TiVo Community
TiVo Community
TiVo Community
Go Back   TiVo Community > Main TiVo Forums > TiVo Coffee House - TiVo Discussion
TiVo Community
Reply
Forum Jump
 
Thread Tools
Old 06-14-2014, 05:58 PM   #1
jeffrypennock
Registered User
 
Join Date: May 2006
Location: New York
Posts: 196
Creating a VPN to stream ALL my TiVo Roamio channels away from home

I have TWC in NYC which ABSURDLY sets the copyright setting on all the non-OTA channels such that I can stream at home but can't stream outside the house. Comcast and other providers don't do it. On a different thread here, someone suggested that you could set up a VPN to replicate your in-home streaming iOS experience when you're out-of-home (OOH). I want to do this! I started researching if I could/how to go about this and realized...I have no clue how and know less about this topic than I thought I did.

Here's what I have:
TWC (television and premium internet)
Arris DG860A wifi modem router from TWC
TiVo Roamio Plus (connected via ethernet to the Arris)
iPad & iPhone running latest iOS and latest TiVo app

Is this something I can do with the equipment that I have? Does my router support a VPN (is that even a relevant question? I logged in to the configuration interface for my modem and I didn't see an obvious "VPN" tab where I could configure this but maybe I missed it)? There are so many high-lever users and experts on here, I am hopeful someone will please tell me how to do this or refer me to instructional articles that would teach me how. (Because the resources I was finding online were all either irrelevant or made sense/got me no closer to my goal.)

I think this is a much more appealing offer than getting a Sling (I've burned through too many of those flawed devices over the years) if this is something I can make work for me.

jeffrypennock is offline   Reply With Quote
Old 06-14-2014, 06:10 PM   #2
telemark
Registered User
 
Join Date: Nov 2013
Posts: 1,515
What's your Internet Bandwidth (Up/Down)?
Do you still have the SlingBox?

__________________
Premiere 2 tuner & SiliconDust
on Comcast CableCard + OTA
telemark is offline   Reply With Quote
Old 06-14-2014, 06:51 PM   #3
jeffrypennock
Registered User
 
Join Date: May 2006
Location: New York
Posts: 196
I don't have a sling box here in NYC, no.
My download is 31Mbps and my upload is 6Mbps.

jeffrypennock is offline   Reply With Quote
Old 06-14-2014, 07:47 PM   #4
telemark
Registered User
 
Join Date: Nov 2013
Posts: 1,515
Upstream is usable, but I figure most people would prefer a Slingbox because it avoids a VPN.

This thread has some technical details.
http://www.tivocommunity.com/tivo-vb...d.php?t=492571

After starting to write out directions, I don't feel this is for the faint of heart, because it could break anytime Tivo updates the app, and then you'd have to know some networking to figure out what's wrong.

Three methods to VPN from IOS when you're out and about.
1) Built in support, like so: http://support.apple.com/kb/ht1288
2) 3rd party software that require jailbreaking
3) External wifi hardware (hotspots, laptops, smart phones in connection sharing mode)

__________________
Premiere 2 tuner & SiliconDust
on Comcast CableCard + OTA

Last edited by telemark; 06-16-2014 at 09:04 PM.
telemark is offline   Reply With Quote
Old 06-24-2014, 08:39 PM   #5
jeffrypennock
Registered User
 
Join Date: May 2006
Location: New York
Posts: 196
You're right, this really isn't for the faint of heart. I've used a VPN as an end user for years. I had no idea the creation/administration of one would be so hard. How is there not a VPN out of the box from Apple or some other clever retailer?

jeffrypennock is offline   Reply With Quote
Old 06-25-2014, 12:21 AM   #6
HDRyder9
Registered User
 
Join Date: Aug 2007
Posts: 150
I support a lot of customers where VPN is a necessity. For ease of use and economy, I use Cisco RV042 routers with built in VPN support. If you can use PPTP protocol it's as easy as adding a PPTP user with a password and a remote Windows device or iOS device will log in.

For full time VPN connections, I like to use a RV042 router on each end. Essentially, you are on the same subnet and Tivo won't even notice it's not a local connection.

