1. Serge Simon's Avatar
    You're updating your Putty session with your new key, right?
    actually from the look of it, when i created the instance it simply refused the keys i had built...

    So, i had a few keys there and they were not linked to the new instance i have created...

    I am not sure how they work, it seems that if you modify those keys after, say, delete then add a new one, you get a passkey refused.

    The last instance i created showed me that it will use the current key it found, and it worked.

    And yes, i did changed them in putty (each time i made sure the correct one is used)
    05-10-14 04:13 AM
  2. Guyzer's Avatar
    Simon I got a VPN working on your server.

    Just follow the instructions. Do not open any configuration files. Let the script do all the work.

    Just to clarify

    Open instance
    Login with putty as root
    Copy and paste two lines
    Answer script questions

    That's it. You got a working server. If you want to play with the configuration after that go ahead but I'm sorry no one here appears to be able to help you do that

    Posted via CB10
    Serge Simon likes this.
    05-11-14 05:17 PM
  3. Guyzer's Avatar
    Serge server

    54.187.213.10

    User = guyzer
    Pw = cb
    Preshard key = preshared



    Posted via CB10
    Serge Simon likes this.
    05-11-14 05:18 PM
  4. Serge Simon's Avatar
    Serge server

    54.187.213.10

    User = guyzer
    Pw = cb
    Preshard key = preshared



    Posted via CB10
    Now i can go in and change my passwords and user?

    Thank you!

    Did you manage to see where i went wrong?

    So.. i just tried a new instance on the Ireland server... did it with the script. I get stuck at the same problem: VPN on phone giving me autentification error....

    When i will have more time on my hand i will look more into this.. I cannot simply understand what i am missing.
    Last edited by Serge Simon; 05-11-14 at 05:55 PM.
    05-11-14 05:32 PM
  5. BCITMike's Avatar
    Serge server

    54.187.213.10

    User = guyzer
    Pw = cb
    Preshard key = preshared



    Posted via CB10
    Perhaps better for private message...

    Posted via CB10
    05-11-14 10:54 PM
  6. Guyzer's Avatar
    Perhaps better for private message...

    Posted via CB10
    it wasnt meant for long term. just showing it can be done. literally, i copy and pasted two lines, and 11 minutes later working server up. i did pm a long term server as it appears we are still having problems.

    thanks to everyone for trying to help out. sometimes its easier to just do it yourself
    Serge Simon likes this.
    05-11-14 11:06 PM
  7. Rebelllious's Avatar
    Serge, for god's sake... It can't be made simpler now! What the hell are you doing with it to get the authentication errors???
    You can make a screencast for us to see what you do and what you don't. Place that on Youtube and only then will we be able to see what you do and what you should/shouldn't do.
    Last edited by Rebelllious; 05-12-14 at 02:47 PM.
    Serge Simon likes this.
    05-12-14 01:51 PM
  8. Serge Simon's Avatar
    Serge, for god's sake... It can't be made simpler now! What the hell are you doing with it to get the authentication errors???
    You can make a screencast for us to see what you do and what you don't. Place that on Youtube and only then will we be able to see what you do and what you should/shouldn't do.
    I was thinking of doing just that... I searched and installed a program to record the screen with what i am doing and posting it on youtube. this way maybe someone could tell me where I am wrong...

    SO i started everything... the recording did not work properly (bad setup - i have a 3 monitor setup and it compressed everything to fit one)

    Anyway.. checked the settings, restarted the recording while the script was running.. explained what i did before and when all was done, it worked!

    My Z10 connected without a monent's hesitation.... I simply don't understand... I did the same thing as the other day when it did not work.

    anyway... I managed!!!


    Thank you all for your patience!
    05-12-14 04:09 PM
  9. Guyzer's Avatar
    I was thinking of doing just that... I searched and installed a program to record the screen with what i am doing and posting it on youtube. this way maybe someone could tell me where I am wrong...

    SO i started everything... the recording did not work properly (bad setup - i have a 3 monitor setup and it compressed everything to fit one)

    Anyway.. checked the settings, restarted the recording while the script was running.. explained what i did before and when all was done, it worked!

    My Z10 connected without a monent's hesitation.... I simply don't understand... I did the same thing as the other day when it did not work.

    anyway... I managed!!!


