How to setup VPN with PPTP

In the past there was a Personal VPN Server (OpenVPN) which gave us more security than PPTP could give us.

Then why would you want PPTP ? Because its faster and have lower footprint on CPU than OpenVPN. That way you can pick which you prefer in your case scenario. Also there is build-in support for PPTP in most devices.

Install:

And restart service:

Check if pptpd is listening to 1723 port:

Now setup some network stuffs:

Next in terminal:

Thats all on server side.

 

Client configuration:

Create config file:

Now we can connect to server (using name of the config file – pptpserver):

 

Facebooktwittergoogle_plusreddit

Personal VPN Server (OpenVPN)

Internet providers are collecting more and more data about our internet activities, but what can we do about it ?

You want to have secure access to your home servers, nas, devices ?

Virtual Private Network aka VPN is a solution for your needs!

 

1.Instalation

2.openvpn configuration

3.some system tweaks

4.Instalation and configuration firewall tool (so you don’t need to be iptables ninja)

5.generate CA, certs and keys for server

Just now we prepeared system envirement to generate, sign and distribute our certs thanks to CA (Certificate Authority).

Lets finish the fun with certs:

Move created certs and keys created for server:

 

and check if openvpn still starts (if not be sure there is no typo in config file or you moved correct files to correct location):

 

6.Creating certs and keys for clients:

Attention: user/group setting is not compatible with Windows

Client config file is still missing the paths for cert/key combo 🙂 but we will overcome this with one of two ways:

 

7a. Unified config file (one file to rule them all)

7b. Maybe you dont want to include cert inside profile file then we need to add this and copy needed files:

 

Facebooktwittergoogle_plusreddit

Running a secure DDNS service with BIND

If you lack of static ip for your home machines but would like to have static address to access them there is a simple setup to make on your primary DNS server to achieve that.

On our client side let’s generate some keys:

This will results in creating Kkeyname.***.key and Kkeyname.***.private, we will need to copy key from *.private file which will look like this:

Now on server let us edit BIND configuration file (eg. named.conf or named.conf.local) and add:

From now on we can allow zone updates by editing zone declaration and adding allow-update:

Last thing that we need to do on server i restart BIND

 

On client side we would need to use something capable of updating dns records (eg. nsupdate)

 

Facebooktwittergoogle_plusreddit

Fixing BIND’s journal out of sync with zone error

When BIND stop to work and throw error like this:

The simplest and fastest fix is by removing that journal file for zone

and then restart bind

 

 

Facebooktwittergoogle_plusreddit

Turn off additional telemetry from Mozilla Firefox

For starters I wouldn’t co all the paranoic about Mozilla getting some telemetry as most of them are not about privacy. Some of you probably will want to disable those also this could help speed up Firefox a bit.

Get into internal settings by typing about:config in url bar and turn all of these to false by double clicking

I wouldn’t recommend you to do this on any non-stable channel release as those are heavy related with telemetry and making Firefox great.

Facebooktwittergoogle_plusreddit