HDRyder9 is offline   Reply With Quote
Old 08-17-2015, 03:27 PM   #7
DavidDeLano
Registered User
 
Join Date: Dec 2014
Posts: 20
I know this is a really old post, but it seems on the track of what I'm attempting to do. I have two Cisco RV130s VPN connected but I can't get the ends to be the same subnet. Any help?

DavidDeLano is offline   Reply With Quote
Old 08-17-2015, 05:20 PM   #8
HarperVision
Registered User
 
HarperVision's Avatar
 
Join Date: May 2007
Posts: 3,024
Quote:
Originally Posted by DavidDeLano View Post
I know this is a really old post, but it seems on the track of what I'm attempting to do. I have two Cisco RV130s VPN connected but I can't get the ends to be the same subnet. Any help?
FWIW, I use Asus routers on each end and they have OpenVPN built into them so I just set the one where the host TiVo is as the server and then use the other one that's distant and away from "home base" setup to be the client. This way they see each other easily.

My speed isn't fast enough for it to stream from the separate tivos, but they do see each other as if they're on the same local LAN and I can transfer shows between them.

Go to smallnetbuilder.com for a bunch of different scenarios.

__________________
Dave Harper
Director, Event Technology
ISF, CTS
HarperVision is offline   Reply With Quote
Thanks For This Post:
Old 08-17-2015, 06:03 PM   #9
HDRyder9
Registered User
 
Join Date: Aug 2007
Posts: 150
Quote:
Originally Posted by DavidDeLano View Post
I know this is a really old post, but it seems on the track of what I'm attempting to do. I have two Cisco RV130s VPN connected but I can't get the ends to be the same subnet. Any help?
What and where is your DHCP server?

HDRyder9 is offline   Reply With Quote
Old 08-18-2015, 05:46 PM   #10
DavidDeLano
Registered User
 
Join Date: Dec 2014
Posts: 20
Thanks to both of you for responding. I've been out in the weeds trying to get this to work and hitting way too many dead ends, even though some people say they have it working. I keyed in on this thread, since it mentions Cisco routers for the VPN, though a different model than I have (though looking at the specs, mine just appear to be newer versions).

The Cisco router on each end provides DHCP for it's own subnet. Currently I have 192.168.0.0 on one end and 192.168.1.0 on the other end. I can see all the devices across the VPN, but broadcast messages are of course not crossing the subnets.

I had them both on 192.168.0.0 for a while, making sure the IP addresses didn't overlap, but I could not see any devices on the other end when I did that.

Behind each router is a Netgear router in AP mode to provide WiFi access. Adding that detail in case a router function on the Netgear happens to be a useful solution.

Are you suggesting I just use one end for DHCP and routing?? What happens when VPN goes down? I have tenants in the vacation home that would be upset if the network goes down.

I have 50M on one end and 100M on the other, though the upload speeds on both ends are around 20M. I don't think bandwidth would be an issue, and downloading instead of streaming is an option. If I get this to work, one end will need a new TiVo or a Stream for the other end to see it.

DavidDeLano is offline   Reply With Quote
Old 08-18-2015, 06:31 PM   #11
DavidDeLano
Registered User
 
Join Date: Dec 2014
Posts: 20
Thanks for the smallnetbuilder reference. I haven't found anything to solve my problem yet, but there is info here that I hadn't encountered in all my google searches.

It appears I need a bridge and that my current configuration is only allowing a tunnel, and I don't know how to get from one to the other......

David

DavidDeLano is offline   Reply With Quote
Thanks For This Post:
Old 08-18-2015, 09:07 PM   #12
DavidDeLano
Registered User
 
Join Date: Dec 2014
Posts: 20
Another thought.....with the VPN in place, is it possible to manually configure a device on one end, the TiVo in this case, to be on the other network??

DavidDeLano is offline   Reply With Quote
Old 08-18-2015, 09:16 PM   #13
kdmorse
Registered User
 
kdmorse's Avatar
 
Join Date: Jan 2001
Location: Germantown, MD
Posts: 4,506
Quote:
Originally Posted by DavidDeLano View Post
Another thought.....with the VPN in place, is it possible to manually configure a device on one end, the TiVo in this case, to be on the other network??
Yes.

You can also automatically configure it with a dhcp reservation (assuming you run a DHCP server that allows you to lie. linux dhcpd is fine. I never could get windows to assign an out of scope dhcp address).

You can also put a bridge filter on the vpn so that only the Tivo's traffic is bridged. And if you do it right, you can get it to just get it's IP address via DHCP off the remote network.

In both cases, the downside is that all the oddly configured tivo's internet traffic will flow over the VPN and out the other site to the internet. Not an issue for daily calls. But can be problematic for Netflix.

There are ways around this of course, depending on how creative you want to get.

(And to answer your earlier question, a VPN that can run in Bridge mode is pretty much a requirement. It can be router to router. It can be a passive bridge between a device on each network. And while OpenVPN is not the only possibility, it is generally the weapon of choice.)

__________________
"I disapprove of what you say, but I will defend to the death your right to say it"
"Stop slouching! It's two O'clock in the afternoon, PUT PANTS ON!"
"Statistically speaking, there are two Popes per square kilometer in Vatican City..."
kdmorse is offline   Reply With Quote
Old 08-18-2015, 10:06 PM   #14
HarperVision
Registered User
 
HarperVision's Avatar
 
Join Date: May 2007
Posts: 3,024
Quote:
Originally Posted by kdmorse View Post
Yes. You can also automatically configure it with a dhcp reservation (assuming you run a DHCP server that allows you to lie. linux dhcpd is fine. I never could get windows to assign an out of scope dhcp address). You can also put a bridge filter on the vpn so that only the Tivo's traffic is bridged. And if you do it right, you can get it to just get it's IP address via DHCP off the remote network. In both cases, the downside is that all the oddly configured tivo's internet traffic will flow over the VPN and out the other site to the internet. Not an issue for daily calls. But can be problematic for Netflix. There are ways around this of course, depending on how creative you want to get. (And to answer your earlier question, a VPN that can run in Bridge mode is pretty much a requirement. It can be router to router. It can be a passive bridge between a device on each network. And while OpenVPN is not the only possibility, it is generally the weapon of choice.)
Thanks for jumping in here and saving me! It was starting to get over my head. I actually forgot most of what I learned since setting my Asus point to point OpenVPN up months ago, haha!

__________________
Dave Harper
Director, Event Technology
ISF, CTS
HarperVision is offline   Reply With Quote
Old 08-18-2015, 11:21 PM   #15
DavidDeLano
Registered User
 
Join Date: Dec 2014
Posts: 20
Now I'm getting more questions than answers!

How do I create a bridge instead of a tunnel?? And, I'm trying to do this with my Cisco RV130's. I don't have OpenVPN running. If I need to run another device, I can, but I'm trying to avoid that - I have enough running already!

I don't think the DHCP will allow me to lie and allocate an IP that would be on the other side. What I meant was, can I configure the TiVo itself to have an IP that is on the other side? I think I've tried that, but failed to connect, but I've tried so many different things I can no longer remember.

And what does this mean: "There are ways around this of course, depending on how creative you want to get." I can get creative, but I have to know how/what to do.

David

DavidDeLano is offline   Reply With Quote
Old 08-18-2015, 11:25 PM   #16
DavidDeLano
Registered User
 
Join Date: Dec 2014
Posts: 20
Confirmed...the DHCP on this end only allows me to allocate within this subnet. What happens if I put the MAC in at the other end? But then, how do I get the TiVo to use the other DHCP server?

DavidDeLano is offline   Reply With Quote
Old 08-19-2015, 12:46 AM   #17
HarperVision
Registered User
 
HarperVision's Avatar
 
Join Date: May 2007
Posts: 3,024
Just get a couple cheaper Asus routers that have OpenVPN built in or flash update it with Merlin for more options and then be done with it, I say!

