====== Tunneling ====== In order to setup a tunnel connection between two AREDN nodes, one node needs to act as the server, and the other as the client. See the current [[../tunnel_list/ |list of tunnels]] to know who to contact. In this example, VA7FI-HAP-1 is the server and VE7RBE-HAP-1 is the client (and the details are made up): ===== Server Side ===== On VA7FI-HAP-1's ''Tunnel Server'' page: {{ server.png }} * **Client**: ''VE7RBE-HAP-1'' is Robert's node name. * **Pwd**: Create a unique password for that node. * **Net**: ''172.31.39.164'' is automatically assigned by the hAP. * Some optional contact info can be added. In addition to this information, VA7FI's public IP address will also need to be given to VE7RBE. To find your public IP address quickly, you can simply search for "what's my ip" in your favourite search engine: [{{google.png|Search for "what's my ip" in [[https://www.google.com/search?q=what's+my+ip |Google]]}}] [{{ddgo.png|Search for "what's my ip" in [[https://duckduckgo.com/?t=lm&q=what's+my+ip |DuckDuckGo]]}}] \\ ===== Client Side ===== On VE7RBE-HAP-1's ''Tunnel Client'' page: {{ client.png }} * **Server**: ''154.12.201.102'' is VA7FI-HAP-1's public IP address * **Pwd**: is the password created by VA7FI * **Network**: ''172.31.39.164'' is the **Net** address automatically generated by VA7FI-HAP-1 ===== More About Public IP Addresses ===== Most residential internet services are given a single //dynamic// IP address, which means that the address can //change// every few days or so (or when the router power cycles). This means that when a server node suddenly gets a new public IP address, the client node can't find it anymore. One solution is to use a [[wp>Dynamic_DNS]] service like [[https://noip.com|No-IP]]. These services query your //dynamic// IP address, and translate it into a //static// hostname. It's that hostname that you then give the AREDN client (instead of your public IP address). However, the No-IP service needs to be "told" when your dynamic IP address changes. This can be done by installing a small program that notifies them of the change, or alternatively, some routers have that function already built in. For example, the No-IP account can be entered in the Telus T3200M router here: ''Advanced Setup'' -> ''Dynamic DNS'' {{ dynamicdnsmodem.png }} With this setup, every time Telus gives me a new public IP address, the router notifies No-IP, which updates it so that ''myfancyhostname.ddns.net'' continues to point to my router. So using ''myfancyhostname.ddns.net'' instead of ''154.12.201.102'' as the Server address will ensure the connection continues when the IP address changes. ===== Port Forwarding ===== On Telus, I port 5525 had to be forwarded to the hAP. There are two steps to this: ==== DHCP Reservation ==== Just like Telus gives the router a //dynamic// WAN IP address, the router gives the home devices //dynamic// LAN IP addresses. The first step is to force the router to always give the same IP address to the hAP. On the T3200M this is done in: ''Advanced Setup'' -> ''DHCP Reservation'' {{ dhcp_reservation.png }} * Select the MAC address of the hAP from the list. * Choose an IP address to assign it. * Disconnect the hAP from the router and reconnect it to clear the IP. ==== Port Forwarding ==== Now that the hAP's LAN IP address is fixed, we can forward a port to it: ''Firewall'' -> ''Port Forwarding'' {{ hap_port_forwarding.png }} * Select the hAP's IP address from the list * Enter ''5525'' in all four Port fields * Select ''TCP''