PC Engine ALIX3D3 Specs

PC Engine ALIX3D3 System Board and Specifications

Part numbers	alix3d3 = 1 LAN / 2 miniPCI / LX800 / 256 MB / USB / VGA / audio - designed for thin clients or networked audio players.
Use with	box2c indoor enclosure brk3c3 bracket for box2c
Spec	• CPU: 500 MHz AMD Geode LX800 • DRAM: 256 MB DDR DRAM • Storage: CompactFlash socket • Power: DC jack or passive POE, min. 7V to max. 20V • Three LEDs • Expansion: 2 miniPCI slots, LPC bus • Connectivity: 1 Ethernet channel (Via VT6105M 10/100) • I/O: DB9 serial port, dual USB, VGA, audio headphone out / microphone in • RTC battery • Board size: 100 x 160 mm • Firmware: Award BIOS
Customer options	I2C bus, buzzer
ALIX.3D changes	• Add CMOS reset jumper. • Soldering option for line in instead of MIC. • Add test points for S/PDIF interface. • Increase USB current limit. • Add test points at switch pins for easier console restore. • Populate buzzer driver circuit. • Change J4 header to COM2. • Add optional power in header. • Reduce conducted EMI on DC jack. • Add second Poscap on 3.3V rail to ruggedise for high power radios.
Documentation	PDF
BIOS updates	beta Various fixes. current Fix LEDs, VGA DDC issue (boot hang), free up MFGPT timers. 10/06/08 Default = UART port B disable. Please use zapcmos.exe when upgrading to make sure it sticks... 7/01/08 fixed serial port (see advanced chipset menu, scroll down). Please disable UART port B, conflict with VGA DDC. Please note that this board uses Award BIOS, tinyBIOS does not support VGA...
Drivers	Linux, *BSD: should be included in recent distributions. Windows XP audio / video / crypto drivers Windows XP Via VT6105M network driver
Manufacturer	PC Engines
Origin	Taiwan
Schematic	PDF

Read More

How-To Install pfSense on ALIX2 Series

So, what is pfSense, and more importantly what the heck is an alix2c1? pfSense is a complete purpose-built firewall software that can be installed on a PC, as well as embedded platforms such as PC Engines ALIX boards. The focus of this recipe is to build an embedded firewall appliance.

Why would I do this when a cheap firewall can be purchased off of the shelf? Simple, the cheaper firewalls don’t come with very many features (VPN built in, RRD network graphs, 3rd LAN port for “orange” DMZ setups, etc.). To get these features in a commercial firewall appliance means spending in the neighborhood of $300 as well as being locked into a certain vendor for VPN, etc. Making my own costs about $150 and give me a lot of flexibility.

So, this is a story of how I spent the past two nights sitting cross-legged on the floor with a laptop connected to a tiny motherboard that would become a firewall/router.

The instructions that I found on both the pfSense website and the m0n0wall website were for installing on the End-of-life WRAP product, but I figured it had to be similar, right? Well, sort of :-) After following the instructions on the pfSense website and then the m0n0wall website, things started to go downhill. The device would boot, pfsense would go through its loading process, but then just die on the loading of the DHCP server.

Never got an IP address on any of the NICs – but each NIC module got its link light when I plugged in the LAN cable so that was a sign that at least the NIC modules were working on some level. So I figured this is a BETA version of pfSense, so maybe I need to install m0n0wall. m0n0wall would boot up just fine and even made it to its menu, but I could never get the NICs to come up. None of them. Could I have a bit o’ bad hardware? So I hit the web again and soon found out from the forums over at pfsense that a BIOS upgrade might be in order.

The following steps are how I finally got this project off of the ground. I used Linux to do my bidding, but you can certainly do this from a Windows box (some of the steps are different, though…)

Hardware you will need (I purchased from Netgate and it came fast and furious, but there is a list of vendors on PC Engines’ website):

• ALIX2c1 or another embedded platform from PC Engines.
• Aluminum enclosure (optional if you’re going to install your ALIX in another enclosure).
• Power supply to power the ALIX (optional if you’re going to use Power over Ethernet, or PoE).
• A Compact Flash (CF) card (has to be at least 128MB according to the pfSense website).
• A Compact Flash reader connected to your PC. You’ll need this to write the image to the CF card.
• A computer with a serial port, preferably one with a true serial port and not a USB-to-serial adapter. It might work just fine with the USB/serial but if it doesn’t then you’ll have one more thing to troubleshoot.
• A DB9 null-modem cable with a DB9 female on both ends (or some gender changers to get you there)

When you get the hardware – DO NOT mount the ALIX board into the enclosure until you get it working. You might be removing/inserting the CF card a lot and the enclosure doesn’t give you any room to remove the CF card. OK, now that you’ve got all of the necessary hardware, here is the recipe for cooking up your own firewall:

1.] Download pfSense for embedded platform. The most current version at the time of this writing was 1.2-RC4, which I found to be stable for my needs as I had been using the PC based version for several weeks.

2.] Unzip the downloaded file (the version I downloaded isn’t a tar archive so we only need to use gunzip):

gunzip pfSense-1.2-RC4-Embedded.img.gz

This will expand the file, leaving a file called pfSense-1.2-RC4-Embedded.img.

3.] Now insert the CF card into the card reader on your PC. To find out the resource Linux is using to access the drive, type the following at the command line:

dmesg

and look at the last several lines which might look something like:

[ 7377.984000] sd 2:0:0:0: [sdb] 700560 512-byte hardware sectors (359 MB)

[ 7377.984000] sd 2:0:0:0: [sdb] Write Protect is off

[ 7377.984000] sd 2:0:0:0: [sdb] Write cache: disabled, read cache: enabled, doesn't support DPO or FUA

[ 7377.984000] sd 2:0:0:0: [sdb] 700560 512-byte hardware sectors (359 MB)

[ 7377.984000] sd 2:0:0:0: [sdb] Write Protect is off

[ 7377.984000] sd 2:0:0:0: [sdb] Mode Sense: 00 3a 00 00

[ 7377.984000] sd 2:0:0:0: [sdb] Write cache: disabled, read cache: enabled, doesn't support DPO or FUA

[ 7377.984000] sdb: sdb1

[ 7377.984000] sd 2:0:0:0: [sdb] Mode Sense: 00 3a 00 00

[ 7378.020000] sd 2:0:0:0: [sdb] Attached SCSI removable dis

[ 7378.020000] sd 2:0:0:0: Attached scsi generic sg2 type 0

From this output we can see that Linux is accessing the CF card as /dev/sdb.

4.] Next we will use the Linux utility “dd” to write the image to the CF card

dd if=pfSense-1.2-RC4-Embedded.img of=/dev/sdb

where “if=” is the input file (the pfSense image) and “of=” is for the output file. In our case we are writing the output to the file that is the CF card (remember, in Linux almost everything is a file). While the process is running, unfortunately you won’t get any output or indication of what it is doing. However, when it is finished you should get some output such as:

239144+0 records in

239144+0 records out

122441728 bytes (122 MB) copied, 187.177 seconds, 654 kB/s

5.] Unmount the CF card from your computer. If you’ve got a nifty neato X session going, and a handy dandy automounter, then chances are good that you can just right-click on the respective desktop icon for your CF card and select “Unmount Volume”. If not, hit the command line and do a:

mount

which should show where the drive is mounted:

/dev/sdb1 on /media/disk type vfat (rw,nosuid,nodev,shortname=mixed,uid=1000,utf8,umask=077,usefree)

6.] Now that we know where the drive is mounted, let’s unmount it:

sudo umount /media/disk

7.] Remove the CF card from your computer and insert it into the CF adapter on the ALIX board.

8.] Connect one end of the null-modem cable to your computer’s serial port and the other end to the serial port on the ALIX.

9.] Fire up your favorite terminal emulation software such as minicom (or Hyperterminal on Windows) and use the following settings:

• Baud rate: 38,400
• Data: 8 bit
• Parity: None
• Stop: 1 bit
• Flow control: None
• Terminal: ANSI

10.] Now apply power to the ALIX. If you are connected correctly, you should start to see the ALIX BIOS text.
11.] While the BIOS is going through the memory test press the “s” key to enter the BIOS setup.
12.] If have successfully entered the BIOS setup, you should see the text with some different options. Do the following:

• Press “9″ to set the baud rate at 9600
• Press “q” to quit the BIOS setup
• Press “y” to save the settings to flash

13.] If you start seeing gibberish ASCI characters instead of text, then you need to set your terminal emulation software to 9600 baud instead of the 38,400 we set it at earlier.

14.] Now reboot the ALIX by power cycling the unit (unplug the power, plug it back in).

15.] With the terminal set to 9600 baud, we should see the boot-up process and if all is well it should look akin to a Free-BSD boot.

16.] If all goes well and pfSense discovers your hardware, then you are good to go. To get started, you need to:

• Assign the interfaces
• Give the LAN interface an IP address that works for your internal network (i.e. 192.168.1.1)

17.] Once you plugged the LAN interface into your network, then fire up your web browser and surf on over to the IP address you gave for the LAN interface (http://192.168.1.1)

Unfortunately for me pfSense did not properly detect the NIC modules. After some digging around on the ‘net it looked like a BIOS upgrade would do the trick as the version on my ALIX board was 0.98b. The latest and greatest was 0.99. So here is how to flash upgrade the BIOS:

1.] Download the FreeDOS bootable image from PC Engine’s website.
2.] Insert another CF card into your computer. If you only have the one CF card, then you’ll have to re-do the previous  instructions to get the pfSense image back on the card after you’re done updating the BIOS.
3.] Unzip the image from the download if necessary (it was a Zip file when I downloaded it)

unzip freedos3.zip Archive: freedos3.zip
inflating: freedos_alixupdate_0.99.img

4.] Now write this image to the CF card:

dd if=freedos_alixupdate_0.99.img of=/dev/sdb

5.] Unmount your CF card from the computer, and insert it into the ALIX.
6.] Power on the ALIX and press “s” to enter the BIOS setup.
7.] Change the drive configuration to LBA by pressing “L”.
8.] Now press “q” to exit, and “y” to save your changes to flash.

9.] The system should boot the FreeDOS image and automatically run the BIOS flash utility (sb.com) to reprogram the flash.

10.] Once it is done, power off the ALIX and reinsert your pfSense imaged CF card. If you only had one card you’ll now have to go back and rewrite the pfSense image to the card.

Read More

PC Engine ALIX 2D3 pfSense OS

With my fascination with FreeBSD and Information Security, it was only natural for me to get excited about pfSense, a “free, open source customized distribution of FreeBSD tailored for use as a firewall and router. In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution.”

After testing it out, I decided to replace the anemic built-in “firewall” on my SoHo Linksys wireless router with pfSense. This would allow me to run pfSense in a production environment (even if it is just my home network) to get more familiar with it, as well as give me a robust firewall, able to do what I need for my up and coming plans to conquer the world from my home network. (More on this in another post)

So, I could run pfSense on a old box I had laying around, but I got to thinking of the electricity cost if I had this box on 24/7/365–There had to be a more efficient way to run it…

Which is when I stumbled across PC Engines, a Swiss-based engineering company that designs and manufactures hardware for embedded computer systems. After doing a bit of research, I settled on the Alix 2d3, which gave me a 500MHz AMD Geode LX800. 256 MB RAM, 2x USB ports, and 3x NICs. I started using this guy’s blog post as a guide to building my embedded PfSense firewall.

To start off with, here was my parts list:(Costs include shippping)

(And yes, I know I could have gotten the serial cable stuff cheaper)

-1x Alix 2d3 Kit (Board + Power Supply + 1GB CF card + Black Case) $201.53
-1x USB-to-serial adapter $19.94
-1x Null modem adapter (female to female) $17.13
-1x IDE to CompactFlash adapter $8.20

Grand Total (with shipping): $246.80

I went ahead and bought the Alix 2d3 kit from Netgate, and the rest of the parts from other sources. Here is a photo of everything:

After downloading the latest embedded image from pfSense.com, I needed to write the image to the CF card. Well, the main OS I run on my laptop is Vista, so I thought I would just do it from there.

Now, I didn’t buy a regular CF Reader, but a CF to PATA converter. I didn’t think this would be an issue, because I would just hook it up to my IDE to USB adapter and to my machine, like so:

Unfortunately, this did not work. The OS never even recognized that I had something plugged into the USB port. I have no idea why. So I went to plan B, and plugged it into an IDE spot on my test machine, and booted it up into FreeBSD.

FreeBSD found the card no problem, and using dd, I was able to successfully write the image to the CF card.

Next, I ran through RockPenguin’s directions of applying power to the board, and getting into the bios. I will quote his directions here, after the photo:

——-Start Quote———

-Connect one end of the null-modem cable to your computer’s serial port and the other end to the serial port on the ALIX.

-Fire up your favorite terminal emulation software such as minicom (or Hyperterminal on Windows) and use the following settings:

Baud rate: 38,400
Data: 8 bit
Parity: None
Stop: 1 bit
Flow control: None
Terminal: ANSI

-Now apply power to the ALIX. If you are connected correctly, you should start to see the ALIX BIOS text.

-While the BIOS is going through the memory test press the “s” key to enter the BIOS setup.

-If have successfully entered the BIOS setup, you should see the text with some different options. Do the following:

Press “9” to set the baud rate at 9600

Press “q” to quit the BIOS setup

Press “y” to save the settings to flash

-If you start seeing gibberish ASCI characters instead of text, then you need to set your terminal emulation software to 9600 baud instead of the 38,400 we set it at earlier.

-Now reboot the ALIX by power cycling the unit (unplug the power, plug it back in).

-With the terminal set to 9600 baud, we should see the boot-up process and if all is well it should look akin to a Free-BSD boot.

——–End Quote——–

Fortunately, my bios was already to the latest version, so I did not have to flash it like he did.

After this, I shutdown the device, and put the board into the case, and screwed everything down.

I then hooked it up to where I wanted it, and got it connected to the right cables.

Finally, I started it up again, and finished the initial pfSense configuration.

Here is the final product, hooked up, and ready to go:

Final Thoughts:

-I actually thought it was going to be alot more difficult–It only took me about 3 hours.
-You want to know what the average wattage for this bad boy is? 5 watts!

So ends my first firewall-building experience.

Read More

ALIX PC Engine m0n0wall Firewall

This tutorial covers the post installation basic configuration of Monowall (M0n0wall). This segment covers changing the default password, setting the time zone of the firewall. It also covers setting static IP address mappings via DHCP as well as configuring port forwarding. This is the second part in a series of tutorials which will range from basic configuration of the firewall to more advanced topics such as IPSEC tunnels and VPN clients.

Log into the firewall

Open a web browser and log in to the firewall. The default address is http://192.168.1.1. The username is: admin and the default password is: mono

Change password & time zone

1.) Click on ‘General Setup’ under ‘System’

2.) Type in a new password in both boxes. As a general rule of thumb you should you upper and lowercase characters as well as symbols.

3.) Select the time zone you are in.
4.) Click the ‘Save’ button.

After you click save the firewall will prompt you to log back in with the new password.

Open the DHCP server configuration page

If you are going to access any devices on your local network via the Internet you need assign them static IP addresses. This is important if you’re going to log into your workstation remotely via a service like ‘Back To My Mac’, connect to a SlingBox remotely or play video games via a PC, Xbox360 or a PS3. This will become clear when we start configuring Port ‘Forwarding’. So let’s get started on assigning IP addresses to these devices.

For this example we are going to assign a static IP to the workstation connected to the firewall. We will need to know the MAC address of the device, this is the physical address of the network interface. On some devices you will see a sticker which states the MAC address of the device, on others you will have to go into a configuration or information screen to gather that information. The MAC address will be in the following format ##:##:##:##:##:##, it will be a combination of numerals and characters. On a Mac you would click on the Apple logo on the menu-bar, go to ‘About This Mac’, ‘More Info..” and click on ‘Network’. You will see the different available network interfaces, click on the network interface in question and you will see the MAC address of the interface. So now that you have the needed information, lets proceed.

Also the static IPs have to be outside the range of IPs given out by the DHCP server. The default range is 100 – 199, keep that in mind.

1.) Click ‘DHCP server’ under the ‘Services’ section
2.) Click the ‘+’ symbol under the ‘Reservations’ section

Add static IP address mapping

1.) Enter the MAC address of the device you are adding
2.) Enter the IP address you would like to assign to the device. (i.e.. 192.168.1.200) Make sure the IP address falls within the range of your local network.
3.) Enter a description for the device you are adding a static mapping to and click save.

Repeat these steps for every device you need to add. Once you are done continue to the next section.

Apply changes, beware of the bugs though

1.) You will notice your new reservations listed below.
2.) Click the ‘Apply changes’ button.

3.) If you are installing 1.3 version you will see the above error. This is a bug in that version, it will be fixed in the next revision.

**If you do get this error after clicking ‘Apply changes’, you need to reboot the firewall. To do that click ‘Reboot system’ under the ‘Diagnostics’ section. Once you do that the changes will take affect.

Port forwarding

1.) Click on ‘NAT’ under Firewall
2.) Make sure ‘Inbound’ is selected
3.) Click the ‘+’ symbol

Adding port forwarding rule

I am going to create a port forwarding rule as if I had a SlingBox on my local network. SlingBox uses TCP port 5001 to communicate with the Internet. So I am going to configure a rule that states and traffic coming in on the WAN port (Internet interface) on TCP port 5001 be forwarded to an IP address on my local network. These are the steps to achieve that:

1.) Interface: should point to WAN
2.) External address: should point to ‘interface address’
3.) Protocol: select the appropriate protocol from the drop down (i.e.. TCP)
4.) External port range: enter the port number in both boxes (i.e.. 5001)
5.) NAT IP: this would be the IP address of the device on your local network (i.e.. 192.168.1.200)
6.) Local port: this would be the same port number used in step 4 (i.e.. 5001)
7.) Description: enter a thorough description of the device and port number you are forwarding for future reference
8.) Click the checkbox: This will automatically create the firewall rule you will need at the same time.
9.) Click the ‘Save’ button

Repeat these steps if you have multiple ports you have to open for a device. Also repeat these steps if you have multiple devices to add.

Apply changes

Once you are finished adding all of you port forwards, you can click on the ‘Apply changes’ button and you are done

Ports for forwarding common devices

Xbox360 Live: UDP/TCP 3074

PS3: TCP 5223, UDP 3478. UDP 3479, UDP 3658 **Certain games may require additional port forward mappings, check with game vendor

SlingBox: TCP 5001

If you need information on ports for device not listed here, check with the manufacturers support web page. If you cannot find it there try Googling: firewall port forwarding for (then add your device and then hit the ‘Search’ button)

Finished

We are done with this segment of the tutorial. In the next installment we will discuss Dynamic DNS services and VPN Tunnels (IPsec Mobile, PPTP).

Read More

How-To Install MonoWall OS (Video)

m0n0wall is an embedded firewall distribution of FreeBSD, one of the BSD operating system descendants. It provides a small image which can be put on Compact Flash cards as well as on CD-ROMs and hard disks.

It runs on a number of embedded platforms and generic PCs. The PC version can be run with just a Live CD and a floppy disk to store configuration data, or on a single Compact Flash card (with an IDE adapter). This eliminates the need for a hard drive, which reduces noise and heat levels.

Features

m0n0wall provides for a web-based configuration and uses PHP exclusively for the GUI and bootup configuration. Additionally, it adopts a single XML file for configuration parameters.

Some functions of m0n0wall are:

• Stateful packet filter firewall
• IPsec and PPTP VPNs
• Inbound and Outbound Network Address Translation
• Captive portal
• Traffic shaper
• Inbound and Outbound port filtering
• Support for 802.1q compatible VLANs
• Multiple IP addresses on LAN and WAN ports
• IPS
• Replacement for commercial router

Read More

ALIX PC Engine MonoWall OS

This tutorial covers the installation of Monowall (M0n0wall) onto a compact flash card utilizing a Mac and assembling the firewall. The firewall is being built utilizing an ALIX embedded system. This is the first part in a series of tutorials which will range from basic configuration of the firewall to more advanced topics such as IPSEC tunnels and VPN clients.

Download the Monowall embedded image file

Visit Monowall’s website and download the embedded image file for ALIX. Below is a link to the appropriate page.

Monowall Download Page: http://m0n0.ch/wall/beta.php

Place the file you just downloaded onto your desktop.

Run Disk Utility

Insert a compact flash card into a card reader attached to your computer, a 256MB card will do just fine. Open up ‘Disk Utility’ which is located in the ‘Utilities’ folder under ‘Applications’ on your boot drive. Select the Compact Flash card you inserted on the right side. Make sure that you select the right drive, double check to make sure the size matches the card. Be very careful, if you select the wrong drive you could wipe all the information from a hard drive. Right-Click on the drive and select information.

Compact Flash Disk ID

Jot down the the ‘Disk Identifier’ information associated with the drive. This number will vary on your own system so do not use the information listed above. Writing the wrong information down could result in one of your hard drives being wiped so pay very close attention. You will need this information for the next step.

Partition Mounted?

If there is a partition on the Compact Flash Card it needs to be unmounted. Right-Click on the partition listed underneath Compact Flash Card and select ‘Unmount’.

Run Terminal

When you open Terminal it will default to your home directory. Issue the following commands to change to the desktop directory and write out the image file to the Compact Flash Card:

cd desktop

gzcat embedded-1.3b16.img | dd of=/dev/disk# bs=16k (Insert the Disk ID number that you jotted down from the previous step) Last warning if you enter the wrong information you could wipe a hard drive or other removable drive connected to your system)

You should receive a message as displayed above. If you receive a message that states the resource is busy, it means that you did not unmount a partition on the Compact Flash Card. Please go back to the previous step and unmount the partition.

Assemble the firewall

Remove the the Compact Flash Card from the card reader and insert it into the card slot on the ALIX board. Do this before you install it into the case as it will block the slot. This would also be good time to install any add in cards you might have into the mini-pci slots (wifi, vpn accelerator) Remove the hex bolts on both sides of the serial port, otherwise you cannot slip it into the case. Slide the board with the network ports going in first so they slide into the cutouts. With that inserted screw in the board to case, followed by reattaching the the hex bolts on the both sides of the serial port. Put the cover on the case and screw it in place. Thats all there is to it, pretty simple wouldn’t you say?

Log into the firewall

Plug your firewall into the network utilizing the LAN port and power up the unit. You can either plug the firewall into a switch or directly into your network port on your computer. The DHCP server on the firewall will supply your workstation with the appropriate IP address information. Give it a couple of minutes to finish booting up. Open up your favorite browser and type: http://192.168.1.1 into the address bar. This is the default address of the firewall. You will be prompted to login into the firewall, the following are the default credentials:

Username: admin
Password: mono

This information is case sensitive, make sure you enter everything in lower case.

That is it for the first part of the tutorial. The next tutorial will walk you through the basic configuration if the firewall. Subsequent tutorials will discuss more advanced features, such as creating tunnels between two remote firewalls.

Read More

Free VPN: VillaVPN (Multiple Countries)

Villa VPN / VON

Villafania Open Networks, or VON, is a VPN service provided by a US-based Pinoy, and PC-enthusiast (as what I can interpret on his profile.^^), named Kristian Villafania. You can access his blog at: http://kristianvillafania.com

VillaVPN is a free VPN, (a freemium one also). It only requires you to be active on the VON forums. That was easy, fun and it gives you a free and awesome vpn service!

Here are a couple of videos from ztrify91 @ youtube. ztrif y91 is one of VillaVPN’s promoter and he’s the one that sent me to use this VPN service.

How to get a VillaVPN key?

How to use VillaVPN?

At first, I was very hesitant to try this VPN service. You all know that I am a lazy guy that hates to do some things. I also hate VPN trials that requires too much stuff to do. So I passed out on this one. But ztrif y91 invited me to try out their VPN, and they gave me an access to admin-moderator-contributor (AMC) servers of the VPN. That was sweet!

I am using it now, and I can say, that I am very much satisfied with this VPN service. VillaVPN is definitely an awesome FREEmium VPN.

VillaVPN
Name: VillaVPN
Status: Free, like a premium, requiring activity in forums.
Country/Server Locations: Hong Kong, Miami, LA, CAL, Sweden, USA
Website: http://von.kristianvillafania.com

Download VillaVPN

To download VillaVPN files, you can get it from this link: Download VillaVPN Core Files

But before you can use the VPN, you must first have your own cert and key files. You can request it from the forum.

After you successfully got your own member’s key and cert, this tutorial will be of great help to you: Tutorial on Connecting and Using the Keys/Cert.

The videos above is also rich in info’s you should be needing.

Read More

Free VPN: AdmiralVPN (Canada)

I just want to share this alternative vpn to all my avid readers and fans. This is another free VPN that you can use for anonymity purposes. But for me, I also use this for free internet purpose. Tested working for Globe and Smart networks in the Philippines.

Name: ADMIRAL VPN
Country: Canada
Status: Free and Premium

• Free Accounts: Limited to only for three days. No ads, feels like Premium.
• Premium Accounts: I haven’t tested it yet, but seeing their service, I think getting the Paid service will be best. Get a paid account if you like their service.

Stand-alone GUI: No need for OpenVPN Client, though you still needs to have the TAP Network Adapter drivers installed in your pc.

Download Admiral VPN Client

Download: Admiral VPN 1.6 | Mirror1 | Mirror2

How to use ADMIRAL VPN:

1. First, you need to be an admiral. lol. You just need to have an AdmiralVPN account, just head on to http://www.admiralvpn.com/account-section/register.aspx
2. Sign up for an account, then check your e-mail for the confirmation. You will receive an e-mail message with a subject of info and from info@admiralvpn.com. The message will maybe inside your Spam folder as per my experience, my gmail email’s spam folder always catch this message.
3. Click on the verify account link, copy the hash code first, then paste it on the verify box link.
4. Then you will get a thank you message! You now have an Admiral VPN Free account!
5. The account will last only for 3 days, but don’t mind that. You can still just register all over again.
6. Install the Admiral VPN client. The link can be found below. Or you can just extract the folders and see a program folders inside, the AdmiralVPN files are already there, ready for usage.
7. Run the EXE. Make sure to run it under admin access if you are on Vista or Win7.
8. Then the client will open. At first, you will have an not updated yet version of the client. But do not worry as per the client has an aut-update feature.
9. Log-in your account. Just type your username, and password. Check first the Advance settings checkbox, then mark the Connect as free User checkbox before hitting the Connect button.
10. After successful connection, the client will run an update which will make the gui looks nicer and perform bottom.
11. If you are already connected, you are now ready to surf the internet for Free!

Read More

Free VPN: LibertyHeroVPN

Okay, here’s another VPN that I had used. kindly refer to my previous posts for more details in case you don’t know much about these Virtual Private Network.

• Name: LibertyHero
• Server: UK
• Status: Free
• Tested: Globe and Smart

Thanks to 89dufpoqidjv of symbianize for sharing this. hehe.

• FREE
• UNLIMITED
• TCP and UDP supported
• 2 UK SERVERS
• 256-bit AES cipher to encrypt all VPN packets.
• Speed limit: 512kbps

How to Use LibertyHero VPN

1. First, sign-up an account in this link: https://libertyhero.com/getlibertyhero/
2. Download this file: for LibertyHero+OpenVPN 2.2.1.rar | 1.386 MB | Mirror Link | GLOBE/SMART UDP&TCP w/ auto-pingering combined auto-flushdns
3. Edit pass.txt inside data/config and input your username and password you got from step 1.

Enjoy!

Read More

Virtual Private Network Pros and Cons

VPN, or Virtual Private Networks, has both its advantage and disadvantages. But in the end, we end up using it. Let me list those advantages and disadvantages that I see.

VPN lets remote users connect to your LAN over the Internet, which greatly reduces the cost and complexity of the remote connection. The savings begin with the fact that most small businesses will no longer require a dedicated remote-access server. Businesses with a large number of remote users, say more than 75, might still require a remote server to handle such a high volume of traffic, but these companies still save money because nobody has to dial directly into the server. Instead, users only make a local call to their ISPs. In fact, lower long-distance charges are one of the biggest benefits for all companies using a VPN.

Another benefit is that, unlike in a traditional remote-network setup, VPNs do not require similar hardware at both ends of the connection. For example, an employee on a business trip can connect to an ISDN modem in your office using a 33.6Kbps PC Card modem at the same time that a remote workgroup dials in with a 56Kbps serial modem.

Virtual Private Network Pros:

• Cost Savings – By leveraging third party networks, with VPN, organizations no longer have to use expensive leased or frame relay lines and are able to connect remote users to their corporate networks via a local Internet service provider (ISP) instead of via expensive 800-number or long distance calls to resource-consuming modem banks.
• Security – VPNs provide the highest level of security using advanced encryption and authentication protocols that protect data from unauthorized access.
• Scalability – VPNs allow corporations to utilize remote access infrastructure within ISPs. Therefore, corporations are able to add a virtually unlimited amount of capacity without adding significant infrastructure.
• Compatibility with Broadband Technology – VPNs allow mobile workers, telecommuters and day extenders to take advantage of high-speed, broadband connectivity, such as DSL and Cable, when gaining access to their corporate networks, providing workers significant flexibility and efficiency.

Virtual Private Network Cons:

• Quality of Service. Unlike circuit-switched or leased line data services,VPN links (or tunnels) over public routed networks do not typically offer any end-to-end throughput guarantees. In addition, packet loss is variable and can be very high, and packets can be delivered out-of-order and fragmented
• Security. VPN connections are made by first connecting to a POP of the public network, and then using that network to reach a remote peer to form a private tunnel. Once the connection has been made to the POP, unsolicited data from other users of the public network can be received, and the exposure to “attacks” requires comprehensive and complex security measures.
• Bandwidth reservation or Quality of Service (QoS) at the enterprise or central site. Bandwidth reservation refers to the ability to “reserve” transmission bandwidth on a network connection for particular classes or types of traffic. It is much harder to achieve with VPNs than traditional networks. Some reservation can be done on out-bound traffic, but for inbound reservation to be achieved, the VPN carrier would need to help
• Two-way calling. Small office/home office sites that use ISDN to access a central site directly enjoy the capabilities of two-way calling, e.g. if the link is idle (the inactivity timer has fired and disconnected the call) and traffic needs to flow from the central site to the remote site, the central site can initiate the call. In a VPN network, this is a capability missing from common ISP offerings today. Call-back is a related topic; offering to pick up the dial-in costs incurred by partners and customers is also difficult .
• Centralized telesaving control. Managing cost-effective use of dial links centrally may no longer be possible.
• Overhead. VPN tunnels impose overhead for dial-in users: encryption algorithms may impact the performance of the user’s system, there will be an increased protocol header overhead, authentication latency will increase, PPP and IP compression will perform poorly (compared to a direct link), and modem compression won’t work at all.
• Support issues. Replacing direct-dial links with VPN tunnels may produce some very painful fault-finding missions. Due to the complexity of VPN carrier networks, the opportunities for “hand-washing” are enormous.
• Reconnection time. Using tunneling may increase the reconnection time for dial users. With the VPN carrier L2TP model, the client has to go through two authentication phases: one on contacting the VPN carrier POP, and another on contact with the enterprise Security Gateway.
• Multimedia. Applications such as video conferencing only work acceptably over low latency links that can offer the required minimum throughput. Currently on the Internet, latency and throughput can vary alarmingly. Multi-channel data services, such as ISDN and xDSL solve this problem in the short term, allowing the “data” channel to be used for VPN tunneling, and a separate “voice” channel to be used for business telephone calls or video conferencing.
• Encryption. When using encryption to protect a tunnel, data compression is no longer achievable as encrypted data is not compressible. This means that hardware compression over a modem connection is not possible.
• Possible disadvantages of intranet VPN include the following:
• Denial-of-service attacks. Unlike a private leased line, traffic that is not from the peer remote site (tunnel end-point) can flood down the receive path of a VPN tunnel from anywhere on the public network. This unsolicited traffic may reach such a level that solicited data can no longer be retrieved. To combat this, the VPN carrier could offer to filter non-VPN traffic, or perhaps provide a band-width reservation or QoS service.
• No end-to-end data link in some cases. For some tunnel technologies, there is no end-to-end data link, so detection of reachability will need to be supported at the routing layer with protocols capable of rapid failure detection and instant re-route.
• Packet loss. A VPN tunnel can sometimes suffer high packet loss and can reorder packets. Reordering can cause problems for some bridged protocols, and high packet loss may have an impact on the optimal configuration of higher-layer protocols.
• Latency and multimedia.This is very much a next-generation VPN carrier goal that will require considerable investment to do properly. There are serious doubts as to the chances of the Internet achieving success in this area in the near future. Data-link carrier companies and newly-formed VPN-focus companies offering VPN services have a better chance.
• Increased downtime. Decreased mean time between failures, longer lasting outages, painful problem solving and downtime compensation claims.

Read More

Free VPN: Hotspot Shield (US)

[HSS] Free VPN. Free Globe Tattoo and SmartBro Broadband internet.

I just noticed that all the vpn’s I am using suddenly are falling down, some wont really connect while others were always disconnecting. I have been using them because they always gives me 150kbps-450kbps download speed using IDM on myGlobe Tattoo USB stick. Since they doesnt works now, here is something, not really new.

Free VPN: HSS

• Name: Hotspot Shield VPN by Anchorfree (same provider with ExpatShield VPN)
• Country: USA
• Status: Free, no registration required but with ads

This is like ExpatShield VPN. Just extract the files inside, run as Admin the .exe and then connect from 66 different servers. Yes that is 66, so people wont be sticking themselves on a single server that makes everything really slow.

Download HotSpotshield with 66 Servers

Download Link: Mediafire (for easy download, heheh.^^)

Screenshots

SpeedTest with HotspotShield VPN

HotspotShield IDM download.

Playing online games with HSS.

For new users, just follow my guide here: Free broadband internet using VPN, that will guide you on the process how to do everything. If you still have problems, check out this OpenVPN Guide I made.

Credits

Thanks to 89dufpoqidjv for sharing this (also for the screenshots– i am too lazy to provide mine. XD) heheh. :D

I am enjoying youtube streaming and torrents with this VPN, and yes it was really fast! Just use adblock plus to block those annoying ads provided by anchorfree, if you’re annoyed by it. Enjoy and have fun! ^_^

Additional Fast Servers!

These new servers are the fastest server among all the other servers of HSS. Just try it and see it for yourselves. :)

HSS New Servers, very low ping!

FYI: All IP on the range of 69.31.103.xxx are servers of HSS.

Download New HSS Servers | additional Chicago Servers (mediafire links)

How to use the new servers? Just extract the .ovpn files on the /data/config/ folder where your HSS VPN files are located. Enjoy!

Read More

ShieldVPN v5 GUI: All-in-One VPN

ShieldVPN [11-in-1]

Contains 11 different VPN services, thanks to Script_kiddie of Team Patotoy for sharing this very nice app at symb.ph. This will help those who’s having a hard time finding their way out to configuring or making the VPN files to work. This app gives a very nice GUI that makes everything as easy as select-and-connect.

ShieldVPN Features:

• Taphss/Tap0901 auto-detection (auto-detect 32/64-bit, no external bat files)
• Pinger (This time a real pinger )
• Statistics
• Randomizer
• Auto save settings.
• Auto-update (or manual via Support tab)
• Flush (auto/disable)

Auto-save Feature - Every time you connect the current configuration you select will automatically be saved including username & password. (Each account is stored separately)

Recommended port is automatically selected when changing server, protocol and network. But some say using an specific port makes their connection faster and also fix some connection problem(can’t browse). You can manually select a port to connect to but there are no guarantees that it will always work.

Requirements:

• A computer/laptop – Recommended OS Vista/Win7 with .NET 3.5
• Internet connection
• Common sense

Tested on: Win7 64-bit & WinXP 32-bit with .NET Framework 3.5

Download Version 5.1 (11in1): Download Link Mediafire

Both 32-bit & 64-bit taphss/tap0901(v9.8) driver included.

Download .NET Framework 3.5 Link

Download .NET Framework 2.0 Link

Read More