Difference between revisions of "PPTP Guide"
| (6 intermediate revisions by the same user not shown) | |||
| Line 7: | Line 7: | ||
| === Prerequisites === | === Prerequisites === | ||
| − | * A PPTP VPN account - I suggest StrongVPN[http://strongvpn.com/packages_special.shtml] for the WDTV because that is how b-rad made the  | + | * A PPTP VPN account - I suggest StrongVPN[http://strongvpn.com/packages_special.shtml] for the WDTV because that is how b-rad made the app. | 
| * pptp.app.bin[http://wdlxtv.com/download/pptp-0.3.app.bin.zip] | * pptp.app.bin[http://wdlxtv.com/download/pptp-0.3.app.bin.zip] | ||
| * Thumbdrive | * Thumbdrive | ||
| Line 13: | Line 13: | ||
| === Installation/Setup === | === Installation/Setup === | ||
| − | # Copy the pptp.app.bin to your USB drive and reboot. When the WDTV comes back up log into the WebEnd and click on WDLXTV Config. Open the Apps tab and you should  | + | # Copy the pptp.app.bin to your USB drive and reboot. When the WDTV comes back up log into the WebEnd and click on '''WDLXTV Config'''. Open the '''Apps''' tab and you should see the pptp configuration section. | 
| # Open a new window and go to StrongVPN's FAQ[http://strongvpn.com/vpnreasons.shtml]. Scroll halfway down until you find their DNS addresses. Copy the first one and put it in the PPTP VPN DNS field of the pptp config. | # Open a new window and go to StrongVPN's FAQ[http://strongvpn.com/vpnreasons.shtml]. Scroll halfway down until you find their DNS addresses. Copy the first one and put it in the PPTP VPN DNS field of the pptp config. | ||
| − | # Navigate to your StrongVPN account settings. To find this, log in to StrongVPN and click on VPN Accounts Summary and then click on View Greeting. | + | # Navigate to your StrongVPN account settings. To find this, log in to StrongVPN and click on '''VPN Accounts Summary''' and then click on '''View Greeting'''. | 
| − | # In the pptp settings enter the password in the PPTP VPN Password field, username in the PPTP VPN Username field, and Server IP (not Server Address) in the PPTP VPN  | + | # In the pptp settings enter the password in the '''PPTP VPN Password''' field, username in the '''PPTP VPN Username field''', and Server IP (not Server Address) in the '''PPTP VPN Adress''' field. | 
| # Click Save. | # Click Save. | ||
| Line 27: | Line 27: | ||
| When you are using the PPTP VPN, by default all traffic is routed through the VPN. Yes, you can watch Netflix, but your bittorrent traffic will also go through the VPN. | When you are using the PPTP VPN, by default all traffic is routed through the VPN. Yes, you can watch Netflix, but your bittorrent traffic will also go through the VPN. | ||
| − | The data going across a PPTP VPN is encrypted when setup correctly, the initial handshake with the username/password is sent in  | + | The data going across a PPTP VPN is encrypted when setup correctly; however, the initial handshake with the username/password is sent in clear text. If somebody is able to sniff this then they can easily get your information. | 
| I had a problem with the WDLXTV Live+ 1.05.04 0.5.1.1. I kept getting the following error when trying to start the VPN: | I had a problem with the WDLXTV Live+ 1.05.04 0.5.1.1. I kept getting the following error when trying to start the VPN: | ||
| Line 45: | Line 45: | ||
| Before turning on the VPN, run the following command in a command shell: | Before turning on the VPN, run the following command in a command shell: | ||
| − |      wget -O - http://automation.whatismyip.com/n09230945.asp 2>/dev/null | + |      wget -O - <nowiki>http://automation.whatismyip.com/n09230945.asp</nowiki> 2>/dev/null | 
| Enable the VPN and run the command again. Double check that the IP isn't the same as your external IP from a computer that is not using the VPN. | Enable the VPN and run the command again. Double check that the IP isn't the same as your external IP from a computer that is not using the VPN. | ||
| Line 66: | Line 66: | ||
| # Make a backup of the original config file by using '''# mv /apps/openvpn/etc/openvpn.conf /apps/openvpn/etc/openvpn.conf.bak''' | # Make a backup of the original config file by using '''# mv /apps/openvpn/etc/openvpn.conf /apps/openvpn/etc/openvpn.conf.bak''' | ||
| # Copy your certs and any configuration files to '''/apps/openvpn/etc/'''. For StrongVPN I had to rename my ovpn file to openvpn.conf. | # Copy your certs and any configuration files to '''/apps/openvpn/etc/'''. For StrongVPN I had to rename my ovpn file to openvpn.conf. | ||
| + | # Edit your conf file to reflect your VPN settings. Make sure you correctly point to your certificates. | ||
| + | |||
| + | === Using the VPN === | ||
| + | |||
| + | To connect to the VPN type '''/apps/openvpn/etc/init.d/S90openvpn/openvpn start''' | ||
| + | |||
| + | === Verifying the VPN is working. === | ||
| + | |||
| + | Before turning on the VPN, run the following command in a command shell: | ||
| + | |||
| + |     wget -O - <nowiki>http://automation.whatismyip.com/n09230945.asp</nowiki> 2>/dev/null | ||
| + | |||
| + | Enable the VPN and run the command again. Double check that the IP isn't the same as your external IP from a computer that is not using the VPN. | ||
| + | |||
| + | |||
| + | |||
| + | == Using a DNS Proxy == | ||
| + | |||
| + | === What is a DNS Proxy? === | ||
| + | |||
| + | The easiest alternative to a VPN is a DNS proxy. I suggest using Unblock-US[http://www.unblock-us.com/]. They have a free 1 week trial and seem to work well. After the 1 week it is $5/mo. | ||
| + | |||
| + | Here is a quick overview of how it works[http://www.quora.com/How-does-unblock-us-com-work] | ||
| + | |||
| + | === Installation/Setup === | ||
| + | |||
| + | # Sign up for a free account at http://www.unblock-us.com. You will need to enter your email address. (This service is only free for 1 week.) | ||
| + | # On WDTV, go to '''Settings > Network settings > Network Setup''' and select '''Automatic'''. | ||
| + | # Wait until the WDTV obtains IP address and other settings from the router (if it can't then find connection problem and try again) | ||
| + | # Open again '''Settings > Network settings > Network Setup''' and select '''Manual''' | ||
| + | # Scroll down to '''DNS''' at the bottom and press '''Enter''' | ||
| + | # Set following numbers in DNS field: '''208.122.23.22''' | ||
| + | # Press '''Submit > Finish > OK''' | ||
| + | # Turn off device with power button on the remote | ||
| + | # Wait ten seconds | ||
| + | # Turn it back on | ||
| + | # In a terminal (SSH or telnet) type '''lynx <nowiki>http://check.unblock-us.com/</nowiki>''' | ||
| + | # Enter your email address and press '''Continue'''. Press '''A''' to always accept the cookie. | ||
| + | |||
| + | === Automate it === | ||
| + | |||
| + | Periodically you will have to go to <nowiki>http://check.unblock-us.com/</nowiki> to update your IP. You can do this automatically with the magic of lynx. | ||
| + | |||
| + | # Record the update process. lynx -cmd_log <path to save the script> http://www.unblock-us.com/get-email | ||
| + | # The page will load. Enter your email and press continue. | ||
| + | # Accept the cookie if it prompts you. | ||
| + | # When you see the page saying your account is active, press '''Q''' to quit. | ||
| + | # In your startup scripts (/conf/S99user-script) add the following line: lynx -cmd_script <path to the script> http://www.unblock-us.com/get-email | ||
| + | |||
| + | Now every time you power up your WDTV it will automatically update your IP address with unblock-us. You can also add this to a cron if you want. | ||
| + | |||
| + | === Things to Note === | ||
| + | |||
| + | Unblock-US will only act as a proxy for US only sites. Here is a full list of the sites they act as a proxy for[http://portal.unblock-us.com/knowledgebase/73/Supported-and-Unsupported-Sites.html]. All other traffic will be routed normally through your ISP. This means all bittorrent traffic will route through your ISP as well. | ||
| + | |||
| + | Your cookie may expire. Simply open a terminal and go to <nowiki>http://check.unblock-us.com</nowiki> again. | ||
| + | |||
| + | == What's Left? == | ||
| + | |||
| + | I am trying to figure out how to route only Netflix through ppp0 and all other traffic (bittorrent) through eth0. If somebody can figure out how to do this with routes, please update this page. | ||
Latest revision as of 21:15, 17 December 2011
Contents
Why use a VPN?
A VPN encrypts the traffic going across the network. The prevents prying eyes from seeing your details. Another great feature is that your external IP will appear to be in the country of the VPN. For example, if you live in Paris and have a VPN back to San Diego, CA, you're IP will be a stateside IP. This allows you to watch content that is normally blocked outside the United States, like Netflix.
How to Setup a PPTP VPN connection
Prerequisites
- A PPTP VPN account - I suggest StrongVPN[1] for the WDTV because that is how b-rad made the app.
- pptp.app.bin[2]
- Thumbdrive
Installation/Setup
- Copy the pptp.app.bin to your USB drive and reboot. When the WDTV comes back up log into the WebEnd and click on WDLXTV Config. Open the Apps tab and you should see the pptp configuration section.
- Open a new window and go to StrongVPN's FAQ[3]. Scroll halfway down until you find their DNS addresses. Copy the first one and put it in the PPTP VPN DNS field of the pptp config.
- Navigate to your StrongVPN account settings. To find this, log in to StrongVPN and click on VPN Accounts Summary and then click on View Greeting.
- In the pptp settings enter the password in the PPTP VPN Password field, username in the PPTP VPN Username field, and Server IP (not Server Address) in the PPTP VPN Adress field.
- Click Save.
Using the VPN
When you want to enable or disable the VPN open the WebEnd and click on the pptp button in Plugin Daemons.
Things to note
When you are using the PPTP VPN, by default all traffic is routed through the VPN. Yes, you can watch Netflix, but your bittorrent traffic will also go through the VPN.
The data going across a PPTP VPN is encrypted when setup correctly; however, the initial handshake with the username/password is sent in clear text. If somebody is able to sniff this then they can easily get your information.
I had a problem with the WDLXTV Live+ 1.05.04 0.5.1.1. I kept getting the following error when trying to start the VPN:
Starting pptp config saved val:key => (PLUGIN_WEBDIRS,webirc|/apps/webirc/cgiirc,mt-daapd|/usr/share/mt-daapd,umsp|/usr/share/umsp,nzbgetweb|/usr/share/nzbgetweb,rtorrent|/usr/share/rutorrent) config saved val:key => (PLUGIN_WEBDIRS,webirc|/apps/webirc/cgiirc,mt-daapd|/usr/share/mt-daapd,umsp|/usr/share/umsp,nzbgetweb|/usr/share/nzbgetweb,rtorrent|/usr/share/rutorrent,pptp|/apps/pptp/usr/share/pptp) /apps/pptp/bin/pppd: error while loading shared libraries: libpcap.so.0.8: cannot open shared object file: No such file or directory Done
This seems to only be a problem with the WDLXTV Live+ of this firmware, the WDLXTV Live works fine.
Verifying the VPN is working.
Before turning on the VPN, run the following command in a command shell:
wget -O - http://automation.whatismyip.com/n09230945.asp 2>/dev/null
Enable the VPN and run the command again. Double check that the IP isn't the same as your external IP from a computer that is not using the VPN.
How to Setup an OpenVPN connection
Prerequisites
Installation/Setup
- Rename the downloaded bin to openvpn.app.bin
- Copy the bin to the thumbdrive
- Reboot the WDTV
- Make a backup of the original config file by using # mv /apps/openvpn/etc/openvpn.conf /apps/openvpn/etc/openvpn.conf.bak
- Copy your certs and any configuration files to /apps/openvpn/etc/. For StrongVPN I had to rename my ovpn file to openvpn.conf.
- Edit your conf file to reflect your VPN settings. Make sure you correctly point to your certificates.
Using the VPN
To connect to the VPN type /apps/openvpn/etc/init.d/S90openvpn/openvpn start
Verifying the VPN is working.
Before turning on the VPN, run the following command in a command shell:
wget -O - http://automation.whatismyip.com/n09230945.asp 2>/dev/null
Enable the VPN and run the command again. Double check that the IP isn't the same as your external IP from a computer that is not using the VPN.
Using a DNS Proxy
What is a DNS Proxy?
The easiest alternative to a VPN is a DNS proxy. I suggest using Unblock-US[6]. They have a free 1 week trial and seem to work well. After the 1 week it is $5/mo.
Here is a quick overview of how it works[7]
Installation/Setup
- Sign up for a free account at http://www.unblock-us.com. You will need to enter your email address. (This service is only free for 1 week.)
- On WDTV, go to Settings > Network settings > Network Setup and select Automatic.
- Wait until the WDTV obtains IP address and other settings from the router (if it can't then find connection problem and try again)
- Open again Settings > Network settings > Network Setup and select Manual
- Scroll down to DNS at the bottom and press Enter
- Set following numbers in DNS field: 208.122.23.22
- Press Submit > Finish > OK
- Turn off device with power button on the remote
- Wait ten seconds
- Turn it back on
- In a terminal (SSH or telnet) type lynx http://check.unblock-us.com/
- Enter your email address and press Continue. Press A to always accept the cookie.
Automate it
Periodically you will have to go to http://check.unblock-us.com/ to update your IP. You can do this automatically with the magic of lynx.
- Record the update process. lynx -cmd_log <path to save the script> http://www.unblock-us.com/get-email
- The page will load. Enter your email and press continue.
- Accept the cookie if it prompts you.
- When you see the page saying your account is active, press Q to quit.
- In your startup scripts (/conf/S99user-script) add the following line: lynx -cmd_script <path to the script> http://www.unblock-us.com/get-email
Now every time you power up your WDTV it will automatically update your IP address with unblock-us. You can also add this to a cron if you want.
Things to Note
Unblock-US will only act as a proxy for US only sites. Here is a full list of the sites they act as a proxy for[8]. All other traffic will be routed normally through your ISP. This means all bittorrent traffic will route through your ISP as well.
Your cookie may expire. Simply open a terminal and go to http://check.unblock-us.com again.
What's Left?
I am trying to figure out how to route only Netflix through ppp0 and all other traffic (bittorrent) through eth0. If somebody can figure out how to do this with routes, please update this page.
