====== Tunnel Server Setup ======
Most nodes will be set up as [[tunnel-client-setup|Tunnel Clients]]. If you aren't sure, you probably don't need to follow the steps on this page.
If you'd like your node to be able to act as a Tunnel Server and allow other nodes to connect to you, you will need to make sure that your node is available over the Internet. This includes configuring a dynamic DNS entry, and making some firewall or port forwarding settings.
==== DNS Name ====
Most residential internet services are given a single //dynamic// IP address, which means that the address can //change// every few days or so (or when the router power cycles). This means that when a server node suddenly gets a new public IP address, the client node can't find it anymore.
One solution is to use a [[wp>Dynamic_DNS]] service like [[https://noip.com|No-IP]]. These services query your //dynamic// IP address, and translate it into a //static// hostname. It's that hostname that you then give the AREDN client (instead of your public IP address).
However, the No-IP service needs to be "told" when your dynamic IP address changes. This can be done by installing a small program that notifies them of the change, or alternatively, some routers have that function already built in. For example, the No-IP account can be entered in the Telus T3200M router here:
''Advanced Setup'' -> ''Dynamic DNS''
{{ dynamicdnsmodem.png }}
With this setup, every time Telus gives me a new public IP address, the router notifies No-IP, which updates it so that ''myfancyhostname.ddns.net'' continues to point to my router.
==== Port Forwarding ====
Port 5525 has to be forwarded to the hAP. There are two steps to this:
=== DHCP Reservation ===
Just like Telus gives the router a //dynamic// WAN IP address, the router gives the home devices //dynamic// LAN IP addresses. The first step is to force the router to always give the same IP address to the hAP. On the T3200M this is done in:
''Advanced Setup'' -> ''DHCP Reservation''
{{ dhcp_reservation.png }}
* Select the MAC address of the hAP from the list.
* Choose an IP address to assign it.
* Disconnect the hAP from the router and reconnect it to clear the IP.
=== Port Forwarding ===
Now that the hAP's LAN IP address is fixed, we can forward a port to it:
''Firewall'' -> ''Port Forwarding''
{{ hap_port_forwarding.png }}
* Select the hAP's IP address from the list
* Enter ''5525'' as the start and ''5535'' as the end (if you want to give 10 tunnels)
* Select ''TCP''
==== AREDN Server Setup ====
Now we can go back to AREDN and add a server:
{{ tunnelserver.png }}
- add your DNS name
- select ''Wireguard Server'' and click the +
- enter the name of the client
- the rest of the information will auto populate
- click the clipboard icon and copy the information, which you'll need to send to the client.
- click ''Done''
- select ''Commit''{{ tunnelcommit.png }}
/*
====== OLD UI ======
===== Server Side =====
In this example, VA7FI-HAP-1 is the server and VE7RBE-HAP-1 is the client (and the details are made up):
On VA7FI-HAP-1's ''Tunnel Server'' page:
{{ server.png }}
* **Client**: ''VE7RBE-HAP-1'' is Robert's node name.
* **Pwd**: Create a unique password for that node.
* **Net**: ''172.31.39.164'' is automatically assigned by the hAP.
* Some optional contact info can be added.
In addition to this information, VA7FI's public IP address will also need to be given to VE7RBE. To find your public IP address quickly, you can simply search for "what's my ip" in your favourite search engine:
[{{google.png|Search for "what's my ip" in [[https://www.google.com/search?q=what's+my+ip |Google]]}}]
[{{ddgo.png|Search for "what's my ip" in [[https://duckduckgo.com/?t=lm&q=what's+my+ip |DuckDuckGo]]}}]
\\
===== Client Side =====
On VE7RBE-HAP-1's ''Tunnel Client'' page:
{{ client.png }}
* **Server**: ''154.12.201.102'' is VA7FI-HAP-1's public IP address
* **Pwd**: is the password created by VA7FI
* **Network**: ''172.31.39.164'' is the **Net** address automatically generated by VA7FI-HAP-1
*/