Archive for the ‘Network-and-equipment’ Category
Posted by jpluimers on 2023/04/07
A while after I got a new smartphone, I noticed that when my MacBook was connected over Wi-Fi to the mobile hotspot of my Android phone, the Tunnelblick connections over OpenVPN to my family members would not work. A telnet from the Android phone to the OpenVPN TCP port 1194 woud succeed, but not from the MacBook. Connecting from the phone using JuiceSSH to the OpenSSH endpoints at those family members would work too, so I was a bit flabbergasted.
In the end this seems to be a set of coincidences that fails in this particular setup, but I am not totally aware why.
The solution was to both re-configure the APN (Access Point Name) the smartphone uses to connect to the internet from ipv4/ipv6 to ipv4, and to reboot the phone.
For Dutch provider KPN Mobile, the APN is named internet and apparently changed default to ipv4/ipv6 without properly supporting ipv4. Note the configuration parameters are all lowercase, although they should be written IPv4 and IPv6.
Here are a few posts that got me on the right track (all via [Wayback/Archive] openvpn fails over android hotspot – Google Search):
Note that sometimes the MTU can cause similar failures:
Note too: some links to check for OpenVPN responding are below.
Various sites with (often different) APNs that KPN mobile supports:
There are quite a few APNs, some with firewall and/or proxy and/or compression, some with external IP address (which means your smartphone really needs a firewall).
–jeroen
Posted in Android Devices, Hardware, Network-and-equipment, OpenVPN, Power User, VPN | Leave a Comment »
Posted by jpluimers on 2023/04/04
Wow, I wrote about Tailscale a few times before, and it is still on my research list, but this is a very compelling reason to use it. [Archive] Dave Anderson on Twitter: “Cool minor @Tailscale moment: I’m recommissioning a server that got moved from a different network, so all its network config was wrong, and generally I couldn’t get at it over the network, only IPKVM console. But then my ping over Tailscale started working?!” / Twitter
I archived the thread so it becomes easier to read: [Wayback/Archive] A readable Thread by @dave_universetf Says Cool minor @Tailscale moment: I’ – UnrollThread.com.
The core are these three tweets:
Turns out, IPv6 autoconfiguration is what happened. Sure, v4 configuration was entirely wrong (it was trying to connect to wifi, via a wifi dongle that was no longer installed, and wanted to talk to a DNS server that doesn’t exist any more), but eno1 had a cable plugged in!
The server noticed IPv6 router advertisements, went “I’ll have some of that”, and got global IPv6 connectivity automagically. IPv4 and DNS were still down though, so all it had at this point is the ability to send/receive IPv6 packets.
So, how did Tailscale get from there to a working setup? It still needs to contact
https://t.co/hEs4S8qvTw to get a network map, and still needs to talk to DERP servers to get p2p tunnels working outside the LAN. Enter bootstrap DNS!
It means I have to re-read Source: Some links on Tailscale / Wiregard, especially the [Wayback] How Tailscale works · Tailscale bit, then decide how I want to organise my infrastructure to run parts under Tailscale (I have the impression it is a peer based set-up, not router based).
Then I have to read [Wayback/Archive] IPv4, IPv6, and a sudden change in attitude – apenwarr of which the conclusion is this:
IP mobility is what we do, in a small way, with Tailscale’s WireGuard connections. We try all your Internet links, IPv4 and IPv6, UDP and TCP, relayed and peer-to-peer. We made mobile IP a real thing, if only on your private network for now. And what do you know, the math works. Tailscale’s use of WireGuard with two networks is more reliable than with one network.
Finally I need to not just read it, but understand all it (:
Or maybe I should ask Kris, as I got here through:
I saved Kris’ message thread here at [Wayback/Archive] Thread by @isotopp on Thread Reader App – Thread Reader App.
An OK translation is at [Wayback/Archive] Thread by @isotopp on Thread Reader App – Thread Reader App.
–jeroen
Posted in Hardware, Network-and-equipment, Power User, Scoop, Tailscale, VPN, Windows, Wireguard | 1 Comment »
Posted by jpluimers on 2023/03/31
This post is a reminder to myself to check if Fritz!Box 7490 can be upgraded to the FritzOS (sometimes spelled Fritz!OS or FRITZ!OS) 7.50, which is the firmware that introduced WireGuard on various Fritz!Box models.
Initially it wasn’t available for the wildly popular Fritz!Box 7490 series which, at the time of writing was still a current Fritz!Box model, has been very popular in The Netherlands because of (now defunct) internet provider XS4ALL started shipping it to customers almost 10 years ago ([Wayback/Archive] Property:XS4ALL – BoxMatrix). Currently Fritz!Box products are offered by KPN, Solcon and Freedom Internet.
So I asked [Wayback/Archive] Jeroen Wiert Pluimers @wiert@mastodon.social on Twitter: “Is there any information if (and hopefully estimate when) the @AVM_NL @AVM_DE 7.50 firmware is going to be available for the (in The Netherlands very well sold/distributed) Fritz!Box 7490 model? FritzOS 7.50 supports @WireGuardVPN: a big step forward.”
