Heipei

Today I man­aged to get vpnc run­ning on my WRT54GL Re­vi­sion 2, which is not a hard thing to do. The de­vice of course runs DD-WRT, but in order to use vpnc you have to flash it with a re­lease-can­di­date (rc-ver­sion) of the soft­ware, as the sta­ble re­lease does not in­clude it (sta­ble is v23 atm). So I used dd-wrt.v24_vp­n_­generic.bin to flash my de­vice and it worked like a charm. After that, head to this page for a way to get vpnc work­ing (with auto-re­con­nect as well). Un­for­tu­nately there is no GUI for the vpnc yet, but when the next sta­ble re­lease is made avail­able I’m sure there will be. And now the best part: When using vpnc I did a speed-test and it maxed out at 200kB/sec, which is pretty im­pres­sive and more than enough for most cases. Of course I won’t be using vpnc on this de­vice when I down­load stuff, since my DSL goes up to 600kB/sec, but for the oc­ca­sional brows­ing it is suf­fi­cient. And if you want to down­load some­thing, just start vpnc on your own ma­chine to by­pass the nat-stuff on the de­vice.

A few re­main­ing thoughts:

• I flashed v23 first, be­fore flash­ing it with the rc5-ver­sion
• The script linked above checks for a dead con­nec­tion by ping­ing a keepalive host. Un­for­tu­nately this is not an op­tion here, since there is a fall­back for when the vpn does not work…
• I haven’t tested the per­for­mance with any fancy ser­vices on the de­vice. It’s ba­si­cally still at fac­tory de­fault.
• Not sur­pris­ing: When using the de­vice via LAN rather than WPA2 wire­less, I man­aged to get some 30kB/sec more out of it.
• There is an op­tion to over­clock the CPU from 200Mhz to 250Mhz. Haven’t tried it, and not sure I if will nei­ther.
• The new firmware does have some other cool fea­tures as well ;)

To my few re­main­ing read­ers ;). I’ve changed my Word­Press-theme (I’m say­ing this for the peo­ple who solely use my RSS-feed ;) in a hope to bring some kind of move­ment into this weblog but so far it is not work­ing. I (again) hope to find some­thing in­ter­est­ing to re­port this year, but I am not hold­ing my breath. Have a good 2008!

Ok, I was ex­pect­ing a prob­lem when I re­cently hooked up a sec­ond dis­play to my ma­chine. I knew that ion3 had dropped xin­erama-sup­port, and that with­out xin­erama you’d get two seper­ate X-dis­plays which could even run dif­fer­ent win­dow-man­agers but not allow for mov­ing win­dows in-be­tween. What I had to­tally for­got­ten (haven’t used two dis­plays for a long time) was that there is Twin­View. With Twin­View the X-Server just sees one big screen (in my case 3200×1200) and so there are al­most no prob­lems. But wait, you might say, what about win­dows which stretch across the screen, doesn’t that look stu­pid. Sure, but I to­tally for­got that with ion3 you can just tile your work­space ver­ti­cally and it is tiled ex­actly in the mid­dle. Prob­lem solved! Ok, if you hit ‘f’ in mplayer it max­i­mizes to both screens (which in most cases is un­wanted), but if you have one work­space which just has a “fullscreen” frame on one dis­play you can just at­tach pro­grams like mplayer to those win­dows. In case you’re won­der­ing, here is how your xorg.​conf should look:

Section "Device"<br /> Identifier "geforce"<br /> Driver "nvidia"<br /> Option "DPMS"<br /> Option "NoLogo"<br /> Option "TwinView"<br /> Option "ConnectedMonitor" "DFP,DFP"<br /> Option "MetaModes" "1600x1200,1600x1200"<br /> Option "TwinViewOrientation" "RightOf"<br /> EndSection

Your mileage may vary. By the way: no­body re­ally needs this much screen space ;)

I had vpnc 0.4.0 run­ning until now (frankly be­cause it worked and 0.5.0 didn’t when I first in­stalled it via portage). Since I was on that shaky WiFi-con­nec­tion for the last se­mes­ter I was ac­cus­tomed to my con­nec­tion drop­ping quite often. Now that I am run­ning on DSL (which doesn’t even have a 24h-re­con­nect) the con­nec­tion shouldn’t drop at all. But it did a few times yes­ter­day (few being less than be­fore, but still not nec­es­sary) and thats be­cause i switched to vpnc 0.5.1 now (amd64 btw). So far it seems to be re­ally sta­ble, and should han­dle the rekey­ing well, I hope the con­nec­tion doesn’t drop _at all_ any­more.

Up­date

I just no­ticed that I was still using the “MoPS” IPSec-ID in my vpnc.​conf (and the stan­dard vpn-server) while there is a ded­i­cated server/id for uni-dsl users. Maybe this will help too. I’ll keep you posted.

Up­date 2

Well, there are still some dropped con­nec­tions from vpnc. But it is listed as a TODO on the vpnc web­site, so I guess this is not un­known. Using the Cisco VPN-Client on Mac OS X I didn’t en­counter a sin­gle re­con­nect yet.