The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,497 other followers

Archive for the ‘VPN’ Category

Tools for TCP tunnels over HTTP/HTTPS

Posted by jpluimers on 2019/01/16

With the advent of WebSockets, it looks like TCP tunnels over HTTP/HTTPS are gaining more ground and I need to put some research time in them.

Some old to new links:

CONNECT requests are not supported by many HTTP proxies, especially in larger organisations, so chisel and crowbar have a much bigger chance there.

And of course there is SoftEtherVPN/SoftEtherVPN: A Free Cross-platform Multi-protocol VPN Software. * For support, troubleshooting and feature requests we have http://www.vpnusers.com/. For critical vulnerability please email us. (mail address is on the header.).

However, that is a VPN solution which is much broader than just a single TCP tunnel. You can so similar things with OpenVPN, but over HTTP/HTTPS, also requires CONNECT:

SoftEtherVPN seems to be more versatile though. I blogged about that before, but back then didn’t have needs for it yet. VPN over HTTPS: Ultimate Powerful VPN Connectivity – SoftEther VPN Project.

–jeroen

via: [WayBackVPN through only http – Server Fault answer by [WayBack] neutrinus

Posted in Communications Development, Development, HTTP, https, Internet protocol suite, Network-and-equipment, OpenVPN, Power User, TCP, VPN, WebSockets, Windows-Http-Proxy | Leave a Comment »

How I made my own VPN server in 15 minutes | TechCrunch

Posted by jpluimers on 2018/07/13

People are (rightfully) freaking out about their privacy as the Senate voted to let internet providers share your private data with advertisers. While it’s important to protect your privacy,…

Interesting: easy setup allows for creating disposable VPN servers.

–jeroen

Posted in *nix, IPSec, Network-and-equipment, Power User, VPN | Leave a Comment »

Tunneling over WebSockets

Posted by jpluimers on 2017/07/04

Just found out about these interesting links I had loved to use years ago, but alas, now I know (:

It looks similar to SSL VPN sometimes also called WebVPN:

Then there are non-VPN tunnels through WebSockets:

Since WebSockets can run over a proxy server you could route any kind of binary traffic through them even in places that disallow non-web protocols or layer-7 inspect https traffic.

Although ops might restrict stuff even further:

–jeroen

Posted in Internet, Network-and-equipment, Power User, VPN | Leave a Comment »

Reminder to self: when your PPTP server is behind a NAT, forward both GRE protocol and TCP port 1723

Posted by jpluimers on 2017/06/06

The WAN sides of my Mikrotik CCR1009 are partly behind Fritz!Box routers that do NAT and contain a truckload of port-forwards.

A while ago, I wanted the CCR1009 to do PPTP as Fritz!Box 7360 and 7490: static routes over VPN don’t work (so I could only VPN to the WAN side of the CCR1009). However, it would not pass through the Fritz!Box from the outside.

It appears you need to forward both:

Maybe one day I will ditch the Fritz!Box 7490 and directly hookup the Mikrotik to the NTU: xs4all ftth en Mikrotik router – Google Groups.

But preferably I should follow Don’t use PPTP, and don’t use IPSEC-PSK either (via: CloudCracker blog)

–jeroen

via: VPNs einrichten mit PPTP – administrator.de: Achtung mit PPTP VPN Servern hinter NAT Firewalls !

Forward both PPTP TCP port 1723 and the GRE protocol

Forward both PPTP TCP port 1723 and the GRE protocol

Posted in Fritz!, Fritz!Box, Fritz!WLAN, Internet, IPSec, MikroTik, Network-and-equipment, Power User, PPTP, Routers, VPN | Leave a Comment »

Some links for MikroTik tips and scripts

Posted by jpluimers on 2017/04/25

MikroTik has great hardware, but getting things to work can be a bit ehm intimidating.

So here are some links that were useful getting my CCR1009 and CRS226 configurations to do what I wanted.

Very advanced stuff:

Packet flow (maybe the toughest part to wrap your head around):

Scripts:

Load balancing:

Syntax highlighting:

Pictures

Very well written blog:

Manito Network’s Mikrotik solutions blog. In-depth articles on Mikrotik routing, security, best practices, VPN, and more.

Source: Mikrotik — Manito Networks

Solutions for RouterOS-based Mikrotik networks. Includes security and best practices, VPN, routing, switching, and more.

Source: Mikrotik-1 — Manito Networks

–jeroen

Posted in Internet, IPSec, MikroTik, Network-and-equipment, OpenVPN, Power User, PPTP, Routers, VPN | Leave a Comment »

 
%d bloggers like this: