May 17, 2014
August 21, 2013
Windows 8 Pro (which is the version I have. I cannot comment on other versions) appears to have an issue with a normal OpenVPN tunnel. When using UDP, my VPN does not pass traffic. It does pass that traffic when I use TCP. Additionally, a Cisco SSL VPN (also UDP based) I use does not work. After browsing about a bit, I found that the UDP encapsulation settings have an effect on this. The registry setting which needs to be changed is:
After rebooting, both of my VPNs worked, fixing an issue which nearly made me abandon Windows 8.
January 24, 2013
One thing which always bugged me about my VPN setup is that whenever I used IPSec on Windows 7, I had to specify the route into my home network using a command prompt in Windows (with elevated permissions) where I had to use the “route add” command (you can view the link to see my example.) I finally have a way around this, by using the tip here. Just follow these directions, but instead of a script, specify the route command, with the flags “add 192.168.0.0 mask 255.255.255.0 10.8.8.1” from the example in my VPN setup post. Check the box “run with highest permissions” and save it. Now, every time you connect to your VPN, the task will automatically set your route. Obviously, you could make this a script with any number of commands or multiple routes, so adjust things accordingly.
September 9, 2012
Recently, I have been listening to new voices and perspectives from blacks regarding many of the endemic problems which affect black Americans. There are conservative groups on Facebook and around the Internet which cater to blacks.There are various pan African groups and individuals. One of the most interesting of these rarely heard voices is the Internet talk show, Your World, My Views, hosted by psychologist and former comedian Tommy Sotomayor. I have found this show to be absolutely fascinating. It is rare that we hear disagreement among blacks without the immediate shouting down of those who differ as “sellouts” or some other inflammatory name. But this is one such rare show.
Hearing the observations of others on the disintegration of black families and culture is wonderful. It is important for many voices to be heard. When an engineering team looks at solving a problem, having a variety of perspectives is crucial in developing truly innovative, effective solutions, and the repair of black America is a truly massive engineering prospect. As I have mentioned before, the great enemies of blacks in America, especially men, are the government policies of welfare and the war on drugs. This has essentially killed much of what black manhood has meant.
We need more of this honest dialog, and even vehement disagreement, in order to actually solve the problems which plague us.
Note that the site may contain some NSFW content.
January 10, 2012
I bought an Asus U56E from Fry’s, which has an Intel i5-2410M CPU. The laptop has been very good, having excellent battery life and good performance. I replaced the internal optical drive with a drive caddy so that I could replace the internal drive with an SSD, but have an additional spinning drive in order to have a larger amount of space. My SSD has built-in encryption, however the spinning drive does not. I use Truecrypt. I wanted the i5 because I was under the mistaken impression that they all supported AES-NI. I later discovered that Intel has issued a microcode update for this CPU which enables the feature, but the BIOS manufacturer needed to enable it in the system BIOS. Asus has now enabled this feature in version 213 of the BIOS. Truecrypt’s benchmark performance has increased 5x since the update.
December 4, 2011
I used the easy-rsa script to generate some new server certs recently, and found that my strongswan install on OpenWRT could not load the RSA key. This despite the fact that the same key works fine in OpenVPN on the same server. The interesting thing is that when I use the build-key-pkcs12 script instead of the build-key-server script, and then use openssl on the router to extract the cert and key, the key works. it is also a different size. The key kept coming up as 1704 bytes when using the server script, but 1669 bytes with the pkcs12 script. Since the pkcs12 script works, I suggest using it always. It generates the key and crt files any way, even though the extracted key file was a different size than the generated one with the same set of files. There must be a bug somewhere.
May 23, 2011
My issues with Strongswan in the OpenWRT trunk are now resolved. Strongswan 4.5.1-1 is available.
April 5, 2011
February 22, 2011
November 6, 2010
I log into a Zimbra server for email. I may be logged in on the local network, from outside, over the Internet, or across a VPN. The hostname is always the same. I found that I would have to actually quit Firefox in order to log back into Zimbra if I initiated a session over the Internet, and later made a VPN connection. I would see a white screen with a link in the upper left corner which said [Sign Out]. Clicking it did nothing. I actually had to restart Firefox. I discovered that this happened because of Noscript’s ABE protection. I did not wish to disable this, as it is a useful security feature. The solution is to go into the NoScript options, under ABE, and edit the SYSTEM settings. It normally says
# Prevent Internet sites from requesting LAN resources.
Accept from LOCAL
I added this line after the Accept lin:
Accept ALL from *.<mydomainname>
That fixed the issue. It might be advisable for people who use Noscript in a corporate environment with VPN access to add this to their ABE settings in order to prevent web application failures.