Create OpenVPN file with L2TP/IPSEC credentials - configuration

I created a VPN from my windows server and I use it with L2TP credentials access (host, preshared key, login and password).
I downloaded a portable format of OpenVPN client for windows to put in USB key. The application can auto start with ovpn file but I don't known how to make this file. After some search I found the official documentation but there is a lot of arguments and I don't know which ones to choose.
https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage
Would someone here have already created a file for L2TP / IPSEC and could share an example?
Thanks

Related

When does the AWS .NET SDK load credential files? Is it on startup or on initializing client or...?

As my title states, we are using the AWS .NET SDK and on our web.config configured a profile that points to a credentials file(see: https://docs.aws.amazon.com/sdk-for-net/v2/developer-guide/net-dg-config-creds.html using credentials file) on the disk(so out of the source code). This seems to work fine but we are rotating these keys every x period so we need to change the keys within the file. My question is does de AWS .NET SDK notice that the file is changed and automatically load the new credentials or when does it actually load? In other words, if we change the credentials in this file do we need to do additional steps for the application to actually use them?
What I tried now is start up the application locally, change the credentials to a faulty one and calls are still going thru without a problem. Next, I stopped my application and rebuilded in with the same file having faulty credentials. After doing this the application is still able to make correct calls so I'm wondering how this works as if it is falling back on credentials that did work. Or maybe I just didn't test right.
We are using .net framework 4.6.2 application using the aws sdk version 3.3
Also what i forgot to mention is that for each request we initialize the client like this:
using (AmazonCognitoIdentityProviderClient client = new AmazonCognitoIdentityProviderClient(regionEndpoint))
Short answer is creating a client like that will cause the credentials to be read from the credentials file when the first client is created.
The longer answer is when you create without credentials the client uses the FallbackCredentialsFactory class to find credentials either through the credentials file or environment like EC2 instance metadata. The FallbackCredentialsFactory has a static instance of Amazon.Runtime.CredentialManagement.CredentialProfileStoreChain which is what gets the credentials for a profile.
If you want to something different you could have your code create an instance of CredentialProfileStoreChain before creating a client and use that to get the credentials and pass those credentials into the client.

Google Compute Engine Client FTP Access

I have a client who's site is hosted on Google Compute Engine. They insist on having FTP access to the site. I am somewhat new to Google Compute Engine. I currently use FTP using Google's instructions. However my client will not know how to install the Google Cloud Console, download and convert the security keys, log in and move any files they upload in their folder using shell.
What I would like to do is install some kind of FTP server (proftpd or similar) install some kind of GUI they can log into to create users in the future and upload files using filezilla. However when I install proftpd on Compute Engine (Debian Wheezy) and I create a user to test before I install a GUI, the server keeps denying access.
Anyone with experience setting up FTP on Compute Engine for a client that can help?
You should be able to set this up, but as far as I remember you need to specifically set up firewall rules to open the FTP port on your instances.

Unable to RDP into windows server on GCE : No remote desktop license servers available

I have windows server machine on GCE.Whenever I try to take remote or RDP into machine it is showing
The remote session was disconnected because there are no Remote Desktop License Servers available to provide a license.
Please contact the server administrator
I have reset the machine but didn't work. The solutions that I got on the net needs access to the machine first, but I am not able to access the machine. Here is a link http://www.dell.com/support/Article/us/en/04/635765/EN to troubleshoot this, but I am not able to access machine as the machine is on google server.
In my case license has been expired. But I was able to take remote in admin mode. Use the command in Run to take remote in admin mode
mstsc /admin
Then I added new license to continue remote service. For more detail on remote desktop licensing check out the link https://technet.microsoft.com/en-us/library/cc732684.aspx
According to this post the solution is to delete the following key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM\GracePeriod
I Followed Sunil Garg's instructions:
mstsc /admin
to remote into the server.
Then I deleted the key. Please note you must run regedit as System user to delete the key. Use the RunAsSystem tool to achieve this
This problem made by some kind of caching of remote desktop licensing in clients you can solve this by remove the bellow key in registry:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSLicensing
It's much easier to make a reg file and run it so .
Make a empty text file
Name it "mypatch.reg" or "mypatch.reg"
Put bellow text in it and save it
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSLicensing]
Run it by dubble click on file!
It should remove the key.

Connecting XAMPP to a domain and adding files

What I need is a web server hosting just for saving large files on it and share it online, so today I downloaded XAMPP Control Panel V3.2.1 as I read on a topic that it can help me.
Actually, I don't have enough knowledge about XAMPP, can I use it to upload files with normal domain(like: www.mydoamin.com/myfile)?, how can I connect the server I build with a domain after purchasing it? and how can I upload files to this domain.
Till now I done all the needed setup, and here's what I get when I start the application:
Also I can use the "MySQL" in the webpage after log-in, and here's how the page looks like:
Is there any recommendation for other application that helps me uploading files to my own domain/server and share it, if this one isn't for these stuff?
XAMPP is software bundle containing cross OS solutions (X) for webserver Apache (A), MySQL database (M), and server-side language PHP (P) and Perl (P).
If you got a domain you need to redirect it to IP on which this XAMPP server works. To do it call/mail your domain registrator (a company that sold you a domain) and ask about it. It involves DNS (Domain Name Server) configuration - ask them how to change DNS to direct it to your XAMPP server.
PS To add files go to htdocs direcotry in your XAMPP instalation or whatever you defined to store files (and websites) and drop your files in there.
As I can see you are not experienced in that kind of things so maybe ask company that sold you a domain name about "shared hosting"? It's preconfigured ready to go server where you send files over FTP

MySQL and data file encryption

Is there a way to encrypt the data file that mysql uses? I have a mysql server on an open machine, and I would like to encrypt the data file so even if someone copies the data files, they cannot read the data.
Thanks
To anyone researching a transparent MySQL encryption solution for Linux, there's a relatively new product on the block that we've been working with:
http://www.gazzang.com/
I am not affiliated with Gazzang... just a happy customer.
I am not sure what do you mean when you say that your machine is open. If people have access to the console, or to your account it is much harder of a task to encrypt the file.
Did you look at Truecrypt? It works for most popular operating systems and allows to create a virtual encrypted partition, lock down a hard drive partition,an external drive or a usb device.
MySQL doesn't support data file encryption natively. There are 3rd products out there such as:
http://www.vormetric.com/products/vormetric_database_encryption_expert.html
There's a 'white paper' on the topic here:
http://www.vormetric.com/documents/FINALPart2DatabaseEncryptionCoreGuardvsColumnLevelWhitePaper7.pdf
To be honest, if the database content has any commercial value or contains personal data about individuals, you should really control who has access to the datafiles (whether encrypted or not). In the UK, leaving such data files open to casual passers-by, would be a data protection no no.
You can use an encrypted filesystem, like the native one for NTFS on Windows or one of the various options for linux. In addition you can store the data encrypted.
If you are using windows EFS and starting MySQL as a service, you will need to do the following:
go to Services and find the MySQL service
stop the service
right-click -> properties -> LogON TAB
check "This account"
fill your windows account name eg. ".\username"
provide your password
start the service
The MySQL service should now start without errors.
To use the windows EFS encryption:
http://windows.microsoft.com/en-us/windows/encrypt-decrypt-folder-file#1TC=windows-7
Read more obout it:
http://www.petri.co.il/how_does_efs_work.htm#
!!! Don't forget to export the certificate !!!
you could encrypt the data within mysql using the built in encryption functionality.
as for the files, any file solution should work fine.