greyman

Forum Replies Created

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • in reply to: Possible Bug: Timezone setting not being saved #45080

    greyman
    Member

    Just checked to see what was written to the filesystem on mine and at the moment it has the correct one. Where would I look to see what is written to the CF that would survive a shutdown or reboot when it comes back up.

    TIA

    in reply to: VPN with both lan to lan and lan to Host. #44960

    greyman
    Member

    What ports are needed to be opened to allow host-to-lan VPN connections. Also since I have ppp0 bound to ETH00 for PPPoE what interface should my rules be set for. (ppp0 or ETH00).

    TIA

    in reply to: Certificate passwords #45032

    greyman
    Member

    I think I might have found us OSX users a short work around from here:

    http://www.jacco2.dds.nl/networking/freeswan-panther.html

    Below is a cut and paste from section 8.4.1 of the page.

    8.4.1 Alternative method of importing the machine certificate

    If you are a die-hard command line fan you can use the utility ‘certtool’ that is included with Mac OS X. It works for me but I did not look into this much because the command line scares off most users. Anyway, here are the commands for importing a file in PKCS#12 format. This example assume the file is called ‘yourcrt.p12’.


    openssl pkcs12 -in yourcrt.p12 -cacerts -out ca.pem -nokeys
    openssl pkcs12 -in yourcrt.p12 -clcerts -out client.pem -nokeys
    openssl pkcs12 -in yourcrt.p12 -nocerts -out key.pem -nodes
    cp /System/Library/Keychains/X509Anchors $HOME/Library/Keychains/X509Anchors.bkp
    cp /Library/Keychains/System.keychain $HOME/Library/Keychains/System.keychain.bkp
    certtool i ca.pem k=X509anchors.bkp v
    certtool i client.pem r=key.pem f=1 k=System.keychain.bkp v
    sudo cp $HOME/Library/Keychains/X509Anchors.bkp /System/Library/Keychains/X509Anchors
    sudo cp $HOME/Library/Keychains/System.keychain.bkp /Library/Keychains/System.keychain
    rm -fr ca.pem client.pem key.pem

    You will be asked three times for the certificate password. After that, you will be asked for the Keychain Access password and then for your login password.

    A word of advice: copy, paste and execute these lines one by one in a Terminal window. Typing them is error prone.

    In doing the steps above it allowed me toimport a user certificate and a host certificate to allow me to configure L2TP from internet conect using only certs.

    in reply to: New to Zeroshell #45066

    greyman
    Member

    Thank you.

    I just found out that my DNS is exposed to the internet and the internet is allow o query my DNS server.

    Can someone provide me with a quick write-up to put rules that would block all inbound from the internet but would allow all outbound from my Networks that I have on ETH01 and ETH02.

    TIA

Viewing 4 posts - 1 through 4 (of 4 total)