Archive for the ‘Tutorial’ category

OpenVPN build with save password enabled

December 7th, 2009

At Ace VPN, We are always striving hard to provide the best service and improve the user experience. The ability to not save the password is annoying. We have re-compiled openvpn with –enable-password-save option.

Note: Saving password is against the security best practices. Use it with caution.

To save your password

  • Open C:\Program Files\OpenVPN\config\acevpn-pass.txt in notepad and enter your username on the 1st line and your password on the 2nd line. Save and exit.
  • Open C:\Program Files\OpenVPN\config\acevpn-premium-udp-faster.ovpn or the connection profile you use in notepad and change the line
    auth-user-pass
    to read
    auth-user-pass acevpn-pass.txt

From now when you connect to Ace VPN, it will never ask you to enter your username and the password and no more messing with the config files.

Please check the page Installing Ace VPN on Microsoft Windows for detailed instructions.

UPDATE: Openvpn 2.1.1 with save password released.

Downloads

Openvpn 2.1.1     Mirror     Released: Mar 24, 2010
Openvpn 2.1_rc22     Mirror     Released: Dec 16, 2009

No comments »

Posted in Tutorial

Tags:

Finding Optimum MTU size

December 2nd, 2009

Maximum Transmission Unit (MTU) in simple words is the maximum IP packet size in bytes, that can be transmitted over the underlying network.

One of the easy and most accurate ways to test for optimum MTU is to do a simple DOS Ping test. You will simply send out ping requests and progressively lower your packet size until the packet no longer needs to be fragmented. Although this simple test is accurate for testing end points, users may find that a lower MTU may be better for their particular circumstances.

A higher MTU brings greater efficiency because each packet carries more user data while protocol overheads, such as headers or underlying per-packet delays remain fixed, and higher efficiency means a slight improvement in bulk protocol throughput. However, large packets can occupy a slow link for some time, causing greater delays to following packets and increasing lag and minimum latency.

Steps

  • Go to Start and select Run. Type cmd
  • Type the following command and hit the enter key
    ping www.google.com -f -l 1492
    Test Fragmented Packets
  • Note the results above indicate that the packet needs to be fragmented. Lower the size of the packet in increments of +/-10 (e.g. 1472, 1462, 1440, 1400) until you have a packet size that does not fragment.
    Lowered MTU
  • Begin increasing the packet size from this number in small increments (+/-2) until you find the largest size that does not fragment. Add 28 to that number (IP/ICMP headers) to get the optimal MTU setting. You add 28 bytes because 20 bytes are reserved for the IP header and 8 bytes must be allocated for the ICMP Echo Request header.

    An example:
    1440 Max packet size from Ping Test
    + 28 IP and ICMP headers
    = 1468 Your optimum MTU Setting

To change the MTU value refer to the post Change MTU setting to fix connectivity issues

1 comment »

Posted in Tutorial

Tags:

Change MTU setting to fix connectivity issues

December 1st, 2009

If you are facing any of the following …

  • Speed issues
  • Not able to open certain websites or connect to instant messengers
  • VPN disconnects frequently

The issue is most likely related to MTU. Maximum Transmission Unit (MTU) in simple words is the maximum IP packet size in bytes, that can be transmitted over the underlying network. While most of time this never has to be changed from the default values there are instances when you need to alter the MTU sizes to fix certain network performance issues.

Windows XP

Download the file, unzip and double click on acevpn-mtu-fix-windows-xp.reg to run. Hit “OK” to install when prompted. Reboot your PC and try again.

Windows 7 and Vista

In acevpn-premium-udp-faster or the connection profile you use, add the following and restart openvpn.

mssfix 1300

Alternative Step. Do only if the above step does not fix the issue

Connect to acevpn

Go to Programs > Accessories > Command Prompt >
Right Click on Command Prompt > Select “Run as administrator”

Run command prompt as administrator

You can only change the MTU value with elevated privileges. Even if you have administrator privileges you will still need to run cmd as Administrator. If you miss out this step then you will get the error “The requested operation requires elevation”.

Listing all the interfaces

Run the following command

netsh interface ipv4 show subinterfaces

List Interfaces

Choosing the correct interface

In the command prompt run the following command.

ipconfig /all

IPconfig output

Make a note of the exact name of the network device used by the VPN. In the above example they are the words directly after adapter ie “Local Area Connection 2″.

Run the following command to set the MTU value. Replace “Network Connection” with the name of the network device you made a note of above. If mtu 1400 does not help try 1300.

netsh interface ipv4 set subinterface "Network Connection" mtu=1400 store=persistent

In our example we would be running

netsh interface ipv4 set subinterface "Local Area Connection 2" mtu=1400 store=persistent

You should get the response “OK”. If you get “File not found” the interface is either not available or you have a typo. Also you need to login to the VPN first before you try this.

Restart your PC. The changes will not be set unless you reboot your PC.

No comments »

Posted in Tutorial

Tags: