L2TP/IPSec VPN with iPhone

Published August 28, 2010 in English and Knowledge Base.

Press „Settings.”

Select „VPN.”

Choose „Add VPN Configuration…”

Select „L2TP.”

In our example, we are connecting to one of our privacy servers in Amsterdam, but you can use any other of our privacy servers which support L2TP/IPSec. You can find their host names (FQDN’s) in our server section.

Into „Description” we enter a descriptive name for the VPN connection and as „Server” we choose amsterdam.perfect-privacy.com

Into the field „Account” please enter your Perfect Privacy username and into the field „Password” goes your password. Into „Secret” please paste the preshared key. You can find the preshared key (also called „PSK” or „Secret”) for the server you are using here. In our example, we have to use the PSK for the Amsterdam servers.

Last, „Send All Traffic” has to be ON and „Proxy” OFF. Then press the „Save” button.

Note: If you wish, you can also select „Proxy” Manual and enter one of our SQUID (= HTTP) proxies with authentication into the proxy fields. This would cascade servers and provide you with even more security. The iPhone would first send requests encrypted to the VPN server where the IP address is changed the first time; and from there the data would be routed over the proxy server — where the IP address is changed a second time — to the desired destination. Unless you operate with highly sensitive data, such a setup isn’t necessary, though.

Now select the L2TP/IPSec connection you just created:

And then switch the „VPN” ON. The iPhone will now establish a connection to the VPN server.

To verify that everything works correctly, open Safari (or another browser):

Visit a web page such as whatismyipaddress.com. You will now see the IP address and the location of the L2TP/IPSec server to which you are connected (one of the Amsterdam servers in our example). All your incoming and outgoing Internet traffic, no matter which application you use, will now be anonymous and encrypted.

L2TP/IPSec VPN with Windows 7

Published August 28, 2010 in English and Knowledge Base.

If you are accustomed to use Windows’s integrated VPN client to establish a PPTP VPN connection, you should try to use L2TP/IPSec VPN instead. You just have to change a few options in the client, but L2TP/IPSec VPN is significantly more secure than PPTP VPN. This brief tutorial shows you how to set up an L2TP/IPSec VPN connection with Windows 7. Apply the instructions analogously if you use a different Windows version.

Firstly, open the Control Panel, then click on „View network status and tasks.”

In the „Network and Sharing Center,” click on „Set up a new connection or network.”

„Connect to a workplace.”

We want to create a new connection:

And we wish to establish a VPN connection over the existing Internet connection:

Now type in the Internet address. In our example, we are connecting to one of our privacy servers in Amsterdam, but you can use any other of our privacy servers which support L2TP/IPSec. You can find their host names (FQDN’s) in our server section.

The „Destination name” is how your new connection icon will be called. You can enter whichever name you please.

Make sure to select „[√] Don’t connect now.” We still have to alter some of the default connection properties before we can connect.

Then enter your Perfect Privacy username and password and click on „Create.”

Close the window.

Back in the „Network and Sharing Center,” click on „Change adapter settings.”

Find the connection icon you just created — „Amsterdam L2TP IPSec” in our case —, right-click on it and select „Properties.”

Click on the „Options” tab and deselect „[  ] Include Windows logon domain.”

Then click on the „Security” tab. From the drop-down menu, we select „Layer 2 Tunneling Protocol with IPSec (L2TP/IPSec).” We choose „Maximum Strength Encryption” and disallow all authentication protocols but „[√] Microsoft CHAP Version 2” (which is the safest).

Thereafter, we click on the „Advanced settings” button on the same window.

Paste the preshared key, then click „OK.” You can find the preshared key (also called „PSK” or „Secret”) for the server you are using here. In our example, we have to use the PSK for the Amsterdam servers.

Finally, click on the „Networking” tab. You can usually disable all connection items but „[√] Internet Protocol Version 4.” If you have more or different items than in the screenshot beneath and are unsure whether they are needed or not, don’t make any changes.

Once you are done, click on „OK.”

You may wish to drag the connection item we just configured and drop it onto your Desktop, so that you can access it quickly in future. Connection items can actually not be moved from the „Network Connections” window, thus if you drag & drop it, Windows will create a shortcut on your Desktop instead.

Now double-click on the shortcut …

… and the connection window will open. Click the „Connect” button.

Windows will now establish the L2TP/IPSec VPN connection. Your username and password will be verified, and finally you will be registered on the server.

If everything worked out fine, the connection window will be minimized into the system tray, i.e. it will completely disappear from the Desktop.

Now let’s test if everything works, as it should. Open your browser and go to a page like whatismyipaddress.com. You will now see the IP address and the location of the L2TP/IPSec server to which you are connected (one of the Amsterdam servers in our example). All your incoming and outgoing Internet traffic, no matter which application you use, will now be anonymous and encrypted.

By the way: Depending on your settings, after some seconds or minutes of being connected the first time to a specific L2TP/IPSec server a „Network Location” window might appear.

Select „Public Network” because you do not know and trust all the other members which use our L2TP/IPSec VPN, too. That way they cannot see or use your shared resources, but are treated like other Internet users.

Services on Erfurt Servers Available Again

Published August 25, 2010 in English and Perfect Privacy Announcements.

Since today, all service on the privacy servers in Erfurt are available again: OpenVPN, PPTP VPN, L2TP/IPSec VPN, SSH2 tunnels, SOCKS5, and SQUID (HTTP proxy).

[Background]

Dienste auf Erfurt-Servern wieder verfügbar

Published August 25, 2010 in Deutsch and Perfect Privacy-Ankündigungen.

Alle Dienste auf den Privatsphären-Servern in Erfurt sind seit heute wieder verfügbar: OpenVPN, PPTP VPN, L2TP/IPSec VPN, SSH2-Tunnel, SOCKS5 und SQUID (HTTP-Proxy).

[Hintergrund]

PP SSH Client 2.3.7 released!

Published August 24, 2010 in English and Perfect Privacy Announcements.

Dear Members,

Version 2.3.7 of our Perfect Privacy SSH Client is now available.

Changelog:

* San Diego, U.S removed
* Denver, U.S. added
* Los Angeles, U.S. added
* Proxy SSH over HTTP functionality added

Download

PP SSH Client 2.3.7 verfügbar!

Published August 24, 2010 in Deutsch and Perfect Privacy-Ankündigungen.

Werte Mitglieder!

Version 2.3.7 unseres Perfect Privacy SSH Client ist nun verfügbar.

Änderungsprotokoll

* San Diego, USA entfernt
* Denver, USA hinzugefügt
* Los Angeles, USA hinzugefügt
* SSH über HTTP Proxy-Funktionalität hinzugefügt

Herunterladen

Perfect Privacy Staff Member Gets House Search

Published August 20, 2010 in English and Perfect Privacy Announcements.

Today, Friday, August 20, 2010, between 7:00 and 8:00 a.m. CEST, the premises of one of Perfect Privacy’s administrators were searched by the authorities. The administrator is listed as the contact person for Perfect Privacy’s servers in Erfurt, Germany. The house search warrant is based on the suspicion that unknown suspects had routed illegal communications over the privacy servers in Erfurt.

In total, five computers together with harddisks and storage media were confiscated in the course of the house search. As far as the computers had been used for administrative or other activities surrounding Perfect Privacy, they are altogether encrypted as a whole. The estimated damage amounts to about EUR 6,000.00 to EUR 6,500.00. Perfect Privacy has already contacted an attorney who will, amongst others, apply for access to the records.

Perfect Privacy’s servers in Erfurt are at the time this annoucement is written still online, can be pinged, and Perfect Privacy continues to be in the possession of the root access and all administrative rights. The servers have so far not been confiscated. We decided, however, to disable all services (OpenVPN, PPTP VPN, L2TP/IPSec VPN, SOCKS5, SQUID) in Erfurt temporarily in order to give those of our members, who have elevated security needs, time to read this announcement and to evaluate the risks. It is not known to us whether the authorities initiated measures such as telecommunication monitoring in Erfurt.

More details will be following within the next days.

Best regards,
Perfect Privacy Administration

August 20, 2010, 10:45 CEST

Hausdurchsuchung bei einem Mitarbeiter von Perfect Privacy

Published August 20, 2010 in Deutsch and Perfect Privacy-Ankündigungen.

Heute, Freitag, dem 20. August 2010, kam es zwischen rund 7:00 und 8:00 Uhr morgens MESZ zu einer Hausdurchsuchung bei einem von Perfect Privacys Administratoren, der als Kontaktperson für Perfect Privacys Server in Erfurt, Deutschland, fungiert. Der Durchsuchungsbeschluß gründet sich auf den Verdacht, daß über die Privatsphärenserver in Erfurt von unbekannten Verdächtigen strafrechtlich relevante Kommunikationen geroutet wurden.

Im Zuge der Hausdurchsuchung wurden insgesamt fünf Rechner samt Festplatten und Speichermedien beschlagnahmt. Sofern die Rechner für administrative oder sonstige Tätigkeiten rund um Perfect Privacy eingesetzt wurden, sind sie allesamt vollverschlüsselt. Der geschätzte Schaden beträgt ungefähr EUR 6.000,00 bis EUR 6.500,00. Perfect Privacy hat bereits mit einem Rechtsanwalt Kontakt aufgenommen, der unter anderem Akteneinsicht beantragen wird.

Perfect Privacys Server in Erfurt sind zur Zeit des Verfassens dieses Schreibens nach wie vor online, können gepingt werden, und Perfect Privacy besitzt weiterhin die root- und Verwaltungsrechte. Die Server wurden soweit nicht beschlagnahmt. Wir haben uns allerdings dazu entschlossen, vorübergehend alle Dienste in Erfurt (OpenVPN, PPTP VPN, L2TP/IPSec VPN, SOCKS5, SQUID) zu deaktivieren, um jenen unser Mitglieder, die erhöhte Sicherheitsbedürfnisse haben, Zeit zu geben, diese Ankündigung zu lesen und eine Risikoevaluierung vorzunehmen. Uns ist nicht bekannt, ob in Erfurt von behördlicher Seite Maßnahmen wie eine Telekommunikationsüberwachung eingeleitet wurden.

Weitere Details folgen in den nächsten Tagen.

Mit freundlichen Grüßen
Perfect Privacy Administration

20. August 2010, 10:30 MESZ

Privatsphärenserver in Erfurt aufgrund eines Stromausfalls offline

Published August 16, 2010 in Deutsch and Perfect Privacy-Ankündigungen.

“Sehr geehrte Kunden,

aktuell haben wir eine Störung im Rechenzentrum 3. Alle Server sind derzeit nicht erreichbar. Die Techniker arbeiten gerade vor Ort an der Behebung des Problems. Wir werden Sie hier über den aktuellen Stand informieren, sobald wir neue gesicherte Informationen haben. Wir bitten Sie um Verständnis, dass wir auf Grund der Situation Tickets und Anrufe derzeit nicht wie gewohnt abarbeiten können.

Wir möchten Sie hiermit über die weiteren Entwicklungen informieren. Aufgrund eines kompletten stromseitigen Ringausfalls in Erfurt Mitte wurde unser Notstromsystem aktiviert. Aus bislang ungeklärter Ursache schaltete eine unserer USV Anlagen nicht in den Notstrombetrieb um, so dass die Last nicht übernommen werden konnte. Dies hatte zur Folge, dass keine stabile Netzversorgung des Rechenzentrums, inkl. Notstromaggregat, gewährleistet werden konnte. Die Herstellerfirma arbeitet an der Fehlerbehebung. Sobald dies geschehen ist, werden wir die Maschinen wieder einschalten.

Wir haben damit begonnen, die Maschinen wieder einzuschalten. Aufgrund der zu erwartenden längeren Überprüfung der defekten USV Anlage haben wir uns dazu entschlossen, diese vorerst vom Netz zu nehmen.

Leider gestalten sich die Wartungsarbeiten im RZ 3 umfangreicher als erwartet, so das ein erneutes Herunterfahren der Server notwendig wurde.”

Keyweb AG

Privacy servers in Erfurt offline due to a energy failure

Published August 16, 2010 in English and Perfect Privacy Announcements.

“Dear honoured customer,

actually we have a problem in our datacenter 3. All the server are offline at the moment. Our technical guys are working at the problem at the moment to solve it. We will inform you about the actually situation, when we have new informations. We beg you pardon, that we are not able to answer your tickets and telephone calls now as normal.

We hereby wish to inform you about further details. Due to a complete engery failure of the ring center in Erfurt our emergency system was activated. One of our UPS systems did not switch into the emergency operation, so that the load could not be taken. Therefore, no stable power supply of the data center could be guaranteed. The manufacturer is working on the problem. Once this is done, we will turn the machines back.

We now started to turn back the machines. Due to the expected long review of the faulty UPS system, we decided to disable it for the moment.

Unfortunately our maintenance work is bigger than expected. This caused the need to shutdown all servers in this datacenter. We will inform you about the progress and requesting sympathy that our hotline is not available as usual.”

Keyweb AG