    Thank you all for your patience!
    Man I was looking forward to watching what was up. I had popcorn ready and everything
    05-12-14 06:21 PM
  10. Rebelllious's Avatar

    So, shall we assume your installation (CentOS at EC2) lacked some third-party software installed on you local home 3-monitor PC?
    To be serious, I think you just did your best not to compromise yourself to the CB community And I am really happy your struggle is finally over.
    05-13-14 02:00 AM
  11. Serge Simon's Avatar
    @Guyzer sorry to disappoint you.. maybe sometimes in the future.

    @Rebellious: everything I do on my computer I learned by watching others do it or by myself.

    You guys made it very easy with the script, I also been able to do it the old fashion way, and I am still not sure how it can get to the same result: authentication error.

    I will analyse the whole thing again, try another test Vpn servers then set them up for good.

    I found that having the amazon Aws console on tour phone helps you turn them on and off. (a good thing to have when you are in a paid subscription. It's available on Snap.

    I will also try to see if I can connect my torch 9860 and my home Pc to the same vpn.

    And another thing I have been having issues with is a ssh client that I installed on my phone, it lacks the possibility to browse the phone for the key pair so I can connect to it and change settings from my phone.

    Thank you again for your help, patience and making this tutorial to help is all!

    A great day to you!

    Posted via CB10
    05-13-14 02:58 AM
  12. Guyzer's Avatar
    Connect bot is an ssh client that uses key pairs.

    http://code.google.com/p/connectbot/

    Rebellious actually mentioned that he owns legacy BlackBerry gear so I am guessing the vpn also works.

    You mentioned about Auth error. Are you saying you cannot repeat errors or you keep getting errors?
    05-13-14 03:27 AM
  13. Rebelllious's Avatar
    No, for legacy BBOS this VPN will not work. I am on BIS+BESX, nothing more. So, no VPN is needed, actually
    In case someone is willing to ssh into their server on the go from a legacy BB, use BBSSH. It can be easily found via Google and it can generate *.ppk from the key you download from Amazon. The app is free and open source, but the author will definitely appreciate any donations.
    And now, guys, back to the topic
    05-13-14 03:51 AM
  14. Serge Simon's Avatar
    Connect bot is an ssh client that uses key pairs.

    connectbot - Secure shell (SSH) client for the Android platform - Google Project Hosting

    Rebellious actually mentioned that he owns legacy BlackBerry gear so I am guessing the vpn also works.

    You mentioned about Auth error. Are you saying you cannot repeat errors or you keep getting errors?

    I have ConnectBot and SSH Client I managed to add a pubkey once... i have to repeat the process (it was when i was learning how to use them - changed them on the fly and the server locked down)


    My torch gives me this as a choice,

    FREE VPN: Strongswan Ipsec/IKEv2 Z10/Z30/Q10-img_20140513_104835.jpg

    I do not recognise any of the evndor types... i will have to go trough them one by one i guess....

    Regarding the Auth Error: I cannot repeat it anymore, (at least until now) - still doing tests in my spare time to see where i did go wrong.
    05-13-14 03:51 AM
  15. Rebelllious's Avatar
    Read my post above yours.
    Serge Simon likes this.
    05-13-14 01:57 PM
  16. Serge Simon's Avatar
    @Rebelllious: We posted at the same time... Thank you.


    Has anyone esle observed that the servers change IP addresses?

    i cannot seem to know why they change (i kept them stopped for a few days... and just realised i get connection timed out)

    any workarounds except the no-ip thing?
    05-17-14 05:29 PM
  17. Guyzer's Avatar
    @Rebelllious: We posted at the same time... Thank you.


    Has anyone esle observed that the servers change IP addresses?

    i cannot seem to know why they change (i kept them stopped for a few days... and just realised i get connection timed out)

    any workarounds except the no-ip thing?
    Noip is ideal and very easy setup. I'm not sure If anything gets easier than that . The reason you get a timeout is because you need to update your IP address On your BlackBerry device

    The script updates the IP on the server automatically
    05-18-14 12:03 AM
  18. Rebelllious's Avatar
    Serge Simon, if you decided you would be stopping the server sometimes, the NoIP is your best solution. Please re-read my short tutorial and follow it in the part of NoIP. And in your VPN configuration on your BB10 device use the domain name you get from NoIP rather than an IP address. In this way you will be getting connection each time in full, not depending on any IP changes.
    05-19-14 03:07 PM
  19. Serge Simon's Avatar
    I read the tutorial and looked and i saw that No-Ip charges for their services.. i have EC2 android app on my phone so i can remotely control the instances and check the IPs... so no problem, i was just wondering what has happened, i did not realised that IPs could change after instances are closed.

