The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 2,433 other followers

Archive for the ‘VPN’ Category

Fritz!Box as DMZ behind an Experiabox version 10A

Posted by jpluimers on 2021/06/17

First of all: incoming Fritz!Box VPN behind an Experiabox version 10A fails, because the DMZ implementation of the Experiabox is faulty.

This worked just fine with the Fritz!Box as DMZ host behind a Ziggo Connectbox ([WayBack] Connectbox | Klantenservice | Ziggo).

First a few things to get regular TCP stuff to work: having your Fritz!Box as the DMZ host of an Experiabox.

I had a hart time figuring out some of them, so further below are also quite a few links just in case you bump into simular things.

  1. On the back of the Experiabox version 10A you find the SSDI and WiFi password on what appears to be a sticker, but is in fact a small piece of cardboard paper.

  2. Behind that cardboard paper is a sticker with the initial administrator password: shove out the piece of cardboard to reveal the sticker.
  3. After login (you cannot change the username, which is ADMIN or KPN) you have to choose a new password, which has these undocumented restrictions:
    • It cannot be the old password
    • The password must contain at least 1 special character (!@#$%^&*()_+|~- =\`{}[]:";'<>?,./).
    • The password must contain at least 1 number character.
    • The password must contain at least 1 uppercase letter.
    • Other restrictions I have not bumped into
  4. The default address of the Experiabox V10a is 192.168.2.254. Do NEVER change it, as KPN totally does not support that scenario and will force you to reset it before starting to help you out with anything. Logon as Administrator to the Experiabox at 192.168.2.254.
  5. Setting fixed DHCP leases was hard to find (I was looking for fixed DHCP, not DHCP reservation): Network -> LAN -> LAN DHCP (dropdown next to LAN) -> DHCP Reservation (up to 10 computers).

  6. The DMZ setting was not where I expected it: Network -> Firewall -> DMZ (dropdown next to Firewall)

 

External port checker: [WayBack] Open Port Checker & Scanner | Test Port Forwarding | Internet Protocol Tools

Related:

–jeroen

Posted in Network-and-equipment, Power User, VPN | Leave a Comment »

Stop FortiClient from auto-starting (as it uses a truckload of Windows resources, often including 2 gigabyte of memory for their logger)

Posted by jpluimers on 2021/04/16

I see lot’s of negative reactions on FortiClient, as it is very closed source, many intermittent issues, and is a product that tries to be a jack of all trades (over a couple of versions, in addition of being a proprietary VPN client, they started doing vulnerability scanning, interfering with anti-virus products, they blocked saving of passwords and allowing password managers to paste them, and I could go on).

Sometimes you have to use it in order to access a FortiGate based VPN server, so the best is to defer starting it until as late as possible.

Here are some links to get that configured correctly:

–jeroen

Posted in FortiGate/FortiClient, Network-and-equipment, Power User, VPN | Leave a Comment »

How to remember password in FortiClient VPN? – Stack Overflow

Posted by jpluimers on 2021/04/12

In [WayBack] How to remember password in FortiClient VPN? – Stack Overflow, the consensus seems to be “it varies, and usually is unreliable”.

Time to write a tool that snifs the Windows GUI and auto-enters the credentials.

That would be much like the Linux expect solution: [WayBack] Continuous run Forticlient VPN using expect. Automatically restart VPN if get disconnected or session closed. · GitHub

Via: [WayBack] Forticlient 5.6 – Save Credentials | Fortinet Technical Discussion Forums

–jeroen

Posted in FortiGate/FortiClient, Network-and-equipment, Power User, VPN | Leave a Comment »

GL-AR300M – GL.iNet: nice small device allowing NAT over WAN, WiFi, 3G/4G modem, or OpenVPN

Posted by jpluimers on 2020/08/28

Still glad I got a few of [WayBack] GL-AR300M – GL.iNet: it makes travel life so much easier when you cannot use tethering.

I got the model GL-AR300M with external antennas (the GL-AR300M only has internal ones with a much shorter range).

Powered over USB, it runs OpenWRT and can NAT a local network towards an external network on the WAN, WiFi or (via USB) 3G/4G modem.

Despite doing only 2.4Ghz, it was a life saver in many occasions (there is a 5Ghz model, but it has over heating issues).

It can even run as an OpenVPN client, but given the hardware it is limited to about 10 Mhz (and gets quite warm).

Over USB, you can access web-cams, hard-disk, and more.

The internal LAN is a life saver when for instance you hook it to a stack of Raspberry Pi devices.

Docs at [WayBack] GL-AR300M – GLI Docs

I’m not the only one happy with it:

Below are some videos with config tips and reviews.

–jeroen

Read the rest of this entry »

Posted in Development, Ethernet, Hardware Development, LifeHacker, Network-and-equipment, Power User, Raspberry Pi, VPN, WiFi | Leave a Comment »

On my research list: finding out how to prevent FortiClient to route all traffic over VPN

Posted by jpluimers on 2020/08/10

Links that will likely help me:

–jeroen

Read the rest of this entry »

Posted in Internet, Network-and-equipment, Power User, Routers, VPN | Leave a Comment »

 
%d bloggers like this: