Raspberry PI as a VPN Client to FRITZBOX with IPSEC

Setup of VPN at the Fritzbox

First, a new user is created under System-> FRITZ! Box user.

Here, the access from the Internet must be granted and VPN (of course, be unlocked, everything else is deselected.

we remember the information from the iphone settings:

  • Description:
  • Server: arpdggefuegr23723n.myfritz.net
  • Account: vpn_user
  • Password: Password of the FRITZ! Box user “vpn_user”
  • Use certificate is disabled
  • Group name: vpn_user
  • Shared Secret: TANrpS1y34hHHJGIS4
 Now it goes on the Raspi ….

Installation:

sudo apt-get install vpnc

Create and customize config:

sudo nano /etc/vpnc/fritzbox.conf

IPSec gateway arpdggefuegr23723n.myfritz.net
IPSec ID vpn_user
IPSec secret TANrpS1y34hHHJGIS4
IKE Authmode psk
Xauth username vpn_user
Xauth password <passwort>
local port 0
DPD idle timeout (our side) 0

first test of the tunnel:

sudo vpnc fritzbox.conf

Ending the VPn connection:

sudo vpnc-disconnect

I have the start of the script in /etc/rc.local registered so that the VPN connection is established during boot.

vpnc fritzbox.conf

– Update –

Since the VPN connection breaks partially uncontrolled Abdelkader Wahb has made a script that monitors the connection and reboots when needed. I do not want to deprive you of this:

Entry in / etc / crontab so that every 3 minutes is automatically executed on boot:

* / 3 * * * * root /etc/init.d/autovpncscript

Source: kuemmel.wtf

Outlook displays “Disconnected” in the status bar if the last character in the legacyExchangeDN attribute is a space

Applies to: Outlook 2016Outlook 2013

Symptoms


In Microsoft Outlook 2016 or Outlook 2013, you experience one or several of the following symptoms:

  • You receive the following error message:
    The Microsoft Exchange Administrator has made a change that requires you quit and restart Outlook.

  • You receive the following error message when you start Outlook:
    Cannot start Microsoft Outlook. Cannot open the Outlook window. The set of folders cannot be opened. The file C:\Users\<username>\AppData\Local\Microsoft\Outlook\user@doamin.com.ost is not an Outlook data file (ost).
  • Outlook displays one of the following message in the status bar:
    Trying to connect…
    Disconnected

Cause


This issue occurs if there is a trailing space (that is, if a space is the last character) in the legacyExchangeDN attribute.

Resolution


To resolve this issue, remove the trailing space from the legacyExchangeDN attribute by using ADSIEdit.msc. To do this, follow these steps.

Important After you make this change in the legacyExchangeDN attribute, recipients who previously received an email message from this user will receive a non-delivery report (NDR) message if they try to reply to an email message that they received from this user before the change was made. This problem will not occur for replies to new email messages that the user sends after the change was made.

  1. Open the Run dialog box. To do this, use one of the following methods, as appropriate for your situation:
    • Windows 10, Windows 8.1 or Windows 8: Press the Windows key + R.
    • Windows 7 or Windows Vista: Click Start, and then click Run.
  2. Type ADSIEdit.msc, and then press Enter.
  3. Expand the Default naming context to CN=Users.
  4. Select the user account whose mailbox is prompting the error.
  5. Right-click this account, and then click Properties.
  6. Locate the legacyExchangeDN attribute, and then click Edit.
  7. Remove the trailing space at the end of the username.
  8. Click OK, click Apply, and then exit ADSIEdit.msc.
  9. Have the user exit and then restart Outlook.

Source: Microsoft

Raspberry pi cleanup script

Create with the following command in your raspberry pi the script.

sudo nano cleanup.sh

Paste below the text and with CTRL + X close nano

#!/bin/bash
 
OLDCONF=$(dpkg -l|grep "^rc"|awk '{print $2}')
CURKERNEL=$(uname -r|sed 's/-*[a-z]//g'|sed 's/-386//g')
LINUXPKG="linux-(image|headers|ubuntu-modules|restricted-modules)"
METALINUXPKG="linux-(image|headers|restricted-modules)-(generic|i386|server|common|rt|xen)"
OLDKERNELS=$(dpkg -l|awk '{print $2}'|grep -E $LINUXPKG |grep -vE $METALINUXPKG|grep -v $CURKERNEL)
YELLOW="\033[1;33m"
RED="\033[0;31m"
ENDCOLOR="\033[0m"
 
if [ $USER != root ]; then
echo -e $RED"Error: must be root"
echo -e $YELLOW"Exiting..."$ENDCOLOR
exit 0
fi
 
echo -e $YELLOW"Cleaning apt cache..."$ENDCOLOR
aptitude clean
 
echo -e $YELLOW"Removing old config files..."$ENDCOLOR
sudo aptitude purge $OLDCONF
 
echo -e $YELLOW"Removing old kernels..."$ENDCOLOR
sudo aptitude purge $OLDKERNELS
 
echo -e $YELLOW"Emptying every trashes..."$ENDCOLOR
rm -rf /home/*/.local/share/Trash/*/** &> /dev/null
rm -rf /root/.local/share/Trash/*/** &> /dev/null
 
echo -e $YELLOW"Script Finished!"$ENDCOLOR

To run the script. First:

sudo chmod 777 cleanup.sh

Start the cleanup:

Sudo ./cleanup.sh

 

Assign ip to VPN connecton on synology nas

Uitgaande van een standaard installatie van het VPN Server package:

Navigeer naar

/usr/syno/etc/packages/VPNCenter/Maak daarin een map aan met de naam

ccdRechten ccd: 0755
Maak in die map een bestand aan met de naam van de gebruiker die het vaste tunnel IP moet krijgen, b.v.

adminSchrijf in dat bestand

ifconfig-push 10.8.0.6 10.8.0.5Rechten admin: 0644

Navigeer naar

/usr/syno/etc/packages/VPNCenter/openvpnOpen

openvpn.confen voeg de regel

client-config-dir /usr/syno/etc/packages/VPNCenter/ccdtoe.

Navigeer naar

/volume1/@appstore/VPNCenter/etc/openvpnopen

radiusplugin.cnfen wijzig

overwriteccfiles=truein

overwriteccfiles=false
Start/Herstart OpenVPN.

Bron: synology-forum.nl

Finding WWN’s on Windows Server 2012 Using PowerShell

With a single command you can retrieve WWN’s on Windows Server 2012 R2 using PowerShell.

Open the PowerShell command and type:

Get-WmiObject -class MSFC_FCAdapterHBAAttributes -namespace “root\WMI” | ForEach-Object {(($_.NodeWWN) | ForEach-Object {“{0:x}” -f $_}) -join “:”}

And that is all there is to it. Simple and fast using PowerShell.

Update: I have been been made aware of another way to get the WWN on Windows 2012 R2 with a cmdlet called get-initiatorport which was added to Windows Server 2012 R2. This is a much cleaner way of retrieving the WWN information instead of the WMI call.

 

PS C:\> Get-InitiatorPort

InstanceName NodeAddress PortAddress ConnectionType
------------ ----------- ----------- --------------
PCI\VEN_10DF&DEV_F100&SUBS... 20000090fa56b930 10000090fa56b930 Fibre Channel
PCI\VEN_10DF&DEV_F100&SUBS... 20000090fa56b931 10000090fa56b931 Fibre Channel

You can also filter the display and just get the PortAddress

PS C:\> Get-InitiatorPort | Select-Object -Property PortAddress | Format-Table -AutoSize

PortAddress
-----------
10000090fa56b930
10000090fa56b931

More information on get-initiatorport and many other storage related cmdlets can be found here!

 

Site

Java plugin needed message when connecting to a website

I had issue connecting to a broccade switch. I got a message that I need to install Java. But Java latest version is already installed on my system.

I tried to install an old version but I could not solve that.

I Found this on a website.

  1. Install Java Latest version 32bit (even if on a x64 box)
  2. Edit the Java.Security file and comment out (put a # sign in front)
    use notepad++ or any other text editor that allows proper formatting display
Line 569

#jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \
#    RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224


And
Line 613

# jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024

3. Do this for both java.security files if you have both 32 and 64 bit java installed. The file(s) are found at:
C:\Program Files (x86) \Java\jre7\lib\security
C:\Program Files\Java\jre7\lib\security

4. Open up control panel and lower the java security bar to medium

5. Add the URLS of your brocades into the Exception Site List (make sure this is identical to what you type into your browser or have bookmarked)

Link

Windows 10 Professional 1703 – Turn Off Automatic Installation of Suggested Apps

For Windows 10 Professional it is not possible to do this with GPO. So add in the GPO this to the register.

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager

SilentInstalledAppsEnabled DWORD
0 = Disable
1 = Enable

I Also disabked PreInstalledAppsEnabled

Located HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ContentDeliveryManager

PreInstalledAppsEnabled DWORD
0 = Disable
1 = Enable

Remove Windows 10 1703 default apps

I Use this script in MDT to remove all Windows 10 Apps.
Add more in $Appslist if you need to remove more.

$AppsList = "Microsoft.3DBuilder","Microsoft.Microsoft3DViewer","Microsoft.BingWeather","Microsoft.Getstarted","Microsoft.Messaging","Microsoft.MicrosoftOfficeHub","Microsoft.MicrosoftSolitaireCollection","Microsoft.OneConnect","Microsoft.People","Microsoft.SkypeApp","microsoft.windowscommunicationsapps","Microsoft.FeedbackHub","Microsoft.WindowsMaps","Microsoft.XboxApp","Microsoft.XboxIdendityProvider","Microsoft.ZuneMusic","Microsoft.ZuneVideo","AdobeSystemsIncorporated.AdobePhotoshopExpress","Microsoft.Advertising.Xaml","Microsoft.Office.OneNote","Microsoft.WindowsFeedbackHub","Microsoft.XboxGameOverlay","Microsoft.XboxIdentityProvider","Microsoft.XboxSpeechToTextOverlay","Microsoft.Office.Sway","Microsoft.BingNews","D5EA27B7.Duolingo-LearnLanguagesforFree","46928bounde.EclipseManager"
 
    ForEach ($App in $AppsList) 
    { 
        $PackageFullName = (Get-AppxPackage $App).PackageFullName
        $ProPackageFullName = (Get-AppxProvisionedPackage -online | where {$_.Displayname -eq $App}).PackageName
         
        If ($PackageFullName) 
        { 
            Write-Verbose "Removing Package: $App"
            remove-AppxPackage -package $PackageFullName
        } 
        Else
        { 
            Write-Host "Unable to find package: $App"
        } 
  
        If ($ProPackageFullName) 
        { 
            Write-Verbose "Removing Provisioned Package: $ProPackageFullName"
            Remove-AppxProvisionedPackage -online -packagename $ProPackageFullName
        } 
        Else
        { 
            Write-Verbose "Unable to find provisioned package: $App"
        }
    }

Location in MDT: