Posts tagged “vpn”.

VPN Servers with DD-WRT firmware

pptpPPTP VPN Server Configuration

The PPTP  (Point-To-Point Tunneling Protocol) Server allows to connect securely from a remote location and is built in the DD-WRT firmware (Firmware Version: DD-WRT v24-sp2 (10/06/14) kongac – build 25015M-SP1).

The VPN Server setup is very straightforward and well documented on the dedicated DD-WRT pages.

Works well on the Netgear R6300 V1 model. The remote connection works well on MacOS. iOS 10.0.2 on the iPad and iPhone no longer offers the PPTP VPN client protocol.

Bear in mind that your ISP router may need port forwarding enabled (see related post).

If your ISP uses dynamic IP allocation, you may consider to use a dynamic DNS service on your router (read the DD-WRT pages).

Belgacom b-box 3 – port forwarding

bbox3Belgacom B-box 3

The B-box modems are used by Belgacom to support the triple play service offers (telephone, TV and Internet).

thumb up  The Belgacom b-box 3 supports  seamless VLAN integration. All four LAN ports can be used for Internet connections or decoders.

thumb down The administration menu is very restricted and gives very limited control of the router through the user profile login.

Check the online documentation published by Belgacom.

modem-b-box-3-led-all-leds

if you do not wish to use the WiFi features, make sure the two LEDs below are off:

b-box-3-led-wifib-box-3-led-wps

more information about the LED indications can be found on the Proximus site

 

How to configure port forwarding for VPN Servers

Any server installed behind the B-box router will remain unreachable from the Internet unless you configure the firwall (open ports) or use the port forwarding. Here is how you make a VPN Server reachable through the B-box 3.

Login as user to your B-box 3 router (see instructions published here).

Select the Access Control Menu item.

Choose Portmapping and Create a new portmap.

Select in the Service menu ‘PPTP Server‘ and enter the Internal host IP Address.

Confirm with OK to save the settings.

portmapping

Check also the Firewall Level setting:

firewall

 

VPN Clients with DD-WRT firmware

serveVPNThe DD-WRT firmware Version v3.0-r30082  includes VPN Client support.

These are the steps that did the job to use the PureVPN client. Other clients like the vyprVPN or the ExpressVPN client may work as well.

Logon to the router and first make a backup of your current configuration (go to the Administration tab and select Backup).

On the DD-WRT control panel, in the Setup tab, go to “Basic Setup

  • Change the WAN Setup (from Automatic Configuration – DHCP) to “PPTP” protocol.
  • “Gateway (PPTP server)” select the Domain Naming Server (DNS) address for PPTP/L2TP from the PureVPN server list (vyprVPN server list)
  • “Username” enter the username provided by PureVPN (not your email address).
  • “Password” enter the password provided by PureVPN.
  • “Use DHCP” select “Yes” (all other options are set to “No”)
  • “Additional PPTP Options”: write “refuse-eap” in the option box.
  • Network Address Server Settings (DHCP): “DHCP server” is “enable

WAN

click “Apply Settings” and then hit “Save”.

On the DD-WRT control panel, in the Security tab, go to “VPN Passthrough

  • “IPSec Passthrough” is “enable
  • “L2TP Passthrough” is “enable

pastr

Note that PPTP Passthrough may need to be enabled to make some VPN Clients work correctly.

click “Apply Settings” and then hit “Save”.

On the DD-WRT control panel, in the Status tab, go to “WAN

“Login Status” click the Connect (or Disconnect) button to start/stop the connection

Note that you may need to remove static DNS settings on both the router and your personal devices (PC, Tablets, etc.):

dns

Be aware that the use of the VPN Client may drastically reduce the throughput on the Internet.

To revert to its previous value or disable the use of the VPN, ‘reset’ the WAN Connection Type setting. (e.g.  “Automatic Configuration – DHCP”).

Internet streaming outside country of origin

serveVPNExpats and globetrotters may share the challenge to watch their favourite programmes from home, while accessing the Internet from abroad. You will need a stable and high speed on the local Internet connection to make the VPN work.

These VPN solutions have done the job so far:

logoRTVE outside Spain on iPad and iPhone try ExpressVPN.

bbciplayeroutside UK on MacBook try PureVPN or vyprVPN.

sporzaoutside Belgium on MacBook try PureVPN.

 

Read also the thevpn.guru-Retinaarticle(s).

If you have a router with DD-WRT firmware, read this post for VPN Clients use on the router.

 

setup a VPN to your home network with Windows 7 and a Belgacom b-box2

bbox2setup a VPN to your home network with Windows 7 and a Belgacom b-box2

Here is a way to setup a VPN access from a Windows 7 PC to your home network with a Windows 7 PC as host PC:

1) assign a fixed IP address to the host Windows 7 PC on your home network (in this example 192.168.1.9)

2) set port forwarding on your Belgacom b-box router:

b-box2 firewall

  • – create a new entry in LAN Servers

bbox2_port1723

3) use a dynamic DNS service to overcome the ever changing IP address changes applied by Belgacom on your b-box router

4) setup the incoming remote connection on the host Windows 7 PC:

  1. First go to Control Panel and open Network and Sharing Center.
  2. Click on Change adapter settings.
  3. Press Alt+F and select New Incoming connection
  4. Put a check on who you’d like to give access to this computer or you can configure a new account by clicking on Add someone,after that click on Next.
  5. Put a check mark on Through the Internet. Click on Next.
  6. Select the protocols you want to enable for this connection. Click on Allow access.
  7. Make a note of the Computer name as this will be used by the client to connect to this computer and after that Click on Close.

5) setup the VPN connection on the remote Windows 7 PC:

  1. First go to Control Panel and open Network and Sharing Center.
  2. Click on Set up a new connection or network.
  3. Select Connect to a workplace then click on Next.
  4. Select Use my internet connection (VPN).
  5. Type the IP address or computer name (or the dynamic DNS name you created in step 3) where you wish to connect and your connection name under the Destination name field.
  6. Enter a User name and password that has been granted access to the host computer.
  7. For getting connected through created VPN connection, you can either right-click on the Network icon in the system tray and select Network and Sharing Center or go to Control Panel and open Network and Sharing Center, and click on Connect to a network.
  8. Now connect VPN Connection windows will appears.

see also the Pureinfotech article about a VPN connection in Windows 7

NETGEAR R6300 Dual Band WiFi 802.11AC Router

R6300NETGEAR R6300 Dual Band WiFi 802.11AC Router

AC1750 WiFi—450+1300 Mbps speeds

  • Broadcom BCM5300 chip rev 1
  • 5GHz: IEEE® 802.11 a/n/ac
    2.4GHz: IEEE® 802.11 b/g/n
  • 2 USB Ports: one USB 3.0 and one USB 2.0 port
  • 4 10/100/1000Mbps LAN Ports
  • 64/128-bit WEP,WPA / WPA2,WPA-PSK/ WPA2-PSK encryption

Firmware Version: DD-WRT v24-sp2 (10/06/14) kongac – build 25015M-SP1

Works well with Windows XP and Windows 7 and 10 clients, OS X, Android, iOS, Blackberry and Playstations. USB keys may get hot when remained inserted for a long period. Supports three simultaneous networks, including a guest network. Great network performance for speed and coverage.

Upgrade to dd-wrt firmware

This router has been upgraded from Firmware Version V1.0.2.78_1.0.58 to a dd-wrt firmware.

Please refer to the dd-wrt.com site for the detailed documentation and instructions.

myopenrouterCheck also the articles on MyOpenRouter.com.

The key to a successful upgrade is to reset the router before and after each step. Hence,  after each step, the router will restore its default values. This  R6300 V1 model was initially installed with the  Kong K3-AC  version. Once this was succesfully completed and tested, it was upgraded to the Firmware Version: DD-WRT v24-sp2 (10/06/14) kongac – build 25015M-SP1.

The dd-wrt firmware works stable and provides an equal perfomance as the stock firmware but with more features for wireless channel controls and use of VPNs. The user interface is the big drawback and is not recommended for novice users.

Netgear wndr3700

Netgear wndr3700

Hardware Version WNDR3700

Atheros AR7161 rev 2

Firmware Version DD-WRT v3.0-r30082 (07/01/16)

Stock firmware:

Netgear Firmware Version V1.0.16.98

GUI Language Version V1.0.0.64

 

This RangeMax™ Dual Band Wireless-N Gigabit Router offers shared access to an external USB storage device (ReadyShare™) and ReadyDLNA— for streaming videos, photos, and music to a wide range of networked media players.

While the router performs well, the USB storage device sharing is not flawless. It is recommended not to share too many files and, if possible to disable the media server.

explanation of the router leds (lights indications)

versionUpgrade to dd-wrt firmware

These are the steps you may follow to migrate this WNDR3700 V1 model to a dd-wrt firmware.

Prepare for a roll-back and make a backup of your current (Netgear) firmware version and configuration. Keep note of the particular settings, like SSID, wireless security settings and router IP addresses. All your current settings will be lost.

Download from the dd-wrt.com site a copy of the firmware for first time installation. Look for version 07-01-2016-r30082 and select the file File: wndr3700-factory.img from the netgear-wndr3700 directory.

Connect your workstation to the router with an Ethernet cable (wired) and check if the connection is stable (disable your workstation wifi if appropriate).

Launch a web browser (I used Firefox 48.x) and logon to the router. Select (in Advanced; Administration) the Firmware Update option. Locate and highlight the wndr3700-factory.img file on your workstation and click Open > Upload. If you get a warning about installing an (older) version, you may ignore it and proceed.

Be patient and do not interrupt the process. Keep your browser open and keep an eye on the router leds. The process will take several minutes.  The router will reboot after the firmware is uploaded (wait at least 1 minute after 100% is reached). The lights should flash, and eventually the status light should go solid green.

Check the Router Status page to confirm whether the new firmware is uploaded: open http://192.168.1.1 in your browser, and if a DD-WRT screen appears, the upgrade is complete and successful. If this is not the case, troubleshoot first your workstation’s IP address and if odds are against you, read the recovery instructions.

The next step is to restore your particular settings like router name, SSID, wireless security, LAN IP Subnet(s), DNS, etc. It is recommended to make intermediate copies of your configuration (go to the Administration tab and select Backup).

The most common WAN Connection Type setting is “Automatic Configuration – DHCP”

LAN

Firmware version DD-WRT v3.0-r30082 (07/01/16) works very well for me and offers a better performance for the basic router functions than the Netgear Firmware Version V1.0.16.98. You may need to get used to the GUI though. Read also KONG’s Wireless starters guide for first time dd-wrt users. A donation was made to show my appreciation for the developers 🙂

VPN Clients with dd-wrt firmware

Check my post for VPN Clients use.

Extend your wireless coverage (with Netgear Firmware)

Netgear Firmware Version V1.0.16.98

GUI Language Version V1.0.0.64

There are several ways to extend your wireless coverage at home. These are the onces that did the job for me.

The easiest way was to use the Netgear EX6100 – AC750 WiFi Range Extender.

A more challenging way was to use a TP-LINK  TL WDR3600 . I made it work nicely by using a second subnet as explained in this article by Tom’s Guide (version 2). The Netgear and TP-LINK router settings are shown below:

Netgear (router 2) Basic Settings

Netgear Basic Settings

 

Netgear Wireless Settings Overview

Netgear Wireless Overview

 

Netgear Wireless Settings Details

Netgear Wireless Settings

 

TP-LINK (router 1) Wireless Settings Details

TP-Link Wireless Overview

 

Important notice: use different Channels for each router.

With the latest firmware, this router can also be used as a Wireless Access Point or Wireless Repeater. To make it work properly with your main router, you may need to tweak some of the Wireless settings, like the channels etc. To avoid conflicts, use static IP addresses on the WNDR3700 as Access Point (see example below):

WNDR3700_wap

In case of ‘total loss’ of control (i.e. your router does not reset to the factory settings), you can refer to these instructions (it did the job for me, anyway), which I found on the netgear forum:

Step 1: Setting Your Static IP AddressIt is important that you setup a static IP address on your computer. Navigate to: “Start” -> “Control Panel” -> “Network and Internet” -> “Network and Sharing Center” -> “Change adapter settings” (left side). Now right click on your local area connection and open up the properties window. Select “Internet Protocol Version 4 (TCP/IPv4)” and click on properties. Enter the following information then click “OK”.Quote:IP address: 192.168.1.2
Subnet mask: 255.255.255.0
Default gateway: <leave blank>
Preferred DNS server: <leave blank>
Alternate DNS server: <leave blank>
Step 2: Placing the Router Into Recovery ModeStart by turning off the router using the power button on the back of the device. Now, using the small object of your choice, press and hold the “Restore Factory Settings”, also known as the Reset button located on the bottom of the router (there is a red ring around it). While holding the rest button, turn the router back on. Continue to hold the reset button for approximately 45 seconds then release it.

** NOTE: Before you release the reset button, just be sure the power LED light on the router is flashing. If it isn’t, continue to hold it for about another 15 seconds until it is flashing.

Step 3: Enable the TFTP Client in Windows

If you are using Windows Vista or Windows 7, you will need to enable the TFTP client. To do this, navigate to: “Start” -> “Control Panel” -> “Programs” -> “Programs and Features” -> “Turn Windows features on or off” (left side). From there, scroll down until you spot “TFTP Client”. Check the box if it isnt already and click “OK”. Exit the control panel.

Note: I used the TFTP Util Client for Windows
Step 4: Flash the FirmwareStart by opening up a command prompt. From there you will want to type “cd desktop” in order to change your working directory to your desktop. Assuming of course that is where you saved the firmware download. Now for the fun bit. In the command window type:Quote:
tftp -i 192.168.1.1 put WNDR3700-V1.0.4.68NA.img** NOTE: Be sure to use the appropriate name of the file you are trying to flash. It may be a later version then the one I used as an example.
Step 5: The Waiting GameThis would be the perfect time to go grab a drink or hit the washroom. You need to be patient. Do not turn off, restart, unplug cables or otherwise interact with your router. It may take a little while; this is normal! Watch the power LED light on the front of the router. It should remain orange throughout the process. Once it is complete, it will turn green. At this point you may proceed to point your browser to “192.168.1.1” and continue to setup your router.

VPN Clients

Many enterprises deploy Virtual Private Networks (VPN). To connect your PC to their gateway, you must use a VPN client software. The Alcatel Secure VPN client and the NetScreen Remote VPN client software work fine with the Alcatel Speed Touch Home and with the Thomson SpeedTouch 510 . Keep in mind that you need to load Security Policies that match your network provider’s VPN gateways.

The NetScreen Remote VPN client software works fine with the US Robotics Broadband router (USR8000). The Alcatel Secure VPN client software, however does not work with the US Robotics Broadband router (USR8000) but will work with the Netgear Broadband router (here’s looking at you, Dave).

In the table below, you find the different combinations that have been tested successfully:

 

Single user environment
Belgacom SkyNet GO
Wanadoo eXtense 512k
Alcatel Speed Touch Home
Alcatel Speed Touch Home
Thomson SpeedTouch 510SpeedTouch 500 series

 

in Bridged mode
Enternet 300 PPPoE Client
EnterNet 300 PPPoE Windows Client OR
the native Windows XP Broadband PPPoE Client
NetScreen-Remote

 

Multi-user environment in France
Wanadoo eXtense 512k
Wanadoo eXtense 512kBelgacom SkyNet GO
Alcatel Speed Touch Home
Alcatel Speed Touch Home
upgraded to Pro version
Thomson SpeedTouch 510SpeedTouch 500 series
in NAPT mode

 

Router configured for
PPPoE,  DHCP and NAT.

 

Multi-user environment in Belgium
Belgacom SkyNet GO
edpnet
Belgacom SkyNet GO
Belgacom SkyNet GO
Belgacom SkyNet GO
Belgacom SkyNet GO
Alcatel Speed Touch Home
Alcatel Speed Touch Home

 

in NAPT mode
Netgear DG834v2
adsl modem/router

 

Netgear DG834v2  Firmware 4.01.04
Wi-Fi in WPA-AES mode
Philips ADSL modem/router Belgacom b-box
bbox Belgacom
Wi-Fi in WPA-AES mode
Philips ADSL modem/router PSTN Blue
Philips Multiservice ADSL modem router
Wi-Fi in WPA-TKIP mode
Broadband router (USR8000)
Router configured for
PPPoE,  DHCP and NAT.
Netgear WPN802v2
Netgear WPN802  Firmware 1.0.4.0
Wi-Fi in WPA2-AES mode
NetScreen-Remote
NetScreen Remote VPN client with Windows XP Professional