Friday, July 8, 2016

Squeezebox and VPN

With the VPN installed (My Little VPN) and few tweaks now I'm able to stream my music where ever I am from my Logitech Media server.

This article describes what I had to do on my Android phones to enable the remote streaming from my Logitech Squeezebox server.

On many Android phones I have, I used two apps to control the media server and stream music from it :

  • SqueezePlayer (not free)
    This is the player for the phone, the app that receive the stream from the server
  • Logitech Squeezebox Controller (free)
    This apps control the server, allow to choose the player and what to stream, radio, podcast or local music archive
These two apps works very well together and actually the SqueezePlayer links automatically with the controller.
However on newer versions of Android, the Logitech Squeezebox Controller is not working anymore.
That lead me to look for other applications to control the server, and I found two :
Squeezer works fine in the network but for strange reasons is not capable to work via the VPN leaving the Squeeze controller as only choice.
So, to recap, on older versions of android (up to 4.4.4) I use the apps:
On newer Android versions (5.0), I ended up to use:

Since my Logitech media player is totally behind firewall, i.e. there is not a public access (no open ports) it works only if the phone is connected to the local network.
With the VPN, without doing much effort, the applications recognize the server and allow the streaming without problems since the phone is actually IN the network.

On the VPN settings, I just enabled the Seamless tunnel and the ForcesAES-CBC option.
No specific settings for the Squeezebox apps.

Very nice to have everywhere your own music library.

Tuesday, July 5, 2016

My little VPN

Having around a Raspberry Pi I decided to set up a VPN to access to my network and from there, to internet.
There are a lot of tutorials, guides, suggestions, so in the end I opted for Open VPN since is well supported for Android, my main remote access to my network.

The concept

The idea is to create a pipe from a client (typically my Android phone) to my entry point to the network, the VPN server.
Normally, without VPN, the client connect directly to internet to connect to a server. Usually using a WiFi connection. There are many critical points in a open connection, even if protected.

The connection from the client to the Wifi Access point is accessible, the connection from the WiFi access point and the internet and every connection is open.

With a VPN the connection from the client to the VPN server is encrypted and thus inaccessible to others.
In this way I can use also open and not protected WiFi access points, like from Starbucks or other public places, and access more safely to internet via my network through my VPN.
And the other big advantage is that the client can access my network like it was directly connected in. So for example I can access directly my server and every machine on my network.

VPN server

Any linux machine is more than suitable to become a VPN server.
I decided to use a small Raspberry Pi for that for some reasons:

  • I had some Raspberry Pi catching dust
  • Is fast enough for my usage
  • Some refresh exercise playing with the Raspberry Pi Linux (Wheezy Debian)
  • I didn't want to play too much with the main server since I have some services running with extra protection
  • Used OpenVPN for Raspbian
  • Used a python program to show on a local webpage the status of the VPN usage


On the Rasberry Pi I installed also Apache2 in order to serve a webpage, only accessible from the internal network, showing the usage of the VPN.

Follow the instructions on the github repo to install and run the monitor.
Remember to add in the conf file for the website (openvpn-monitor.conf) the coordinates of the starting location for the map.


OpenVPN server includes also utilities to generate the certificates the client need to use to be connected to the VPN.
For tracking better the use of the VPN I decided to create a certificate for every client. OpenVPN of course support the use of the same certificate for groups of clients but as my policy I'm trying to avoid that.

VPN clients

Every machine that wants to connect to the VPN needs to have installed a VPN client.
Here what I'm using :


I used different sources/tutorials for that, mainly this one :  Building A Raspberry Pi VPN
For this reason I don't describe the installation/configuration procedure.
It is well documented in hundreds resources on the net.

However it needs not to be followed without knowing what you are doing and some steps needs to be customized/corrected but for the most part is a good starting point.