Welcome to the Cumulus Support forum.

Latest Cumulus MX V3 release 3.28.6 (build 3283) - 21 March 2024

Cumulus MX V4 beta test release 4.0.0 (build 4018) - 28 March 2024

Legacy Cumulus 1 release v1.9.4 (build 1099) - 28 November 2014 (a patch is available for 1.9.4 build 1099 that extends the date range of drop-down menus to 2030)

Download the Software (Cumulus MX / Cumulus 1 and other related items) from the Wiki

VPN

From build 3044 the development baton passed to Mark Crossley. Mark has been responsible for all the Builds since. He has made the code available on GitHub. It is Mark's hope that others will join in this development, but at the very least he welcomes your ideas for future developments (see Cumulus MX Development suggestions).

Moderator: mcrossley

Post Reply
orion_jb2001
Posts: 46
Joined: Thu 11 Feb 2016 6:00 am
Weather Station: Davis VP2
Operating System: Windows 10
Location: Tamworth, NSW, 2340

VPN

Post by orion_jb2001 »

Hey all,

I have a VPN I can utilise but discovered when that is switched on, my MX does not load to my FTP. As this is the first time I have used VPN and upload to a web site, what settings do I need to utilise, to run the VPN and upload to my Cumulus web page??

Jeff
jlmr731
Posts: 225
Joined: Sat 27 Aug 2016 12:11 am
Weather Station: Davis vantage pro 2
Operating System: Debian
Location: Wickliffe, Ohio
Contact:

Re: VPN

Post by jlmr731 »

So this is a commercial VPN, and I take it your FTP is also on some provider server, seeing that it worked before the VPN i guessing that they are blocking the VPN.
Turn on FTP logging that is in settings/program settings/Program general options You may have to restart cumulusMX for this to take effect. That should show what's going on
orion_jb2001
Posts: 46
Joined: Thu 11 Feb 2016 6:00 am
Weather Station: Davis VP2
Operating System: Windows 10
Location: Tamworth, NSW, 2340

Re: VPN

Post by orion_jb2001 »

Sorry for the extended delay in replying. Have spoken with my web site provider and we have done some tests. The Cumulus ftp log was, as expected, showing it wanted to connect to my normal un vpn connection and not the private ip address generated by the vpn program. The web site admin couuld not see any issues at their end with anything blokcing the vpn. They asked to try filezilla to connect with vpn on and off. I connected to their site both times, nil issues.

So their has to be a setting in the MX ftp setting that will cover the use of a VPN//
SamiS
Posts: 355
Joined: Sun 27 Feb 2011 5:13 pm
Weather Station: Ecowitt HP2551 & GW1100
Operating System: Raspberry Pi OS
Location: Kangasala, Finland

Re: VPN

Post by SamiS »

No, there is no settings about vpn on cumulus. Basically every application running on windows uses network stack and windows default routing information regardless of connection type (vpn, wifi, ethernet, dialup, bluetooth etc).

But there are still some things to remember / check:

1) To avoid any issues, Cumulus shouldn’t be running at the time when you start or disconnect the vpn. This can be an issue if both are autostarting on boot. Establish vpn connection first, then start Cumulus.

2) When you tested the connection with Filezilla, did you have exactly the same connection settings as Cumulus? (Plaintext-ftp, active or passive, ftps over tls or sftp). Because with the exact same settings, there is basically no reason why Cumulus should not work if Filezilla works. (Unless there us a bug)

3) To further debug the issue, ftp logs and mxdiags would probably be needed.
orion_jb2001
Posts: 46
Joined: Thu 11 Feb 2016 6:00 am
Weather Station: Davis VP2
Operating System: Windows 10
Location: Tamworth, NSW, 2340

Re: VPN

Post by orion_jb2001 »

This is the error coming up when the VPN is switched on;

# OpenActiveDataStream(PORT, "STOR /winddata.json", 0)
Command: PORT 100,127,255,253,226,109
Response: 500 I won't open a connection to 100.127.255.253 (only to 66.203.112.103)
Status: Disposing FtpSocketStream...

# CloseDataStream()
2021-07-27 19:39:03.106 FTP[Int]: Error uploading web\winddata.json to /winddata.json : I won't open a connection to 100.127.255.253 (only to 66.203.112.103)

2021-07-27 19:39:03.106 FTP[Int]: Uploading web\wdirdata.json to /wdirdata.json

100.127 .......... etc is the normal isp ip address. 66.203 ........ is the VPN private ip address for the current VPN connection.

