VPN Server Operation

TerryJC · Post by **TerryJC** » 23/07/2020, 15:56

There are still some issues with this installation, (see viewtopic.php?p=3713#p3713 and onwards, but it is now fundamentally working.

So notwithstanding the issues, the system is usable providing that you make some changes to your computer's MTU value (Maximum Transfer Unit). The default is 1500, but there is a means of reducing this to overcome the freezing reported at the link above. Hamish has changed the MTU at the server end, but every client device needs to have its MTU changed to suit. To do this in Linux type:

sudo ifconfig <devicename> mtu 576

where <devicename> is the identity of your network adaptor, eg eth0, eno1, etc. To revert to normal, use the same command with 1500 as the value.

If anyone knows how to do this in iOS (or even if it's necessary, please post below and I'll update these notes.

You will need a Client Cert Pack, see viewtopic.php?f=38&t=241. There is a link there on how to install and use it on Linux and iOS.

At viewtopic.php?f=38&t=238 there is a discussion about Apps and Tools that might be useful. If you know of others, please add them here.

If the issues driving the MTU fix improve I will post the changes here.

hamishmb · Post by **hamishmb** » 24/03/2021, 11:23

Attached are a couple of convenience scripts I wrote for myself so I didn't have to remember all these commands.

Please note that:

- These were made for Linux Mint 20.1 (Ubuntu 20.04 LTS) and were not tested on anything else.
- You still need your cert pack.
- The interface names inside will need to be changed to match yours. I set the MTU on my ethernet and wifi adaptors because sometimes I use both and didn't want to mess around with it when I inevitably forgot

hamishmb · Post by **hamishmb** » 16/11/2021, 15:43

We seem to be experiencing stability issues with the internet connection at WMT - downloading packages for updates often needs to be retried several times. I'm not sure what the cause of this might be, as my connection over the VPN seems stable.

NB: Please don't log in right now as I'm midway through updating the pis and I don't want that to get disrupted. It might also be worth figuring out why only one of us can connect at once too, at some point.

TerryJC · Post by **TerryJC** » 16/11/2021, 16:00

hamishmb wrote: ↑16/11/2021, 15:43We seem to be experiencing stability issues with the internet connection at WMT - downloading packages for updates often needs to be retried several times. I'm not sure what the cause of this might be, as my connection over the VPN seems stable.

All of the software has to go through the server, since that is set as the default router. I think we might need to change the Pi being used there for a more modern device. As I recall this is a Pi 1!

hamishmb wrote: ↑16/11/2021, 15:43NB: Please don't log in right now as I'm midway through updating the pis and I don't want that to get disrupted. It might also be worth figuring out why only one of us can connect at once too, at some point.

As far as I know there should be no reason for this other than the lack of memory / CPU capacity in the Pi.

hamishmb · Post by **hamishmb** » 16/11/2021, 17:18

Fair point. I just checked the routing tables and can confirm this is the case.

Also of note is that the VPN server is mistakenly listed as a Pi 3 in the WMT Network Design spec. I imagine a Pi 2 or something older like that would do the trick.

TerryJC · Post by **TerryJC** » 16/11/2021, 17:28

hamishmb wrote: ↑16/11/2021, 17:18Also of note is that the VPN server is mistakenly listed as a Pi 3 in the WMT Network Design spec.

That's because that's what I thought it was when I wrote that document.

hamishmb wrote: ↑16/11/2021, 17:18I imagine a Pi 2 or something older like that would do the trick.

I don't think it's possible to buy a Pi 2 these days (maybe used on eBay). Currently a Pi 3 is about £33.

Penri · Post by **Penri** » 16/11/2021, 17:46

Hello

If the current Pi is running out of steam I'm happy to authorise the purchase of a new one, suggest you specify whatever is suitable plus headroom for future expansion (whatever that might be), ie don't get the minimum needed.

Penri

TerryJC · Post by **TerryJC** » 16/11/2021, 17:56

Penri,

The minimum needed is a Pi 2 as suggested by Hamish, but I'd rather not buy second hand. A Pi 3 will suffice for some years to come, but the current top of the range is the Pi 4. which comes out in at price points of around £41, £54 and £74 depending on the RAM size (2 GB, 4 GB and 8 GB). If we did go for the Pi 4, the 2 GB of RAM should be pretty adequate and only costs about £8 more than the Pi 3. There would be P/P too of course.

Hamish, what do you think?

TerryJC · Post by **TerryJC** » 16/11/2021, 18:03

Almost forgot. If we go for the Pi 4, we might also need a heat sink kit (about £2).

Penri · Post by **Penri** » 16/11/2021, 18:26

None of the prices mentioned cause me an issue, it would help if we could claim the cost plus other expenses before the month end.

Wimborne Model Town Projects Forum

VPN Server Operation

VPN Server Operation

Re: VPN Server Operation

Re: VPN Server Operation

Re: VPN Server Operation

Re: VPN Server Operation

Re: VPN Server Operation

Re: VPN Server Operation

Re: VPN Server Operation

Re: VPN Server Operation

Re: VPN Server Operation