Windows 10 – Change PPTP ipv4 Settings

In my RTM copy of Windows 10 Pro, when I try to edit the IPv4 settings of a VPN connection, nothing happened when I clicked ‘Properties’.

Thankfully, there is a solution to the issue – you can edit the file rasphone.pbk in a text editor like notepad.exe and make the necessary changes in this file.

The exact setting I wanted to change was to disable the default gateway – also known as split tunneling. This way I can connect to the VPN, and only tunnel traffic for that specific remote site over the VPN – i.e. use my normal non-vpn connection for internet traffic.

This is called “IpPrioritizeRemote”. I set this to 0 instead of 1 and saved the PBK file. When I re-established the VPN connection in the usual way, the ‘default gateway’ setting worked as intended.
Click here for more details..

Contact Details..
Jaytag Computer Limited
Maddison House, 226 High Street
Croydon, Surrey, CR9 1DF
Phone: 08007879258
Web: https://www.jaytag.co.uk/

FreePBX – convert WAV call recordings to MP3

One of our customers recently reported an interesting issue. They were running FreePBX on a machine with a very small amount of hard drive space. Usually, this would not be an issue, as FreePBX can be installed easily onto a small drive, even less than 10GB (I have a moment of reflection now, thinking that actually 10GB is massive!!)

In any case, when you start recording calls on a system, the free space is quickly eaten up.

Within FreePBX, there is no way to set the call recording to MP3, and as a result, large WAV files are created.

The solution? Convert them to MP3, and update the CDR database to reflect the changed filenames – so that if you wish to download the call recordings from the web UI, the links are correct.
Click here for more details..

Contact Details..
Jaytag Computer Limited
Maddison House, 226 High Street
Croydon, Surrey, CR9 1DF
Phone: 08007879258
Web: https://www.jaytag.co.uk/

Using Ansible to Update MikroTik Routers

Administering a large installed base of MikroTik routers can be difficult. You can use The Dude, but this has not been updated in some time, and MikroTik have not made their long term intentions clear in relation to the continued development of the software.

We use Ansible internally to remotely configure machines, so it seemed a natural choice to update the firmware of the MikroTik routers we have installed.

Firstly, you need to generate an appropriate DSA SSH key. Refer to: MikroTik Wiki for full instructions.

From the source server, test the SSH connection works:
ssh admin-ssh@remoteserver.com

If you do not immediately connect, you may need to add the appropriate identity file to ~/.ssh/config
IdentityFile ~/.ssh/mikrotik_dsa
Click here for more details..

Contact Details..
Jaytag Computer Limited
Maddison House, 226 High Street
Croydon, Surrey, CR9 1DF
Phone: 08007879258
Web: https://www.jaytag.co.uk/

Get an A+ rating with Vesta on SSL Labs

We’ve recently been testing sites with the Qualsys SSL Server Test here: https://www.ssllabs.com/ssltest/index.html
By default, the SSL settings on Vesta are good – but it’s not possible to get an A+ rating without making some changes to the nginx configuration files.
Although SSL Labs do give an indication as to where the SSL rating is low, it’s not very easy to see exactly what needs to be changed with nginx to get the A+ rating. The key things to improve:
Limit the SSL ciphers that can be used
Add HTTP Strict Transport Security with long duration
Enable SSL stapling
Click here for more details..

Contact Details..
Jaytag Computer Limited
Maddison House, 226 High Street
Croydon, Surrey, CR9 1DF
Phone: 08007879258
Web: https://www.jaytag.co.uk/