I tried switching off Cumulus, activating VPN and starting Cumulus again, same result unfortunately, wouldn't upload to the web site whilst VPN running.
orion_jb2001
Posts: 46
Joined: Thu 11 Feb 2016 6:00 am
Weather Station: Davis VP2
Operating System: Windows 10
Location: Tamworth, NSW, 2340

Re: VPN

Post by orion_jb2001 »

And with VPN switched off, no issues:

# OpenActiveDataStream(PORT, "STOR /alltempsumdata.json", 0)
Command: PORT 192,168,0,44,221,36
Response: 200 PORT command successful
Command: STOR /alltempsumdata.json
Response: 150 Connecting to port 56612
2021-07-27 19:45:04.273 FTP[Int]: Uploaded web\alltempsumdata.json
Status: Disposing FtpSocketStream...
Response: 226-File successfully transferred
Response: 226 0.194 seconds (measured here), 0.72 Mbytes per second
Status: Disposing FtpSocketStream...
2021-07-27 19:45:04.424 FTP[Int]: Done uploading daily graph data files
2021-07-27 19:45:04.424 FTP[Int]: Uploading Moon image file

2021-07-27 19:45:04.425 FTP[Int]: Uploading web\moon.png to /images/moon.png

# OpenWrite("/images/moon.png", Binary)

# GetFileSize("/images/moon.png")
Command: SIZE /images/moon.png
Response: 213 12849
freddie
Posts: 2434
Joined: Wed 08 Jun 2011 11:19 am
Weather Station: Davis Vantage Pro 2 + Ecowitt
Operating System: GNU/Linux Ubuntu 22.04 LXC
Location: Alcaston, Shropshire, UK
Contact:

Re: VPN

Post by freddie »

Have you got the host name of the remote server in your Cumulus config? If so, it may be being resolved to the 100.* address. If that is the case then use the 66.* address in your config.
Freddie
Image
Phil23
Posts: 884
Joined: Sat 16 Jul 2016 11:59 pm
Weather Station: Davis VP2+ & GW1000 (Standalone)
Operating System: Win10 Pro / rPi Buster
Location: Australia

Re: VPN

Post by Phil23 »

The 100.xxx.xxx.xxx is associate with CG-Nat, which may be part of the issue.

https://tailscale.com/kb/1015/100.x-addresses/

& more detailed,

https://networkengineering.stackexchang ... -64-0-0-10

Can't add a lot more than that, other than CG-NAT can alway bring out issues & it appears they may be using that address space for your VPN.
:Now: :Today/Yesterday:

Image

Main Station Davis VP2+ Running Via Win10 Pro.
Secondary Stations, Ecowitt HP2551/GW1000 Via rPi 3 & 4 Running Buster GUI.
:Local Inverell Ecowitt Station: :Remote Ashford Ecowitt Station:
freddie
Posts: 2434
Joined: Wed 08 Jun 2011 11:19 am
Weather Station: Davis Vantage Pro 2 + Ecowitt
Operating System: GNU/Linux Ubuntu 22.04 LXC
Location: Alcaston, Shropshire, UK
Contact:

Re: VPN

Post by freddie »

Surely if you're connecting via a VPN then you will be connecting to a non-routeable private IP address?
Freddie
Image
Phil23
Posts: 884
Joined: Sat 16 Jul 2016 11:59 pm
Weather Station: Davis VP2+ & GW1000 (Standalone)
Operating System: Win10 Pro / rPi Buster
Location: Australia

Re: VPN

Post by Phil23 »

Don't really know how these advertised on TV VPN's work, but at a loose guess they sound a bit more like a proxy than a true VPN tunnel.

Edit:- It would be interesting to see a trace route to your website; VPN on & off.
:Now: :Today/Yesterday:

Image

Main Station Davis VP2+ Running Via Win10 Pro.
Secondary Stations, Ecowitt HP2551/GW1000 Via rPi 3 & 4 Running Buster GUI.
:Local Inverell Ecowitt Station: :Remote Ashford Ecowitt Station:
orion_jb2001
Posts: 46
Joined: Thu 11 Feb 2016 6:00 am
Weather Station: Davis VP2
Operating System: Windows 10
Location: Tamworth, NSW, 2340

Re: VPN

Post by orion_jb2001 »

Phil,

Trace route to the relevant host address of my ftp server. First trace, VPN off. 2nd trace VPN on:

VPN off
C:\Windows\system32>tracert s9.cpcloud.com.au

Tracing route to s9.cpcloud.com.au [103.18.109.182]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms mymodem.modem [192.168.0.1]
2 9 ms 10 ms 9 ms gateway.nb11.sydney.asp.telstra.net [58.162.26.75]
3 34 ms 10 ms 10 ms ae10.ken-ice301.sydney.telstra.net [203.50.61.81]
4 10 ms 10 ms 12 ms bundle-ether25.ken-core10.sydney.telstra.net [203.50.61.80]
5 10 ms 10 ms 10 ms bundle-ether1.ken-edge902.sydney.telstra.net [203.50.11.97]
6 10 ms 10 ms 10 ms ape2469218.lnk.telstra.net [120.151.79.66]
7 10 ms 10 ms 10 ms hundredgige0-0-1-3.bdr01-ipt-4edenpar-syd.au.superloop.net.co [103.200.13.98]
8 10 ms 11 ms 10 ms 116-255-21-127.ip4.superloop.com [116.255.21.127]
9 11 ms 10 ms 10 ms s9.cpcloud.com.au [103.18.109.182]

Trace complete.

