meh.

It had been a while since I had messed with wireless. But since I just brought a fancy new antenna, it was time to investigate some exciting new stuff. Well, as with most things I find exciting they usually end up costing me heaps of time .

Once I had setup the new antenna I wanted to have a look at the performance difference, which is a bit flaky from the network manager. But I noticed as I started messing with some commands something happened which was unexpected. I started getting the dreaded “wireless dropout” that occurs infrequently at about 20 second intervals just to piss me off. I tried to retrace my steps to find out what I had changed and ended up spending a whole day looking for the solution. It turns out that with the “cool” new commands that I had learned to do things like:

• restart the network interfaces
• lift the interfaces up and down
• list other networks in my area and
• finally, one to show the status of my own network

Even though it was nice to be able to type a few words and have the interfaces restart afresh I was leaning toward this being the problem. Then, I remembered that orignally when I was having these sorts of problems in the begining, I downloaded an app called Wicd! This was the solution for my problems orignally and funnily enough did the same again .

Well, there were some good things to come from this “journey”?? Not sure what they were, but here is a list of the commands that I found and are pretty handy! Also, remember Wicd might also be a simple solution for you?

Show status of “my” wireless interface: ‘iwconfig ath0‘

xxxxxxxx@HAL:~$ iwconfig ath0
ath0    IEEE 802.11g  ESSID:"xxxxx"  Nickname:""
          Mode:Managed  Frequency:2.442 GHz  Access Point: 00:xx:xx:xx:xx:8B
          Bit Rate:36 Mb/s   Tx-Power:18 dBm   Sensitivity=1/1
          Retry:off   RTS thr:off   Fragment thr:off
          Power Management:off
          Link Quality=58/70  Signal level=-36 dBm  Noise level=-94 dBm
          Rx invalid nwid:52311  Rx invalid crypt:0  Rx invalid frag:0
          Tx excessive retries:0  Invalid misc:0   Missed beacon:0

Show list of all wireless broadcasts within range: ‘iwlist ath0 scan‘

xxxxxxxx@HAL:~$ iwlist ath0 scan
ath0      Scan completed :
          Cell 01 - Address: 00:xx:xx:xx:xx:8B
                    ESSID:"xxxxx"
                    Mode:Master
                    Frequency:2.442 GHz (Channel 7)
                    Quality=59/70  Signal level=-36 dBm  Noise level=-95 dBm
                    Encryption key:on
                    Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s; 6 Mb/s
                              9 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s; 36 Mb/s
                              48 Mb/s; 54 Mb/s
                    Extra:bcn_int=100
                    IE: IEEE 802.11i/Encryption here 
                        Group Cipher : TKIP
                        Pairwise Ciphers (1) : TKIP
                        Authentication Suites (1) : PSK
          Cell 02 - Address: 00:xx:xx:xx:xx:78
                    ESSID:"xxxxx"
                    Mode:Master
                    Frequency:2.442 GHz (Channel 7)
                    Quality=28/70  Signal level=-67 dBm  Noise level=-95 dBm
                    Encryption key:on
                    Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s; 6 Mb/s
                              9 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s; 36 Mb/s
                              48 Mb/s; 54 Mb/s
                    Extra:bcn_int=100
                    IE: IEEE 802.11i/Encryption here 
                        Group Cipher : TKIP
                        Pairwise Ciphers (1) : TKIP
                        Authentication Suites (1) : PSK

Restart all network interfaces

xxxxxxxx@HAL:~$ sudo /etc/init.d/networking restart

A client I have been working on recently asked me to setup a Vpn for them to work remotely and still maintain security. Now I knew the definition of Vpn connections but had never needed to implement one. What I did know was that there are two main configurations: Microsofts PPTP and IpSec but that was about as far as it went . So I did some reading and it turns out that the fastest and most used is PPTP for remote connections. However, IpSec seems to be the obvious choice for bridging locations such as office_1 to office_2. The security features of PPTP are not that strong, due to the high level of abstraction before the encryption takes place. IpSec is a much lower and “raw” layer which has much stronger security features, but suffers on speed because of this.

In this case I will be only using remote connections, so PPTP “seems” the way to go?? Anyway, it seemed a sinch to setup the user connections on the “Billion 7404 Vgp(M)” having only to select username, pass and some default configuration settings like: Encryption type; session mode and timeout. At this stage I was thinking how easy . To my suprise it was not this easy!

In this case I was not connecting to the vpn using Win pc’s but Mac’s instead. Mac’s have a built in Vpn client that supports PPTP and IpSec connections under “Internet Connections”. This made it a lot easier since I did not have to install a client. So I opened the vpn client and tried to connect to the network and found that it would not connect?? This is due to a bug in the mac vpn client which does not support “statefull” connections (radar.apple.com Bug ID# 4581573).

So with this new info i went back to the configuration settings for the vpn and made sure the settings were :

• Encryption Enabled
• Force 128bit
• Force Stateless

When I tried the connection again all was good and I was connected. However, there still remains some strange behavior. Once connected I cannot access the internet using the Vpn and I also cannot connect to the servers using names, but only IP’s. This is not a show stopper but it is a little annoying as the clients will only be able to do work without accessing the internet. To me this looks like a simple dns problem but I have no idea how to correct it. I have submitted a post to the billion forum and hope they will resolve the problem for me, but I will keep playing in the meantime to see what is going on.

I am also wondering if this is the same problem that I am having with my linux box? I can make the connection to the vpn network and ping/connect to the server, but I have no access to anything else on the network. I cannot ping any machines and connect to the smb shares. So basically I can do nothing when connected unless i use a mac. I have not had a chance to try a pc but will see if i can have a go next week to see what happens?

So my current status is: I got the vpn setup relativly easy and can connect using my mac but not my linux box; when connected I can access the shares using the mac but cannot access the internet and the linux box cannot do anything. So, hopefully billion lends a hand and tells me what I need to do to get this working sweet?