Read the rest of this entry »
Posted in Fritz!, Fritz!Box, FritzOS/Fritz!OS, Hardware, Internet, ISP, LifeHacker, Network-and-equipment, Power User, xs4all | Leave a Comment »
Posted by jpluimers on 2023/03/06
I was not aware you could this: [WayBack] UniFi – Install a UniFi Cloud Controller on Amazon Web Services – Ubiquiti Networks Support and Help Center
Giving it a bit more thought, I’m not sure I would want this, as it would presume you have an internet connection that is up on the WAN side.
You’d need this before installing any of your Unify equiment, even when installing your first Unify router, which would mean a chicken and egg problem.
Also it would mean you can only use the cloud key when the WAN is down, you cannot use the cloud-key, not even locally.
–jeroen
Posted in Cloud Key, Network-and-equipment, Power User, Unifi-Ubiquiti | Leave a Comment »
Posted by jpluimers on 2023/02/28
[Wayback/Archive] Wireshark Cheat Sheet – Commands, Captures, Filters, Shortcuts
It is available both a huge [Wayback/Archive] jpg (2500×2096 pixels), so it already prints well on A5 or A4 sized paper for reference and as a [Wayback/Archive] PDF (so you can print it on even larger paper sizes).
Via: [Archive] Murdock (@Generic42) / Twitter in a DM.
–jeroen
Read the rest of this entry »
Posted in *nix, *nix-tools, Communications Development, Development, Hardware, Network-and-equipment, Power User, Software Development, Wireshark | Leave a Comment »
Posted by jpluimers on 2023/02/15
Passed away, this makes still every good reading: [Wayback/Archive] PoE Secret Strengths – Danny Thorpe.
I wish both Danny and his site were still alive.
Power over Ethernet (PoE) is a standard (802.3af) for powering devices using voltage carried on “spare” wires in the Ethernet cable. For devices that support being powered by PoE, it means you only need one cable to the device to connect it to network and provide power. Only one cable to snake through walls and attics, and the device can be placed without regard to access to a power outlet.
PoE is rightfully marketed to business IT and is particularly well suited to devices such as IP security cameras, wireless access points, and IP phones. Unfortunately, targeting the business IT audience meant the devices tended to be a lot more expensive than consumer equivalents.
That is now changing. I’m finding a fair number of PoE PSE switches (PSE = Power Source Equipment, that supply power on the Ethernet wire) and PoE PD devices (PD = Powered Device) in the consumer price range. They’re still listed under “business networking” rather than “home networking”, but at least they exist.
He mainly used Netgear PoE switches; I like the MikroTik ones better.
Note there are many Power over Ethernet standards and they have evolved over time. See Source: Power over Ethernet: Standard implementation – Wikipedia
–jeroen
Posted in Ethernet, Hardware, Network-and-equipment, PoE - Power over Ethernet, Power User | Leave a Comment »
Posted by jpluimers on 2022/11/25
For my link archive an interesting blog post by isotopp (Kristian Köhntopp)
[Wayback] My home sensor network
I have been asked to document my home sensor network. Being married to a person with a background in web security sets boundary conditions:
- No cloud. We are running all services locally.
- No control, only metrics.
I am collecting data from a number of plugs with power meters over Wifi, using the MQTT protocol. I am also collecting data from a number of temperature sensors over Zigbee, and convert to MQTT. The MQTT data is ingested into Influx, and then read and plotted in Grafana. All of this is dockered and runs locally on an Ubuntu server.
Via [Archive] Kristian Köhntopp on Twitter: “For @sluongng …”
–jeroen
Posted in Hardware, IoT Internet of Things, Power User | Leave a Comment »
Posted by jpluimers on 2022/11/01
Want: [Wayback/Archive] SMLIGHT SLZB-06 – A Zigbee 3.0 to Ethernet, USB, and WiFi adapter with PoE support – CNX Software
Startup SMLIGHT has launched the SLZB-06 Zigbee 3.0 to Ethernet, USB, and WiFi adapter with PoE support that works out of the box with open-source software such as Home Assistant and Zigbee2MQTT.
The device combines Texas Instruments’ СС2652Р microcontroller for Zigbee with ESP32 for WiFi, data transfer to Ethernet or USB, and peripheral functions such as LEDs and a button.The design is complemented with Microchip LAN8720 for Ethernet.
Read the rest of this entry »
Posted in Development, ESP32, Ethernet, Hardware, Hardware Development, Hardware Interfacing, IoT Internet of Things, Matter, MQ Message Queueing/Queuing, MQTT, Network-and-equipment, PoE - Power over Ethernet, Power User, Software Development, USB, WiFi, Z-Wave, Zigbee | Leave a Comment »
Posted by jpluimers on 2022/10/19
Posted in Development, FortiGate/FortiClient, Hardware, Network-and-equipment, Power User, Security, Software Development, VPN, Windows, Windows 10, Windows 7, Windows 8, Windows 8.1, Windows 9, Windows Development, Windows Server 2000, Windows Server 2003, Windows Server 2003 R2, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Vista, Windows XP | Leave a Comment »
The Wiert Corner - irregular stream of stuff 