VPN on

C:\Windows\system32>tracert s9.cpcloud.com.au

Tracing route to s9.cpcloud.com.au [100.96.116.99]
over a maximum of 30 hops:

1 * * * Request timed out.
2 * * * Request timed out.
3 * * * Request timed out.
4 * * * Request timed out.
5 * * * Request timed out.
6 * * * Request timed out.
7 * * * Request timed out.
8 * * * Request timed out.
9 * * * Request timed out.
10 * * * Request timed out.
11 * * * Request timed out.
12 * * * Request timed out.
13 * * * Request timed out.
14 * * * Request timed out.
15 104 ms 104 ms 107 ms s9.cpcloud.com.au [100.96.116.99]

Trace complete.
jlmr731
Posts: 225
Joined: Sat 27 Aug 2016 12:11 am
Weather Station: Davis vantage pro 2
Operating System: Debian
Location: Wickliffe, Ohio
Contact:

Re: VPN

Post by jlmr731 »

Strange when vpn off its going to s9.cpcloud.com.au [103.18.109.182] and the on s9.cpcloud.com.au [100.96.116.99] i did a look up on the domain and it showed 103.18.109.182 ( im across the water and in the north) Now all the timeouts is the routers not replying typical for vpn. now the ip [100.96.116.99] is most likely your vpn all i got was its in Sweeden.
Kinda sounds as if the vpn is doing all the rerouting maybe running a proxy or caching the sites on their server to render and rebroadcast it to you (probably to put adds in?)
so kinda looking like that vpn will not work for you or as phil said could be running under a NAT and probably wont work
SamiS
Posts: 355
Joined: Sun 27 Feb 2011 5:13 pm
Weather Station: Ecowitt HP2551 & GW1100
Operating System: Raspberry Pi OS
Location: Kangasala, Finland

Re: VPN

Post by SamiS »

jlmr731 wrote: Wed 28 Jul 2021 1:32 am Strange when vpn off its going to s9.cpcloud.com.au [103.18.109.182] and the on s9.cpcloud.com.au [100.96.116.99] i did a look up on the domain and it showed 103.18.109.182 ( im across the water and in the north) Now all the timeouts is the routers not replying typical for vpn. now the ip [100.96.116.99] is most likely your vpn all i got was its in Sweeden.
Kinda sounds as if the vpn is doing all the rerouting maybe running a proxy or caching the sites on their server to render and rebroadcast it to you (probably to put adds in?)
so kinda looking like that vpn will not work for you or as phil said could be running under a NAT and probably wont work
Basically I would say, that this shows, that VPN in this case is not really only a VPN in a traditional sense, but instead it does something "extra" to the traffic. Usually VPN connection is simply an encrypted tunnel between client and gateway. If it is a full tunnel, all traffic is routed via the tunnel, or when speaking of split tunnel, there are rules about what goes into the tunnel, and what goes straight to internet without any knowledge that a vpn tunnel ever existed. On traceroute it only would show, that your traffic is routed via your vpn provider's server instead of your normal isp. Normally the vpn connection should not affect the name resolution like shown above.

Since the 103.18.109.182 seems to be the real public address of s9.cpcloud.com.au, first thing I would do is try to configure CumulusMX to use that ip address as ftp server. Or at least try to do a traceroute to that ip address when vpn is enabled.
SamiS
Posts: 355
Joined: Sun 27 Feb 2011 5:13 pm
Weather Station: Ecowitt HP2551 & GW1100
Operating System: Raspberry Pi OS
Location: Kangasala, Finland

Re: VPN

Post by SamiS »

orion_jb2001 wrote: Tue 27 Jul 2021 9:55 am This is the error coming up when the VPN is switched on;

# OpenActiveDataStream(PORT, "STOR /winddata.json", 0)
Command: PORT 100,127,255,253,226,109
Response: 500 I won't open a connection to 100.127.255.253 (only to 66.203.112.103)
Status: Disposing FtpSocketStream...

# CloseDataStream()
2021-07-27 19:39:03.106 FTP[Int]: Error uploading web\winddata.json to /winddata.json : I won't open a connection to 100.127.255.253 (only to 66.203.112.103)

2021-07-27 19:39:03.106 FTP[Int]: Uploading web\wdirdata.json to /wdirdata.json

100.127 .......... etc is the normal isp ip address. 66.203 ........ is the VPN private ip address for the current VPN connection.

I tried switching off Cumulus, activating VPN and starting Cumulus again, same result unfortunately, wouldn't upload to the web site whilst VPN running.
This looks like your ftp server does not want to play when there is NAT or some kind of transparent proxying involved, like it seems to be the case in your vpn connection. Basically the ftp server sees that your connection is initiated from 66.203... -address, and yet the tcp traffic shows that the connection came from 100.127... -address, and therefore refuses to continue. This is one kind of a security feature, trying to prevent man-in-the-middle -attacks etc.

If your ftp site supports, you probably could go around this issue by using SFTP-protocol instead of the FTP or FTPS. If changing to sftp is not possible, you probably could also try to disable EPSV-mode from CumulusMX:s settings (internet settings -> web/ftp site -> advanced settings).
Post Reply