Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - Dap-P

Pages: [1] 2 3 ... 6
1
Users / Re: VPN (Need a place for my notes)
« on: February 10, 2014, 05:38:22 pm »
I am not sure if a VPN on the internal network will work in any circumstance, with this setup
Can you try from outside your LinuxMCE network?

Anton

2
Users / Re: VPN (Need a place for my notes)
« on: February 09, 2014, 06:15:44 pm »
After some more testing, these are my findings:

in /etc/ipsec.conf 2 lines need to change
rightsubnet=vhost:%priv into rightsubnet=vhost:%priv,%no
rightprotoport=17/%any into rightprotoport=17/0

If someone can test this (also with an iphone/ipad)
If it is not working on an apple device, can you add the following lines in the "conn L2TP-PSK" section of /etc/ipsec.conf
dpddelay=10
dpdtimeout=90
dpdaction=clear
And see if it is working?

ofcourse you need to enable the port in the firewall also,
iptables -A INPUT -m policy --dir in --pol ipsec -p udp --dport 1701 -j ACCEPT
to allow l2tp traffic out of the ipsec tunnel
and allow udp port 500 and 4500 in the webadmin

Anton

3
Users / Re: VPN (Need a place for my notes)
« on: February 09, 2014, 04:24:50 pm »
After some more research, the only thing that seems to need a change is the ipsec.conf.
Better said, only the last line in /etc/ipsec.conf
If you change that from
Code: [Select]
rightprotoport=17/%any to
Code: [Select]
rightprotoport=17/0 it seems to work for me.

i've tried changing the template (/usr/pluto/templates/ipsec.conf.tmpl) But if i then use the webadmin to configure things, it leaves me with an empty /etc/ipsec.conf file.

Is there somebody that can confirm changing this line is a working solution?

4
Users / Re: VPN (Need a place for my notes)
« on: February 03, 2014, 12:52:09 am »
I've been able to setup VPN with android clients, after some fiddling with the conf files

For now, i use these :
/etc/ipsec.conf http://paste.ubuntu.com/6864517/
/etc/xl2tpd/xl2tpd.conf http://paste.ubuntu.com/6864407/
(just replace the listen-addr with your external interface ip)

And a password without special characters in /etc/ppp/chap-secrets

Still need to find out what settings are actually necessary for the setup.

Anton

5
For wireless connectivity, perhaps this site can also help you:
http://www.cyberciti.biz/faq/debian-linux-wpa-wpa2-wireless-wifi-networking/

Anton

6
Users / VPN (Need a place for my notes)
« on: January 29, 2014, 03:52:50 pm »
Hi all,
I am trying to make VPN work, and i just need a place to put my notes, and perhaps sometimes some help/advice/testers
I dont have a lot of time, and my head is filled with a lot of things lately, so thats why i dump this here

This is what i know for now:

VPN is working if the Core has a public addressable IP, ie not 192.168.x.x, 10.x.x.x, 172.16.x.x
It is working with and without NAT, (protocol 50 or udp port 4500)

What you need to make it work:

In firewall, allow udp 500, udp 4500, and ip 50 (protocol 50)

And you need to accept 1701 out of the IPSEC tunnel:
iptables -A INPUT -m policy --dir in --pol ipsec -p udp --dport 1701 -j ACCEPT


There needs to be a ppp-up script that allows the remote end in iptables. Next time i work on VPN, i'll try to make it.
could be that just ifup ppp0 is enough -> need to test

It's possible that for devices to use 'internet' over VPN masquerading is needed:
iptables -t nat -A POSTROUTING -o eth0 -s 192.168.80.0/24 -j MASQUERADE


Conclusions:
- If VPN is working internally, it is working with a public outside ip
- Is setup with a private outside ip, 1701 traffic doesn't want to go through the ipsec tunnel, and thus failing
  This could be because i have only tested this with android clients, i need to try with windows, or mac (or linux)
- It's easiest to setup with firewall disabled.
- There is still some work that need to be done on scripting and automatic adding of firewall rules.


Anton

7
Users / Re: Audio - Multiple simultaneos outputs
« on: January 16, 2014, 02:01:41 pm »

8
Users / Re: Automatic adding Internet Radio streams to LinuxMCE
« on: January 12, 2014, 10:35:44 pm »
And again an update, this is fully functional for me.
Changed to a little different downloadurl, and put some some different filters in there.

In theory, what garagevibes sayd is possible, only i want this script to do all this automaticly.

Now, if only your country gets detected, the website should filter by popular stations.
Can you UK-based guys test this?

Anton

9
Users / Re: Automatic adding Internet Radio streams to LinuxMCE
« on: January 12, 2014, 08:59:42 pm »
Again, an update. I dont know if this is working for everybody, but i hope so

Anton

10
Users / Re: Automatic adding Internet Radio streams to LinuxMCE
« on: January 12, 2014, 08:40:48 pm »
Normally the site should give you a flat list of radio stations, based on your location.

Perhaps, the site doesn't know exactly where you are...
It should display your 'city' instead of the country where you are in.
I'll try to look into this...

Anton

11
Users / Re: Automatic adding Internet Radio streams to LinuxMCE
« on: January 12, 2014, 02:55:21 pm »
Here is a new version, that removes the "|" from the station name, if it is there

Anton

12
Users / Re: Automatic adding Internet Radio streams to LinuxMCE
« on: January 10, 2014, 01:38:29 pm »
First, Thanks you for testing, and reporting.

I might have an idea why this is happening, but I will dig into this in the weekend.

Anton

13
Users / Re: Need some dedicated testers.
« on: January 07, 2014, 02:17:05 pm »
The difference that i see in your screenshots, is that i have web-port 80 configured.
Perhaps you can try that?
And ofcourse, make sure your phone IS connect to the internal LMCE network

Anton

14
Users / Re: Need some dedicated testers.
« on: January 07, 2014, 12:37:18 am »
I also tried build #99, and it is working for me.

15
Users / Re: Tablet - Qorbiter conflict/incompatibility
« on: December 03, 2013, 10:58:06 pm »

Pages: [1] 2 3 ... 6