Heipei

Today I managed to get vpnc running on my WRT54GL Revision 2, which is not a hard thing to do. The device of course runs DD-WRT, but in order to use vpnc you have to flash it with a release-candidate (rc-version) of the software, as the stable release does not include it (stable is v23 atm). So I used dd-wrt.v24_vpn_generic.bin to flash my device and it worked like a charm. After that, head to this page for a way to get vpnc working (with auto-reconnect as well). Unfortunately there is no GUI for the vpnc yet, but when the next stable release is made available I’m sure there will be. And now the best part: When using vpnc I did a speed-test and it maxed out at 200kB/sec, which is pretty impressive and more than enough for most cases. Of course I won’t be using vpnc on this device when I download stuff, since my DSL goes up to 600kB/sec, but for the occasional browsing it is sufficient. And if you want to download something, just start vpnc on your own machine to bypass the nat-stuff on the device.

A few remaining thoughts:

• I flashed v23 first, before flashing it with the rc5-version
• The script linked above checks for a dead connection by pinging a keepalive host. Unfortunately this is not an option here, since there is a fallback for when the vpn does not work…
• I haven’t tested the performance with any fancy services on the device. It’s basically still at factory default.
• Not surprising: When using the device via LAN rather than WPA2 wireless, I managed to get some 30kB/sec more out of it.
• There is an option to overclock the CPU from 200Mhz to 250Mhz. Haven’t tried it, and not sure I if will neither.
• The new firmware does have some other cool features as well ;)

To my few remaining readers ;). I’ve changed my WordPress-theme (I’m saying this for the people who solely use my RSS-feed ;) in a hope to bring some kind of movement into this weblog but so far it is not working. I (again) hope to find something interesting to report this year, but I am not holding my breath. Have a good 2008!

Ok, I was expecting a problem when I recently hooked up a second display to my machine. I knew that ion3 had dropped xinerama-support, and that without xinerama you’d get two seperate X-displays which could even run different window-managers but not allow for moving windows in-between. What I had totally forgotten (haven’t used two displays for a long time) was that there is TwinView. With TwinView the X-Server just sees one big screen (in my case 3200×1200) and so there are almost no problems. But wait, you might say, what about windows which stretch across the screen, doesn’t that look stupid. Sure, but I totally forgot that with ion3 you can just tile your workspace vertically and it is tiled exactly in the middle. Problem solved! Ok, if you hit ‘f’ in mplayer it maximizes to both screens (which in most cases is unwanted), but if you have one workspace which just has a “fullscreen” frame on one display you can just attach programs like mplayer to those windows. In case you’re wondering, here is how your xorg.conf should look:

Section "Device"<br /> Identifier "geforce"<br /> Driver "nvidia"<br /> Option "DPMS"<br /> Option "NoLogo"<br /> Option "TwinView"<br /> Option "ConnectedMonitor" "DFP,DFP"<br /> Option "MetaModes" "1600x1200,1600x1200"<br /> Option "TwinViewOrientation" "RightOf"<br /> EndSection

Your mileage may vary. By the way: nobody really needs this much screen space ;)

I had vpnc 0.4.0 running until now (frankly because it worked and 0.5.0 didn’t when I first installed it via portage). Since I was on that shaky WiFi-connection for the last semester I was accustomed to my connection dropping quite often. Now that I am running on DSL (which doesn’t even have a 24h-reconnect) the connection shouldn’t drop at all. But it did a few times yesterday (few being less than before, but still not necessary) and thats because i switched to vpnc 0.5.1 now (amd64 btw). So far it seems to be really stable, and should handle the rekeying well, I hope the connection doesn’t drop _at all_ anymore.

Update

I just noticed that I was still using the “MoPS” IPSec-ID in my vpnc.conf (and the standard vpn-server) while there is a dedicated server/id for uni-dsl users. Maybe this will help too. I’ll keep you posted.

Update 2

Well, there are still some dropped connections from vpnc. But it is listed as a TODO on the vpnc website, so I guess this is not unknown. Using the Cisco VPN-Client on Mac OS X I didn’t encounter a single reconnect yet.