The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,778 other followers

Archive for the ‘VPN’ Category

Forticlient “the user might login in another computer”, never found the cause

Posted by jpluimers on 2019/11/25

Could only find one reference using “the user might login in another computer” – Google Search, who also could not find out why this error happened:

When trying to log in on FortiClient, I get an error message that says, “the user might login in another computer” I assume that could mean that I’m logged in on another machine elsewhere? I could not find any information confirming that.

[WayBack] Error Message | Fortinet Technical Discussion Forums

So I reached out to Fortinet, the makers of Forticlient:

[WayBackJeroen Pluimers on Twitter: “@Fortinet what could cause this? Searching for the message “The user might login in another computer” did not get me any further: https://t.co/Bl4KoWJ7IB FortiClient 6.6.1.723 on MacOS High Sierra.…”

 

 

–jeroen

Posted in FortiGate/FortiClient, Network-and-equipment, Power User, VPN | Leave a Comment »

Tools for TCP tunnels over HTTP/HTTPS

Posted by jpluimers on 2019/01/16

With the advent of WebSockets, it looks like TCP tunnels over HTTP/HTTPS are gaining more ground and I need to put some research time in them.

Some old to new links:

CONNECT requests are not supported by many HTTP proxies, especially in larger organisations, so chisel and crowbar have a much bigger chance there.

And of course there is SoftEtherVPN/SoftEtherVPN: A Free Cross-platform Multi-protocol VPN Software. * For support, troubleshooting and feature requests we have http://www.vpnusers.com/. For critical vulnerability please email us. (mail address is on the header.).

However, that is a VPN solution which is much broader than just a single TCP tunnel. You can so similar things with OpenVPN, but over HTTP/HTTPS, also requires CONNECT:

SoftEtherVPN seems to be more versatile though. I blogged about that before, but back then didn’t have needs for it yet. VPN over HTTPS: Ultimate Powerful VPN Connectivity – SoftEther VPN Project.

–jeroen

via: [WayBackVPN through only http – Server Fault answer by [WayBack] neutrinus

Posted in Communications Development, Development, HTTP, https, Internet protocol suite, Network-and-equipment, OpenVPN, Power User, TCP, VPN, WebSockets, Windows-Http-Proxy | Leave a Comment »

How I made my own VPN server in 15 minutes | TechCrunch

Posted by jpluimers on 2018/07/13

People are (rightfully) freaking out about their privacy as the Senate voted to let internet providers share your private data with advertisers. While it’s important to protect your privacy,…

Interesting: easy setup allows for creating disposable VPN servers.

–jeroen

Posted in *nix, IPSec, Network-and-equipment, Power User, VPN | Leave a Comment »

Tunneling over WebSockets

Posted by jpluimers on 2017/07/04

Just found out about these interesting links I had loved to use years ago, but alas, now I know (:

It looks similar to SSL VPN sometimes also called WebVPN:

Then there are non-VPN tunnels through WebSockets:

Since WebSockets can run over a proxy server you could route any kind of binary traffic through them even in places that disallow non-web protocols or layer-7 inspect https traffic.

Although ops might restrict stuff even further:

–jeroen

Posted in Internet, Network-and-equipment, Power User, VPN | Leave a Comment »

Reminder to self: when your PPTP server is behind a NAT, forward both GRE protocol and TCP port 1723

Posted by jpluimers on 2017/06/06

The WAN sides of my Mikrotik CCR1009 are partly behind Fritz!Box routers that do NAT and contain a truckload of port-forwards.

A while ago, I wanted the CCR1009 to do PPTP as Fritz!Box 7360 and 7490: static routes over VPN don’t work (so I could only VPN to the WAN side of the CCR1009). However, it would not pass through the Fritz!Box from the outside.

It appears you need to forward both:

Maybe one day I will ditch the Fritz!Box 7490 and directly hookup the Mikrotik to the NTU: xs4all ftth en Mikrotik router – Google Groups.

But preferably I should follow Don’t use PPTP, and don’t use IPSEC-PSK either (via: CloudCracker blog)

–jeroen

via: VPNs einrichten mit PPTP – administrator.de: Achtung mit PPTP VPN Servern hinter NAT Firewalls !

Forward both PPTP TCP port 1723 and the GRE protocol

Forward both PPTP TCP port 1723 and the GRE protocol

Posted in Fritz!, Fritz!Box, Fritz!WLAN, Internet, IPSec, MikroTik, Network-and-equipment, Power User, PPTP, Routers, VPN | Leave a Comment »

 
%d bloggers like this: