The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

    • RT @nadineswagerman: Iemand mailde me dat een 13-jarig meisje mijn novelle had uitgekozen om te lezen/bespreken op school. Het boek bevat 9… 5 hours ago
    • RT @jilles_com: Afgelopen 10 dagen hebben we door NL gereisd, elke dag een nieuw hotel en op heel veel locaties gegeten. In 60% van de geva… 5 hours ago
    • RT @FTM_nl: Sywert van Lienden plaatste bewust een serie tweets om het ministerie onder druk te zetten om de omstreden mondkapjesdeal met h… 5 hours ago
    • RT @ArmsControlWonk: China just used a rocket to put a space plane in orbit and the space plane glided back to earth. Orbital bombardment i… 5 hours ago
    • RT @shossontwits: O jee. Nu dit weer. 6 hours ago
  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 2,482 other followers

Archive for the ‘VPN’ Category

It looks like a volunteer has been found to maintain the openvpn chocolatey

Posted by jpluimers on 2021/08/09

The chocolatey package for OpenVPN has not been updated for quite a while. It looks like it has to do with the current dependency to verify the OpenVPN signature.

The current [Wayback] Chocolatey Software | OpenVPN 2.4.7 version is both outdated on the major version number ([Wayback/] Release OpenVPN v2.5.3 release · OpenVPN/openvpn) and minor version ([Wayback/] Release OpenVPN v2.4.11 release · OpenVPN/openvpn). The version 2.4 Windows installers are now called “Legacy Windows Installers”.

Luckily less than a day after the start of the [Wayback/] RFM – openvpn · Issue #1024 · chocolatey-community/chocolatey-package-requests, a volunteer stepped forward.

Hopefully by now the package is being maintained again.


Posted in Network-and-equipment, OpenVPN, Power User, VPN | Leave a Comment »

Fritz!Box as DMZ behind an Experiabox version 10A

Posted by jpluimers on 2021/06/17

First of all: incoming Fritz!Box VPN behind an Experiabox version 10A fails, because the DMZ implementation of the Experiabox is faulty.

This worked just fine with the Fritz!Box as DMZ host behind a Ziggo Connectbox ([WayBack] Connectbox | Klantenservice | Ziggo).

First a few things to get regular TCP stuff to work: having your Fritz!Box as the DMZ host of an Experiabox.

I had a hart time figuring out some of them, so further below are also quite a few links just in case you bump into simular things.

  1. On the back of the Experiabox version 10A you find the SSDI and WiFi password on what appears to be a sticker, but is in fact a small piece of cardboard paper.

  2. Behind that cardboard paper is a sticker with the initial administrator password: shove out the piece of cardboard to reveal the sticker.
  3. After login (you cannot change the username, which is ADMIN or KPN) you have to choose a new password, which has these undocumented restrictions:
    • It cannot be the old password
    • The password must contain at least 1 special character (!@#$%^&*()_+|~- =\`{}[]:";'<>?,./).
    • The password must contain at least 1 number character.
    • The password must contain at least 1 uppercase letter.
    • Other restrictions I have not bumped into
  4. The default address of the Experiabox V10a is Do NEVER change it, as KPN totally does not support that scenario and will force you to reset it before starting to help you out with anything. Logon as Administrator to the Experiabox at
  5. Setting fixed DHCP leases was hard to find (I was looking for fixed DHCP, not DHCP reservation): Network -> LAN -> LAN DHCP (dropdown next to LAN) -> DHCP Reservation (up to 10 computers).

  6. The DMZ setting was not where I expected it: Network -> Firewall -> DMZ (dropdown next to Firewall)


External port checker: [WayBack] Open Port Checker & Scanner | Test Port Forwarding | Internet Protocol Tools



Posted in Network-and-equipment, Power User, VPN | Leave a Comment »

Stop FortiClient from auto-starting (as it uses a truckload of Windows resources, often including 2 gigabyte of memory for their logger)

Posted by jpluimers on 2021/04/16

I see lot’s of negative reactions on FortiClient, as it is very closed source, many intermittent issues, and is a product that tries to be a jack of all trades (over a couple of versions, in addition of being a proprietary VPN client, they started doing vulnerability scanning, interfering with anti-virus products, they blocked saving of passwords and allowing password managers to paste them, and I could go on).

Sometimes you have to use it in order to access a FortiGate based VPN server, so the best is to defer starting it until as late as possible.

Here are some links to get that configured correctly:


Posted in FortiGate/FortiClient, Network-and-equipment, Power User, VPN | Leave a Comment »

How to remember password in FortiClient VPN? – Stack Overflow

Posted by jpluimers on 2021/04/12

In [WayBack] How to remember password in FortiClient VPN? – Stack Overflow, the consensus seems to be “it varies, and usually is unreliable”.

Time to write a tool that snifs the Windows GUI and auto-enters the credentials.

That would be much like the Linux expect solution: [WayBack] Continuous run Forticlient VPN using expect. Automatically restart VPN if get disconnected or session closed. · GitHub

Via: [WayBack] Forticlient 5.6 – Save Credentials | Fortinet Technical Discussion Forums


Posted in FortiGate/FortiClient, Network-and-equipment, Power User, VPN | Leave a Comment »

GL-AR300M – GL.iNet: nice small device allowing NAT over WAN, WiFi, 3G/4G modem, or OpenVPN

Posted by jpluimers on 2020/08/28

Still glad I got a few of [WayBack] GL-AR300M – GL.iNet: it makes travel life so much easier when you cannot use tethering.

I got the model GL-AR300M with external antennas (the GL-AR300M only has internal ones with a much shorter range).

Powered over USB, it runs OpenWRT and can NAT a local network towards an external network on the WAN, WiFi or (via USB) 3G/4G modem.

Despite doing only 2.4Ghz, it was a life saver in many occasions (there is a 5Ghz model, but it has over heating issues).

It can even run as an OpenVPN client, but given the hardware it is limited to about 10 Mhz (and gets quite warm).

Over USB, you can access web-cams, hard-disk, and more.

The internal LAN is a life saver when for instance you hook it to a stack of Raspberry Pi devices.

Docs at [WayBack] GL-AR300M – GLI Docs

I’m not the only one happy with it:

Below are some videos with config tips and reviews.


Read the rest of this entry »

Posted in Development, Ethernet, Hardware Development, LifeHacker, Network-and-equipment, Power User, Raspberry Pi, VPN, WiFi | Leave a Comment »

%d bloggers like this: