I set up a VPN on my virtual Server using openswan, xl2tpd and ppp (see this tutorial: https://raymii.org/s/tutorials/IPSEC_L2TP_vpn_with_Ubuntu_14.04.html).
So I am talking about a L2TP/IPSec VPN with a PSK.
The problem I have:
I can connect a smartphone with the VPN using the on-board API.
But after that I cannot connect any more devices to the VPN using a device from the same network (others or cell-networks are working).
For me that means NAT-support isn't enabled but as shown in the tutorial I set the nat_traversal-value in /etc/ipsec.conf to "yes".
Actually, if I connect a windows-computer first, I CAN connect both the computer and one more other device (smartphone), but I am NOT able to connect another device.
I am sure the problem isn't:
- the phone: Sometimes I can connect, sometimes not, as shown above. No installations block anything.
- the router: A connection to the VPN is not impossible.
- the server itself: A connection to the VPN is not impossible.
I see the problem in the configs but I have no clue where to look for these settings.
If someone knows what to do I appreciate every answer.
Thank you.
I found my problem in the config files.
For anyone who has the same problem, add the values to the /etc/ipsec.conf as shown below:
version 2.0
config setup
oe=off
listen=%IP_ADDRESS%
conn L2TP-PSK-NAT
rightsubnet=vhost:%priv
also=L2TP-PSK-noNAT
conn L2TP-PSK-noNAT
rekey=yes
It should work after that c:
Related
I am trying to use the Fanuc Adapter found here https://github.com/mtconnect/adapter . And I've gotten this to compile and run on a machine with a Fanuc Controller. My problem is that it is giving me a result of -16 anytime I make a connection to it with an agent or through a web browser. I think the problem is that the machine is using an HSSB connection instead of ethernet and I have the wrong IP and Port. Yet everything online points to setting the IP to 127.0.0.1 and the default port to 8193, which I have tried. Does anyone know what could be the issue or how to set up a Fanuc Adapter on a controller with an HSSB connection? All the resources I've found only explain connecting via ethernet.
Figured it out. The adapter was always using a ethernet handle. Changed the source code to check and use both.
First of, I can see on traffic coming through when I browse on my desktop.
I have set the IP in network settings along with the port but when I connect I do not get the do you want to connect this phone message from Charles.
I have:
deleted all certificates and tried to go to chls.pro/ssl but get no internet message and the certificate doesn't download.
tried ios and android both with the same result.
tried to manually add it to the access devices in Charles.
The only difference is from two weeks ago when I last did this successfully is the VPN I am on (I open the Charles before connecting to the VPN, to rule that out).
Any suggestions? I am going crazy!
There are various issues that can cause this issue: I collect here and you can verify each step to solve it: https://docs.proxyman.io/troubleshooting/my-ios-devices-couldnt-connect-to-proxyman-via-proxy
I would like to summarize:
Check if your Firewall is blocking all incoming traffic -> Turn it OFF
Stop all VPN app from your iOS device
Make sure your iOS devices and your macOS are in the same network.
Disclaimer: I create the Proxyman app, which is a modern version of Charles-Proxy. Hopefully it helps you resolve the problem.
So this is a classic question that I’ve seen many times before...
I’m trying to connect to my home network when not at home using a raspberry pi.
I’m well aware that the way to go with this is to use a vpn server such as OpenVPN.
However, in order to connect to the vpn I would need to forward a port on my router... which I can’t do.
I’ve found remote.it which allows remote connection to a computer (pi) without port forwarding.
What I would like to know is how would I set about using the 2 together, I.e. connecting to remote.it which in turn connects me to my vpn server?
I'm sorry to be finding this question just now, but in case it's still useful to you or to anyone else, here's what you need to do:
Install remote.it
Set-up a remote.it connection to use the protocol (TCP/UDP) and port required by the VPN application
Make a remote.it connection/adding the service to your network (remoteit - Desktop application UI terminology)
Use this connection info (URL/port or localhost:port) with the VPN client
Send an e-mail to support#remote.it if you need help
I would recommend ZeroTier(https://www.zerotier.com/). It haves its own linux client , and you can connect to as many networks as you would like.
You can also configure IP address from the website.
There is also an Android an IOS app that is really simple to connect.
I was trying to study the HTTP(s) requests/response that the apps from my phone are sending so this is what I went ahead and created.
I turned my Raspberry Pi as an access point with 2 wifi usb dongles. One for my phone to connect to the "TEST" network and the second connected to the internet. Everything works fine and my phone is able to access internet via my RPi.
Now I setup MITMproxy (in transparent mode) so that I can sniff the traffic to-from from my phone apps. I installed the mitmproxy certificate on the phone and the traffic shows up fine on the mitmproxy console.
Final step - To make the web traffic data analysis part easier I found on the net that Paros Proxy might be able to help (show the traffic from mitmproxy) in a more readable way. - THIS IS NOT HAPPENING
I am assuming there is some setup required for ParosProxy so that it can be linked to mimtProxy / network interfaces which I am not able to achieve. Can any one please help with this?
ParosProxy dashboard doesnt show any traffic. As far as the settings (Tool->Options) the default settings are there i.e. for local proxy (host = localhost and port = 8080). I couldnt find much documentation about ParosProxy on the web.
My network interfaces on the RPi is as follows :
wlan0 (connected to internet) - DHCP
wlan1 (Access Point to which the phone apps connect to) - static IP (gateway 192.168.10.1)
Just in case there is some other tool that could help me achieve the same (a GUI/better dashboard to analyse mitmproxy traffic in real time) I am pretty open for it.
Yes there is a better option: OWASP ZAP https://www.owasp.org/index.php/ZAP :)
It was forked from Paros ~ 5 years ago, is very actively maintained and pretty well documented.
See https://github.com/zaproxy/zaproxy for links to the online user guide, FAQ user and developer groups.
FYI we have info on how to get ZAP runnin on a Pi: https://github.com/zaproxy/zaproxy/wiki/zappi but that doesnt include setting up wiki access - it would be great if we could update that page with the necessary steps :)
Simon (ZAP project lead)
When developing and testing WP7 apps you're pc is connected to either a real WP7 phone or to the WP7 Device Emulator. For a specific development-purpose I would like to connect directly to the development pc (let's call it the host pc) from the WP7 app without having to rely on an external toast-server. I'm using plain sockets, System.Net.Sockets.Socket.
There seem to be two options:
Obtain the host pc's LAN IP and connect to that
Connect to localhost
Option 1 usually works well, but not always: The host pc may not necessaily have an IP, in which case there's nothing to connect to. Also, in some scenarios all LAN traffic is directed through a company-wide proxy which will disrupt this mechanism.
That lead me to try out option 2. To my surprise it seems to work, but I need to be more sure than simply "it seems to work". I've googled all over but can't find any definitive answer, not even on Microsoft's site like e.g. http://msdn.microsoft.com/en-us/library/ff754351(v=VS.92).aspx. So this is my question:
What exactly is the defined behavior of connecting to localhost from a WP7 app?
Altrernatively, is there a fool-proof way of connecting back to the host-pc?
(Let me stress this again: For this particular purpose I can't use toasts, because the development pc may not even be online.)
Edit:
I work at EQATEC and the application in question is the EQATEC Profiler. Right now the profiler/app-communication is handled by injecting a socket/http-client into the deployed WP7 app that connects back to the profiler's LAN IP address. It works very well and is really fast, but in some very rare cases users are offline and therefore doesn't have an IP, or have some prohibitive lan proxy rules.
Therefore connecting to "localhost" would be excellent if that somehow magically would always work for everybody. It works for me and a couple of test-users, but does it work for all our many thousand profiler users all over the world? I'd like to be more sure.
"localhost" by definition is the machine running the code (well specifically the NIC doing the communication). For either the Phone or the Emulator, that would mean the phone or the emulator, not the PC they are attached to.
When you attach to a PC, you do have a network - it's an RNDIS connection in which both sides get an IP address which traditionally (pre-WP7) could be resolved with 'ppp-peer', though I've not tested that resolution on the Phone. I suspect it will be the same, since WMDC is still what's connecting and they'd have little reason to change that connection mechanism.
If the emulator is resolving localhost to the PC on which is resides, that's a definite bug and I would not count on it continuing to work as they add more robust socket support to the Phone platform.
System.Net.Sockets.Socket isn't really currently available for WP7 programming, but it might be available at some future point (maybe in Mango... maybe...)
AFAIK, the only way to reliably do what you want to do is to set up an http server on the development PC and to provide your app with an HTTP address of that server - or to route messages via some "Cloud proxy"
I'm surprised localhost works at all on the real device... I can only assume that they are asking the connected PC to resolve that DNS name - but even then I'm surprised 127.0.0.1 works.
The ip you're looking for is "192.168.55.100"
That's the ip address the phone uses to connect to the host pc.
If you'd like to connect to the phone, apparently its ip address will be "192.168.55.101"
For the emulator just use localhost or 127.0.0.1
This is from the old ActiveSync days, so I don't know how official it is or how likely it is to last, but for right now at least it worked on my phone.