The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 2,513 other followers

Archive for the ‘VPN’ Category

Some links on Wireguard as DHCP clients were not supported back then yet

Posted by jpluimers on 2021/11/12

Wireguard seems more light-weignt and secure than OpenVPN and IPsec. So I’m anxious to know how it is supposed to work for road warriors that often depend on receiving DHCP addresses into the network of the VPN server.

Some links that hopefully get me started to install a Wireguard VPN server and provide services to road warrior clients.

First the Twitter thread that got me investigating:

Then some links I found:

–jeroen

Read the rest of this entry »

Posted in Network-and-equipment, Power User, VPN, Wireguard | Leave a Comment »

It looks like a volunteer has been found to maintain the openvpn chocolatey

Posted by jpluimers on 2021/08/09

The chocolatey package for OpenVPN has not been updated for quite a while. It looks like it has to do with the current dependency to verify the OpenVPN signature.

The current [Wayback] Chocolatey Software | OpenVPN 2.4.7 version is both outdated on the major version number ([Wayback/Archive.is] Release OpenVPN v2.5.3 release · OpenVPN/openvpn) and minor version ([Wayback/Archive.is] Release OpenVPN v2.4.11 release · OpenVPN/openvpn). The version 2.4 Windows installers are now called “Legacy Windows Installers”.

Luckily less than a day after the start of the [Wayback/Archive.is] RFM – openvpn · Issue #1024 · chocolatey-community/chocolatey-package-requests, a volunteer stepped forward.

Hopefully by now the package is being maintained again.

–jeroen

Posted in Network-and-equipment, OpenVPN, Power User, VPN | Leave a Comment »

Fritz!Box as DMZ behind an Experiabox version 10A

Posted by jpluimers on 2021/06/17

First of all: incoming Fritz!Box VPN behind an Experiabox version 10A fails, because the DMZ implementation of the Experiabox is faulty.

This worked just fine with the Fritz!Box as DMZ host behind a Ziggo Connectbox ([WayBack] Connectbox | Klantenservice | Ziggo).

First a few things to get regular TCP stuff to work: having your Fritz!Box as the DMZ host of an Experiabox.

I had a hart time figuring out some of them, so further below are also quite a few links just in case you bump into simular things.

  1. On the back of the Experiabox version 10A you find the SSDI and WiFi password on what appears to be a sticker, but is in fact a small piece of cardboard paper.

  2. Behind that cardboard paper is a sticker with the initial administrator password: shove out the piece of cardboard to reveal the sticker.
  3. After login (you cannot change the username, which is ADMIN or KPN) you have to choose a new password, which has these undocumented restrictions:
    • It cannot be the old password
    • The password must contain at least 1 special character (!@#$%^&*()_+|~- =\`{}[]:";'<>?,./).
    • The password must contain at least 1 number character.
    • The password must contain at least 1 uppercase letter.
    • Other restrictions I have not bumped into
  4. The default address of the Experiabox V10a is 192.168.2.254. Do NEVER change it, as KPN totally does not support that scenario and will force you to reset it before starting to help you out with anything. Logon as Administrator to the Experiabox at 192.168.2.254.
  5. Setting fixed DHCP leases was hard to find (I was looking for fixed DHCP, not DHCP reservation): Network -> LAN -> LAN DHCP (dropdown next to LAN) -> DHCP Reservation (up to 10 computers).

  6. The DMZ setting was not where I expected it: Network -> Firewall -> DMZ (dropdown next to Firewall)

 

External port checker: [WayBack] Open Port Checker & Scanner | Test Port Forwarding | Internet Protocol Tools

Related:

–jeroen

Posted in Network-and-equipment, Power User, VPN | Leave a Comment »

Stop FortiClient from auto-starting (as it uses a truckload of Windows resources, often including 2 gigabyte of memory for their logger)

Posted by jpluimers on 2021/04/16

I see lot’s of negative reactions on FortiClient, as it is very closed source, many intermittent issues, and is a product that tries to be a jack of all trades (over a couple of versions, in addition of being a proprietary VPN client, they started doing vulnerability scanning, interfering with anti-virus products, they blocked saving of passwords and allowing password managers to paste them, and I could go on).

Sometimes you have to use it in order to access a FortiGate based VPN server, so the best is to defer starting it until as late as possible.

Here are some links to get that configured correctly:

–jeroen

Posted in FortiGate/FortiClient, Network-and-equipment, Power User, VPN | Leave a Comment »

How to remember password in FortiClient VPN? – Stack Overflow

Posted by jpluimers on 2021/04/12

In [WayBack] How to remember password in FortiClient VPN? – Stack Overflow, the consensus seems to be “it varies, and usually is unreliable”.

Time to write a tool that snifs the Windows GUI and auto-enters the credentials.

That would be much like the Linux expect solution: [WayBack] Continuous run Forticlient VPN using expect. Automatically restart VPN if get disconnected or session closed. · GitHub

Via: [WayBack] Forticlient 5.6 – Save Credentials | Fortinet Technical Discussion Forums

–jeroen

Posted in FortiGate/FortiClient, Network-and-equipment, Power User, VPN | Leave a Comment »

 
%d bloggers like this: