• Cisco Switch / Router How To Restore Factory Default Settings


    1.) Make sure your conf register is 0x2102 Do show version and at the very end of the output you will see the Configuration register. show version Configuration register is 0x2102 If the config register is not 0x2102 then enter this command: r1#configure terminal r1(config)#config-register 0x2102 r1(config)#end 2.) Let's Erase the NVRAM/flash........
  • Docker Tutorial HowTo Install Docker, Use and Create Docker Container Images Clustering Swarm Mode Monitoring Service Hosting Provider


    The Best Docker Tutorial for Beginners We quickly explain the basic Docker concepts and show you how to do the most common tasks from starting your first container, to making custom images, a Docker Swarm Cluster Tutorial, docker compose and Docker buildfiles.........
  • How To Create OpenVPN Server for Secure Remote Corporate Access in Linux Debian/Mint/Ubuntu with client public key authentication


    Why choose OpenVPN instead of a firewall appliance? OpenVPN can be a reliable and easy replacement for traditional hardware or just be an additional tool that your company uses so that the firewall can focus on its job rather than acting as a VPNappliance at the same time. When comparing OpenVPN with traditional firewal........
  • SSH cannot connect to old servers/devices/switches/routers/Cisco/Juniper Unable to negotiate with 192.168.20.2 port 22: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hell


    A lot of older devices either support telnet or very old SSH keyx algorithms which are insecure and disabled by all newer/modern SSH clients for security reasons. However, sometimes you may be on a LAN via VPNor some other secured network or for whatever reason, absolutely, need to connect to this device and sometimes old/embedded devices may not be possible to update to a newer SSH server. If you run into this you may be using a modern/newer SSH client and get thi........
  • WebRTC Vulnerability Shows Local IP Address Even When Using a Proxy or VPN Firefox Fix And Disable Solution


    If you visit a site that exploits the WebRTC vulnerability including whatismyipaddress.com it may show "Local IP Address" which would be the real IP of your machine. The vulnerability works on Windows and Linux machines (contrary to false information on the web which claims it only affects Windows). The above works and happens even if you are using a proxy or VPNaccount like ProVPNAccounts.com It is easy........
  • ssh reverse proxy to enable remote access behind a LAN and firewall


    So say you are behind a typical NAT/LAN setup whether at home, work or while travelling. What if you have a computer or server that you need to connect to from the outside? Yes you could use a VPN but a quick and dirty, temporary and secure way is to use SSH's Reverse Tunneling Proxy feature. Requirements On the remote ssh server host you need the GatewayPorts option enabled in sshd_config (be........
  • OpenVPN auth-user-pass-verify ENV script error


    Starting with newer versions of OpenVPN Ibelieve 2.2+ you need to have "script-security 3" set or you can't execute a third party script. Prior to that you could also use the auth-user-pass-verify like this: auth-user-pass-verify ./validate.pl "$username $password $ip" via-env Options error: the --auth-user-pass-verify directive should have at most 2 parameters. To pass a list of arguments as one of the paramete........
  • OpenVPN error ERROR: Cannot ioctl TUNSETIFF tun: Operation not permitted (errno=1)


    This basically means that you are running as non-root and you need to be root to create the tun0 or tap0 device on OpenVPN. You could try sudo or adding the openvpn binary to the list of sudoers.........
  • OpenVPN cannot ping remote IP routing loop issue after connecting


    Sometimes if you have a very basic configuration OpenVPN on the client side for some reason sends all traffic to the OpenVPN server IP through the tun0 which is of course impossible and creates a block or routing loop. This is because you need to use your normal ISP/LANgateway to hit the OpenVPN server if it is remote/offsite as is usually the case. So if you are connected to the OpenVPN through say a tun0 device and your routing is set to connect to the OpenVPN&nbs........
  • FreeBSD/OpenBSD OpenVPN Client error "Cannot allocate TUN/TAP dev dynamically"


    I have never had this error on Linux and this is running FreeBSD as root: Wed Aug 9 04:29:34 2017 us=329050 Cannot allocate TUN/TAP dev dynamically Wed Aug 9 04:29:34 2017 us=329832 Exiting due to fatal error The Solution you need a kernel module that is for some reason not automatically loaded like Linux: kldload if_tap........
  • l2tp ipsec VPN Error Sep 12 18:16:25 vps pluto[7299]: ERROR: asynchronous network error report on eth0 (sport=500) for message to 192.5.6.2 port 20640, complainant 192.5.6.2: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated


    Sep 12 18:16:25 vps pluto[7299]: ERROR: asynchronous network error report on eth0 (sport=500) for message to 192.5.6.2 port 20640, complainant 192.5.6.2: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Some say changing the "leftprotoport=17/%any" will fix this but I have not found this to be the case. Essentially it means at least one end is blocking the ipsec packets. Sometimes the %any allows an alt........
  • Cannot allocate TUN/TAP dev dynamically - FreeBSD/OpenBSD OpenVPN Client error Solution


    I have never had this error on Linux and this is running FreeBSD as root: Wed Aug 9 04:29:34 2017 us=329050 Cannot allocate TUN/TAP dev dynamically Wed Aug 9 04:29:34 2017 us=329832 Exiting due to fatal error The Solution You need a kernel module that is for some reason not automatically loaded like Linux: kldload if_tap........
  • openvpn 2.3.10-1.el6 issues auth-env does not work correctly for auth-user-pass-verify


    openvpn 2.3.10-1.el6 issues in the .conf auth-user-pass-verify "passwordcheck $username $password $untrusted_ip" via-env auth-env does not work correctly in OpenVPN 2.3: Sat Apr 23 02:30:22 2016 - $username - $untrusted_ip - login failure But OpenVPN 2.2 does work as expected. It could be that the specified script automatically receive........
  • Debian Linux Ubuntu Mint connect to pptp from terminal bash shell


    apt-get install pptp-linux echo "yourvpnusername * yourpasspass *" >> /etc/ppp/chap-secrets vi /etc/ppp/peers/provpnaccounts.com enter (ignore the lines): ============ pty "pptp server.provpnaccounts.com --nolaunchpppd" name testuser #remotename PPTP require-mppe-128 file /etc/ppp/options.pptp ==========........
  • Linux Debian/Ubuntu/Centos How To Force Internet Traffic Through PPTP L2TP OpenVPN Account Only


    The following assumes the computer is local/physical to you and/or it always has a LANIP so it can be accessed on site without having a default gateway. The key to this is not to set a default gateway for your computer or you can set a script on boot or other time to delete the gateway (where eth0 is the NIC you are using): route del default eth0 50.80.20.2 is the VPN server you connect to 192.168.1.1 is your........
  • Centos/obfsproxy errors


    I never did get it working, it is too bad as obfsproxy should really be an option and integrated into the OpenVPN client and server or something similar: yum -y install python-pip python-devel No package python-pip available. #install the EPEL repo python-pip install obfsproxy python-pip install obfsproxy -bash: python-pip: command not found pip install obfsproxy &........
  • VPN Account Buyers Guide and General Info


    What matters most about VPNproviders in 2024? We are highly suspicious of VERYLARGE VPN providers that have LOW PRICES and HUGE DISCOUNTS. The suspicion is that for those who know what costs are involved to purchase thousands of IPs and servers are not small. At the prices that many of the big mainstream providers offer, it is likely unprofitable or barely profitable. Then, how are those companies making money or is that even the goal? There use........
  • yum Centos 386 and 64 bit conflict resolution


    This can happen when you install RPMForge or other repos with the wrong architecture and here's how you fix it (simply uninstalling won't usually fix it): solution yum clean all yum -y install openvpn Loaded plugins: fastestmirror, presto Loading mirror speeds from cached hostfile * base: mirror.its.sfu.ca * extras: centos.mirror.nexicom.net * rpmforge: mirror.cpsc.ucalgary.ca * up........
  • nf_conntrack: table full, dropping packet solution


    nf_conntrack: table full, dropping packet The above in some cases I've seen is a sign of a DOS attack or can occur if users are using services like torrenting, proxy, VPNetc... Do not take it lightly as the above can knock a server offline if the table becomes full and I've also seen full crashes and kernel panics shortly after. ........
  • iptables redirect ports to a different host and port + NAT Masquerade howto/solution


    This is important if you need public access to internal IPs such as at your office and don't want to use a VPN just to SSHinto different servers: Below forwards the port "10001" to the IP192.200.5.53 on port 22 (of course adjust it to your needs). iptables -t nat -A PREROUTING -p tcp --dport 10001 -j DNAT --to-destination 192.200.5.53:22 Remember to enable MASQUERADE on your NAT IPs or they won't be able to talk to the outside world (........
  • "Cannot load certificate file keys/server.crt: error:0906D06C:PEM" OpenVPN Solution


    Cannot load certificate file keys/server.crt: error:0906D06C:PEM The .crt is blank empty because when generating it I kept hitting enter for the defaults and this caused the crt not to be signed. Certificate is to be certified until Dec 18 00:35:49 2022 GMT (3650 days) Sign the certificate? [y/n]:y 1 out of 1 certificate requests certified, commit? [y/n]y So if you get messages like these, a........
  • OpenVPN don't use bridgestart.sh or bridge at all use iptables


    I used the suggested script to bridge from OpenVPN and it took my client's server off-line! Don't ever use their "sample" scripts if you don't have another way of accessing the server than SSH. I actually found it easier to use iptables to tell it to route IPs based on a certain subnet to route through eth0: iptables -t nat -A POSTROUTING -s 192.168.200.0/24 -o eth0 -j MASQUERADE Replace "192.168.200.0/24" with your subnet of cour........
  • Openvz Enable TUN/TAP OpenVPN


    Make sure the module "tun" is loaded on the host. vzctl set 2000 --devnodes net/tun:rw --save *Note what's below is what OpenVZ says you need (but I've never had to do it) vzctl exec 2000 mkdir -p /dev/net vzctl exec 2000 mknod /dev/net/tun c 10 200 vzctl exec 2000 chmod 600 /dev/net/tun On the container test the device: when Something is wrong:........
  • updatedb/mdadm caused a kernel panic?


    Jan 16 04:02:03 centosbox syslogd 1.4.1: restart. Jan 16 04:07:34 centosbox kernel: INFO: task updatedb:20771 blocked for more than 300 seconds. Jan 16 04:07:34 centosbox kernel: "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. Jan 16 04:07:34 centosbox kernel: updatedb D F78BE050 6476 20771 20766&n........
  • Latest Articles

  • How To Stop DNSMasq from listening on all IPs/Interfaces and allow only localhost
  • du - VAS Billing Subscriptions Hack/Scam MLPremiumSub Invascom Astromart Issues Complaint
  • Docker Swarm vs Kubernetes Comparison Guide
  • When is it time to leave your VPS/VDS Cloud Hosting Provider?
  • 2024 Buyer's Guide: How to Choose and Buy the Best VPS/VDS for Your Needs - Tips and Strategies
  • Postfix / sendmail config for DKIM, SPF and DMARC Tutorial Guide E-mail Delivery for Hotmail.com Gmail.com and More HowTo
  • Install Grafana on Linux Debian Ubuntu Tutorial Guide
  • How To Completely Disable ufw in Linux Ubuntu Mint Debian
  • System has not been booted with systemd as init system (PID 1). Can't operate. Failed to talk to init daemon. Ubuntu Debian Linux Solution Cannot reboot
  • Mint Ubuntu Linux Gnome Showing Home Directory on Desktop instead of Desktop Directory
  • vi vim not doing code highlighting E319: Sorry, the command is not available in this version solution
  • Proxmox How To Rename Node Hostname Fix Solution
  • Linux how to get list of all timezones on system Ubuntu
  • Proxmox install issue cannot see the buttons or install wrong / bad resolution cannot see the entire screen problem solution
  • configure.ac:75: error: possibly undefined macro: AC_PROG_LIBTOOL If this token and others are legitimate, please use m4_pattern_allow. See the Autoconf documentation. solution
  • Can't exec "aclocal": No such file or directory at /usr/share/autoconf/Autom4te/FileUtils.pm line 326. autoreconf: failed to run aclocal: No such file or directory solution
  • /bin/sh: autoreconf: command not found solution
  • glib-2.0 required to compile QEMU solution
  • How To Upgrade Debian 8,9,10 to Debian 12 Bookworm
  • Linux dhcp dhclient Mint Redhat Ubuntu Debian How To Use Local Domain DNS Server Instead of ISPs