__________________
Dave Harper
Director, Event Technology
ISF, CTS
HarperVision is offline   Reply With Quote
Old 08-19-2015, 12:33 PM   #18
DavidDeLano
Registered User
 
Join Date: Dec 2014
Posts: 20
I have no qualms about adding standalone boxes to fix the problem. I just don't want to have to have a dedicated computer running 24/7 on each end. What ASUS models should I be looking at? And would I still configure the VPN with the Cisco boxes, or would they just step back and become routers only?

David

DavidDeLano is offline   Reply With Quote
Old 08-19-2015, 12:44 PM   #19
HarperVision
Registered User
 
HarperVision's Avatar
 
Join Date: May 2007
Posts: 3,024
Quote:
Originally Posted by DavidDeLano View Post
I have no qualms about adding standalone boxes to fix the problem. I just don't want to have to have a dedicated computer running 24/7 on each end. What ASUS models should I be looking at? And would I still configure the VPN with the Cisco boxes, or would they just step back and become routers only? David
I have an RT-AC56U at each end and they work fine, but you can get any at this level or above to do the job. I hear the best to look for are the ones with the dual core processors. I use mine separate from my main router, an AC66U. No need to use the Cisco one anymore.

You can also see if your existing Cisco ones support being flashed by something called the Tomato firmware, which you should be able to run OpenVPN on as well.

__________________
Dave Harper
Director, Event Technology
ISF, CTS
HarperVision is offline   Reply With Quote
Old 08-19-2015, 12:59 PM   #20
DavidDeLano
Registered User
 
Join Date: Dec 2014
Posts: 20
I could actually replace the Netgear routers that I'm using as WiFi APs if I found ASUS WiFi routers with OpenVPN built in. Or....any chance that a Netgear can be updated with OpenVPN. I've not tried flashing a router, but that could be an option.

David

DavidDeLano is offline   Reply With Quote
Old 08-19-2015, 01:00 PM   #21
HarperVision
Registered User
 
HarperVision's Avatar
 
Join Date: May 2007
Posts: 3,024
Quote:
Originally Posted by DavidDeLano View Post
I could actually replace the Netgear routers that I'm using as WiFi APs if I found ASUS WiFi routers with OpenVPN built in. Or....any chance that a Netgear can be updated with OpenVPN. I've not tried flashing a router, but that could be an option. David
See if it can via Tomato. Google search your model with tomato.

__________________
Dave Harper
Director, Event Technology
ISF, CTS
HarperVision is offline   Reply With Quote
Old 08-19-2015, 03:16 PM   #22
DavidDeLano
Registered User
 
Join Date: Dec 2014
Posts: 20
Did you have to update your RT-AC56U? I don't see that it supports OpenVPN. I'm hesitant to mess with anything that is in place as I can't afford to have the network down should I fail. I think I'd still leave the Cisco's in place for routing.

With TAP, how is DHCP and NAT handled??

DavidDeLano is offline   Reply With Quote
Old 08-19-2015, 04:03 PM   #23
HarperVision
Registered User
 
HarperVision's Avatar
 
Join Date: May 2007
Posts: 3,024
Quote:
Originally Posted by DavidDeLano View Post
Did you have to update your RT-AC56U? I don't see that it supports OpenVPN. I'm hesitant to mess with anything that is in place as I can't afford to have the network down should I fail. I think I'd still leave the Cisco's in place for routing. With TAP, how is DHCP and NAT handled??
I updated mine with Merlin FW, but the regular FW from Asus offers OpenVPN too, just a few less options.

I use TUN so not sure about TAP.

I really have forgotten a lot since setting up, sorry. (Lyme Disease sux!) Best thing to do is read, read, read!

__________________
Dave Harper
Director, Event Technology
ISF, CTS
HarperVision is offline   Reply With Quote
Old 08-19-2015, 05:50 PM   #24
DavidDeLano
Registered User
 
Join Date: Dec 2014
Posts: 20
Well, I have TUN set up with the Cisco routers, and that isn't working. So, what did you do to make it work?? TAP seems to be the answer.

I've been read, read, reading for months trying to get this figured out......

DavidDeLano is offline   Reply With Quote
Old 08-19-2015, 07:26 PM   #25
HarperVision
Registered User
 
HarperVision's Avatar
 
Join Date: May 2007
Posts: 3,024
Quote:
Originally Posted by DavidDeLano View Post
Well, I have TUN set up with the Cisco routers, and that isn't working. So, what did you do to make it work?? TAP seems to be the answer. I've been read, read, reading for months trying to get this figured out......
It was really just a matter of connecting the two together, one as server the other as client and downloading the server's auto generated certs for the client to connect. It may have been TAP I used, I'll have to check it all when I get home from work tonight.

If you go to Merlin's website you can download the FW files and read about all the settings also for Asus routers with his FW.

www.Asuswrt.lostrealm.ca

__________________
Dave Harper
Director, Event Technology
ISF, CTS
HarperVision is offline   Reply With Quote
Old 08-19-2015, 08:35 PM   #26
DavidDeLano
Registered User
 
Join Date: Dec 2014
Posts: 20
I'd also still like to hear how HDRyder9 has two Cisco routers connected, since that is what gave me hope that I could get what I have working.....

I'll read up on Merlin in the mean time.

DavidDeLano is offline   Reply With Quote
Old 08-19-2015, 09:43 PM   #27
DavidDeLano
Registered User
 
Join Date: Dec 2014
Posts: 20
My Netgear R6700 routers appear to have OpenVPN support built in, but I can only see how to put them in server mode, and not client mode. I ran into this originally when I was attempting to set up the site-to-site VPN with these routers, but couldn't come up with any way to do it. That is when I bought the Cisco routers, which set the VPN up fine, but I have two subnets.

DavidDeLano is offline   Reply With Quote
Old 08-19-2015, 10:42 PM   #28
DavidDeLano
Registered User
 
Join Date: Dec 2014
Posts: 20
HDRyder9 - The VPN settings for the RV042 look the same as those for the RV130, so it must be some other settings you have to make it work. The instructions say that the two ends must be on separate subnets, which makes the TiVo discovery not work. The only setting I see that might change this would be to set one end to be a router instead of a gateway and then set it to use DHCP Relay to the router on the other end. I could try this, but I'd rather be at the end I'm changing, in case something goes wrong and I can't access the router remotely.

DavidDeLano is offline   Reply With Quote
Old 08-20-2015, 10:26 AM   #29
DavidDeLano
Registered User
 
Join Date: Dec 2014
Posts: 20
I reconfigured the VPN to use 192.168.0.0 on both ends. It let me do that without complaint. The far end, which is 192.168.1.0 didn't have an issue. The near end, which is 192.168.0.0 puts the router in a state where it is no longer communicating via the web interface. It is still alive and routing but apparently the VPN is keeping it so busy that it doesn't have time to service the web service. This happens even if the VPN is not connected, but enabled. To get out of this state I have to unplug the WAN cable, wait a bit, web interface comes back, disable the VPN. So, I'm still not sure how you are getting both ends on the same subnet.

I should add....I'm using 255.255.255.0 as the mask, if that would make any difference.

I didn't get far enough to try setting the far end DHCP to point to the near end.

DavidDeLano is offline   Reply With Quote
Old 08-20-2015, 11:05 AM   #30
brewman
Registered User
 
Join Date: Jun 2003
Posts: 144
Is slingbox out of the question? It's a very simple, not too expensive solution that is plug-n-play. Unless you're just dead set on getting VPN working Slingbox just works.

brewman is offline   Reply With Quote
Reply
Forum Jump







Thread Tools


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Advertisements





TiVo Community
Powered by vBulletin® Version 3.8.5
Copyright ©2000 - 2015, Jelsoft Enterprises Ltd.
vBulletin Skins by: Relivo Media


(C) 2015 DBNet - All Rights Reserved. No information may be posted elsewhere without written permission.
TiVoŽ is a registered trademark of TiVo Inc. This site is not owned or operated by TiVo Inc.
All times are GMT -5. The time now is 10:08 AM.
Page generated in 0.13860297 seconds (88.67% PHP - 11.33% MySQL) with 18 queries