Remote control setup step 1

The first step to setting up remote control is to use the Setup/Remote-Control menu entry at the remote site.

Two definitions are required to understand the documentation for WriteLog Remote Control.

  1. The remote site is the one being remotely controlled. It has radios and antennas.
  2. The control site is controlling the remote station. It must have a network connection to the remote.

Using WriteLog Remote Control requires an installation of WriteLog on both ends of the link. (The only supported configuration is using the same WriteLog version on both ends. Other combinations might work.)

RemoteSiteSetup.png

There are three items here that must be available at the control site when its time for the control site to connect.

  • The password. The control site must supply this password in order to initiate remote control.
  • The encryption key and certificate. The control site will confirm its copy of the remote’s public certificate file .
  • The Port number.

The password is used by the remote WriteLog site to verify that the control site is allowed to connect. The public key is used in the other direction; to verify for the control site; When you type in an internet IP address at the control site, the public key is verified that is in fact connected to the remote site that assigned him the password. These two items together give each end cryptographic assurance that the other end is who they think.

WriteLog ships with no encryption key and remote control disabled. The remote site must generate one using the Create New Encryption key button. That process requires no input, but can take several minutes. The file that is created must be copied to the control site to be used to login. Nor does WriteLog automate the copy. You have to figure out a way to get the certificate and password to the control site. Use a USB key or a file transfer. Hint: if you use email, zip the .crt file into a zip file first! This is because email programs will do special, undesired handling of .crt files—like install them. Doing a new Create on the screen above of course disables all existing control sites until they replace their key with the new one.

Additional Security Settings

The above is how WriteLog authenticates that the participants on the two ends of it links are who they say they are. But in order for those two ends to even send internet messages to each other, there are intervening authorities that you are going to have to satisfy. There are at least two to worry about.

  1. Windows Defender Firewall, which I shorten to “Windows Firewall” or simply “Firewall” in the discussion below.
  2. Your remote site PC is likely not connected directly to the internet, but instead through a router device. That device must be configured to allow WriteLog’s traffic through.

Both the above, by default, do not allow applications like WriteLog to communicate. Each has to be individually configured to allow WriteLog through. WriteLog Remote Control is designed to need very little privilege at its control site—it only requires out-going TCP connections on an arbitrary port number—but at the remote site, the Windows Defender Firewall and your home router must be satisfied.

Firewall and router settings

The Port number setting defaults to 6555. That number is arbitrary, but cannot conflict with other internet-connected applications you might have on your PC or routed through a home router. If you must change it, it is recommended in the range from 1024 up to 30000. Note that changing this number from the default 6555 will also require a Windows administrator at the remote site to adjust Windows Firewall settings to allow WriteLog to pass traffic on those port numbers. The WriteLog installer optionally sets the Windows Firewall up for its default 6555 setting. To use a different number, you need a Windows administrator.

Here is the installer check box. Turn on the circled check box at installation time to make the WriteLog installer set the appropriate Windows Firewall port settings. This setting is critical for the WriteLog install at the remote site. WriteLog’s Control Site does not need Windows Firewall openings to work, although leaving this check box off on the control site install might block WriteLog from optimizing audio transfer with UDP.

RemoteFirewallSetup.png

Its OK if you did not set that check box the last time you installed WriteLog. Just install it again, the check box appears again. Change it and click Next in the wizard and continue on through the installation process. Because the Windows Firewall silently discards connection requests that it does not allow, the error messages for incorrect settings appear only at the control site and only say that the remote could not connect. The messages give no hint that the connect process made it all the way across the internet to the remote machine, only to be rejected at the PC running WriteLog at the remote site.

The port number you choose at the remote must, of course, be matched at the control site. For over-the-internet connections, this number must also be configured at the remote site internet router firewall. That firewall (or router) must be set up to pass this port number along with the next two higher numbers to the PC running WriteLog. The port protocol is TCP as opposed to UDP.  (You only need care about the difference because your router firewall is going to show TCP separate from UDP. Its TCP that you’re needing to set for WriteLog.) The plus-one port number is used for the audio connection. If you want to run WriteLog Remote Control for RTTY, also set up the port number plus 2 to also be forwarded to the WriteLog remote PC.

WriteLog version 12.34 and up can alternatively use UDP for remote audio. There are certain technical advantages for UDP compared to TCP for streaming audio, but UDP and TCP are separate network administrator set ups. WriteLog uses the same port number setting for its UDP audio the port number it uses for TCP. That audio port number is, by default, 6556. So when you get out your home router instructions and work through the process of enabling its port forwarding for TCP port numbers 6555, 6556, and 6557 to your shack PC, look for the UDP equivalent. Also set the UDP port number 6556 to forward to the same PC and you’ll be ready for the UDP optimization. Again: WriteLog requires the designated TCP ports be open and will optionally also use UDP port 6556 if it discovers UDP packets will make it across as well.

In summary: set your remote site router to forward TCP 6555, 6556, and 6557 to your shack PC, and also forward UDP 6556.

WriteLog Remote Control must have TCP 6555 to do anything at all, TCP 6556 to transfer audio (in both RX and TX directions), and TCP 6557 for RTTY modems. UDP audio also requires UDP 6556.

At the control site, no special firewall settings are required. You should be able to operate a WriteLog control site on your laptop at your local coffee shop or library wifi unless they have blocked these required ports from outgoing traffic.

And that is all the WriteLog setup to be done at the remote. All the remaining setup items, and there are more, are at the control site.

It is also likely you’ll need the control to be able to access general Windows Desktop functions at the remote. WriteLog does not provide that. Try http://teamviewer.com, https://www.tightvnc.com/, https://www.gotomypc.com/, or http://realvnc.com or similar.

Leave a Reply