remote IP address. It should be set to the IP address of your home computer (192.168.10.2 in my example above). You should also make certain that the UDP port address of the IP-Sound software is the same on both computers. The default is 4444. With your VPN software, I don't see any reason to change that.

One other problem that plagues some first time VPN users is the selection of the addresses for their home computer network. Home IP address ranges should not be picked at random but should be selected from the list of so called non-routable (private) IP addresses specified in RFC 1918. These are:

10.0.0.0 - 10.XXX.XXX.XXX
172.16.0.0 - 172.31.XXX.XXX
192.168.0.0 - 192.168.XXX.XXX

If you are using anything other than these three ranges, I strongly recommend you reconfigure your home network (everything behind your router) to use one of these address ranges. If you pick an IP address outside of these ranges, the client VPN software may assume you are trying to talk with a computer outside of the tunnel when it sees an attempt to communicate with a routable (public) IP address. In your example, you said your home computer was on 5.x.x.x. If that is really the address range, then you should make this change.

Be careful not to end any of your static (fixed) home network addresses with a .0 or a .255. These are reserved for special uses.

I hope this helps but I am happy to stay engaged in this discussion if this background information doesn't help resolve the problem.

- Glenn DJ0IQ and W9IQ
« Last Edit: October 10, 2012, 01:44:17 AM by W9IQ » Logged
W9IQ
Member

Posts: 102




Ignore
« Reply #2 on: October 10, 2012, 02:53:04 AM »

Hi Mark,

I should also have commented on the minimum IP mask to be used with each of the private address ranges. They are:

10.0.0.0 - 10.XXX.XXX.XXX           (Mask of 255.0.0.0)
172.16.0.0 - 172.31.XXX.XXX        (Mask of 255.240.0.0)
192.168.0.0 - 192.168.XXX.XXX     (Mask of 255.255.0.0)

For most home users, the 192.168.XXX.XXX address range and mask is sufficient.

- Glenn DJ0IQ and W0IQ
Logged
WD4ELG
Member

Posts: 860




Ignore
« Reply #3 on: October 13, 2012, 09:47:59 PM »

Thanks, Glenn

Another ham suggested a specific setting in IP-Sound that fixed it.

I did go through the detailed checks that you suggested, and I greatly appreciate you taking the time to send those.  It helped a lot for me to validate my settings.  Thanks!!
Logged
Pages: [1]   Go Up
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.11 | SMF © 2006-2009, Simple Machines LLC Valid XHTML 1.0! Valid CSS!