    Thank you!
    05-19-14 03:36 PM
  20. Rebelllious's Avatar
    NoIP has a free plan for managing one single domain. So, no worries.
    05-28-14 08:59 AM
  21. BCITMike's Avatar
    Rebelllious,

    This doesn't look right:

    #change core parameters for Strongswan to work properly
    sed -i -e 's/net.ipv4.ip_forward = 0/net.ipv4.ip_forward = 1/g' /etc/sysctl.conf
    sed -i '/net.ipv4.ip_forward = 1/a net.net.ipv4.conf.default.proxy_arp = 1' /etc/sysctl.conf
    sed -i '/net.net.ipv4.conf.default.proxy_arp = 1/a net.ipv4.conf.default.arp_accept = 1' /etc/sysctl.conf
    sed -i '/net.ipv4.conf.default.arp_accept = 1/a net.ipv4.conf.default.proxy_arp_pvlan = 1' /etc/sysctl.conf
    Can you confirm if this is typo or if this is intended? I noticed this when the script was running I saw:
    iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
    iptables: Setting chains to policy ACCEPT: nat filter [ OK ]
    iptables: Flushing firewall rules: [ OK ]
    iptables: Unloading modules: [ OK ]
    iptables: Applying firewall rules: [ OK ]
    net.ipv4.ip_forward = 1
    error: "net.net.ipv4.conf.default.proxy_arp" is an unknown key
    net.ipv4.conf.default.arp_accept = 1
    net.ipv4.conf.default.proxy_arp_pvlan = 1
    net.ipv4.conf.default.rp_filter = 1
    net.ipv4.conf.default.accept_source_route = 0
    06-27-14 01:12 AM
  22. BCITMike's Avatar
    Rebelllious,

    Do you know how I could get access to my home network by installing centos on a VM, with eth0 on public IP and eth1 on my home network? Is it something that needs to be configured in StrongSwan, or in iptables?

    When I check my Z10's Network, it shows my MAC as 00:00:00:00:00:00, which doesn't look right, but looks like a BlackBerry bug.

    Thanks
    06-27-14 01:40 AM
  23. Rebelllious's Avatar
    Well, concerning the error I have to say the following. I did not invent all the staff - this had been previously gathered by Guyzer. What I did is just scripting the whole procedure. Notwithstanding the error, which you can see in the terminal window, everything will work fine, just try it.

    As for the access into the home network from outer Internet, what you need to do is to correct /etc/ipsec.conf to make sure rightsourceip property indicates the subnet you have at home. By default in my script it is 192.168.2.100, so in this case the VPN clients will start getting IPs from 192.168.2.101 on. Put your home LAN network segment there - and you are ready to go. Iptables are fine for this, no need for additional configuration.

    As for the MAC address, that should be something strange, as VPN shall not influence that.
    Last edited by Rebelllious; 06-27-14 at 12:51 PM. Reason: Some spelling mistakes
    06-27-14 01:53 AM
  24. Hussain Karimi's Avatar
    Thanks you very much. I don't know anything about it still i got it working... amazing..
    Guyzer likes this.
    08-07-14 09:56 AM
  25. Guyzer's Avatar
    We are working on something new. Simply a new application of the VPN I know you will love

    Stay tuned
    08-07-14 10:30 AM
246 ... 34567 ...

Similar Threads

  1. Z30 Wi-Fi connection unstable.
    By young guy in forum BlackBerry Z30
    Replies: 10
    Last Post: 10-22-13, 10:18 PM
  2. Line App on BlackBerry Q10
    By gnulab in forum BlackBerry Q10
    Replies: 7
    Last Post: 10-22-13, 06:12 PM
  3. How can you copy paste text on the z10?
    By Lee Eshelman in forum BlackBerry Z10
    Replies: 10
    Last Post: 10-21-13, 01:39 PM
  4. Z30 not permitting Facebook posting
    By rosie_parent in forum General BlackBerry News, Discussion & Rumors
    Replies: 7
    Last Post: 10-21-13, 11:21 AM
  5. How can i update my z10 software 10.2
    By chitwan in forum BlackBerry Z10
    Replies: 2
    Last Post: 10-21-13, 08:18 AM
LINK TO POST COPIED TO CLIPBOARD