Articles by Brian Thompson

You are currently browsing Brian Thompson’s articles.

#9 – Kolsch

December 21, 2014 in Beer Topics, Beers by Brian Thompson | No comments

Beer Name: Change

Style:  Kolsch

Alcohol: 4.5%

Color: 4

This is the second all grain beer that I’ve made.  After the last one blew up in my face, literally, my goal for this beer was to pick a simple recipe and really work on producing the clearest beer that I could.  During our summer trip to Denver I had several good Kolsches and decided that this is what I’d brew.  The brew day went well and the final product is a really nice beer.   Its refreshing to have and there is a good chance I do this one again, but maybe as a 10G batch next time since it goes down pretty easy.

Final Product
Mashing
Settling after boiling
clear transfer to fermentor
super clear
nice head on the beer
the cap
Recipe
Schedule
Yeast Calculations

[Show as slideshow]

My Brew Notes

Recipe Info

 Recipe

Execution Notes

The brew day went pretty well considering that last time I had stuck sparges and all-grain brewing was new.  My mash temps wavered around more than I’d like and will need to refine this.    I tried to use PH strips and iodine to check the mash, but have to say that I have no idea what I saw and will need to work on this more.  I did boil off more than I thought and had to add 2 gallons of water back in.  Though with that the gravity was on target.  Also, my pump broke so chilling took way longer than it should.  My plan to have a coarse bag around the metal screen in the boil kettle  and a fine mesh bag on the output side of the hose really helped me to remove most of the trub prior to going into the fermentor.  I cold crashed twice and used a secondary in addition to Irish moss in the boil and gelatin prior to bottling.  I’m not sure which helped the most, but I have a good beer.

Schedule

 Schedule

Recommendations for next time

  • Try hitting and maintaining the mash temp better
  • Plan for a higher boil off than most other people (try to turn down the burner a bit too)
  • See if I can figure out idodine and PH strips.

Tags: , ,

#11 – The Student (a Pliny the Elder clone) – Planning

December 17, 2014 in Beer Topics, Beers by Brian Thompson | No comments

Inspiration

For beer number #11 I decided that I wanted to see who well I can make a beer.  My last couple of beers have come out good to me, but I have no idea if they came out like they were supposed to.  So for beer #11 I’ve decided I’m going to do a clone recipe and then try to do a side by side comparison to see how I have done.  With that decided, I also want the beer to be ready fairly quick and I’ve been thinking about a hoppy beer since #6 Imperial Red IPA.  So what to pick.  I took a look through the beers that I’ve marked on Untappd for some motivation.  I really liked Shipwrecked by Mission Brewery, but after scouring the internet I couldn’t find any recipes for it and I certainly cannot make up one on my own.  When doing this I ran across several links for Pliny the Elder by Russian River Brewery (RRB).  I’ve had this a couple of times, once at the brewery and another time at Naja’s, and I think I’ll be able to get this again either at the Store or through a visit to Rollie.

Research

Recipe Notes

So after looking at a few pages I’ve discovered that this is going to take a bit of research as there is no definitive recipe.  I’ve done as much research as I can stand and have looked for articles and interviews about Vinnie Cilurozo (RRB owner and PTE recipe inventor) where he might give hints about the recipe.  Secondly, I’ve also looked for others that have cloned this beer and their direct comparisons to the real Pliny the Elder.  Lastly, I’ve taken some notes from those that do a comparison of their clone to their recollection of the Pliny the Elder which in most cases is probably suspect.  There are a ton of posts about that the recipe is great, which I imagine is the case, but I’m looking to hit PTE on the head if I can.

The starting point for the recipe is from an article from Zymurgy by Vinnie  in 2009.  In this article Vinnie gives a recipe for Pliny the Elder.  Apparently there was a typo in the first release that had the amounts sized for 5G instead of 6G, but the attached PDF is the corrected version.  Also on EC Kraus there is a reference to a recipe in Brewing Classic Styles by Jamil Zainasheff that may have had input by Vinnie.  I can see that the OG is much higher, the grain bill and hop schedule are different.  So at this point I think this recipe is not a clone, but rather just a good DIPA.

There is a rather good interview on the Sunday Session by the Brewing Network.  In this I’ve noted (as many others have reported)

  • generic extract is used, no pellets, for the 90 min and 45 min addition
    • The original recipe used a mix of CTZ and Warrior extract, but is now only generic
    • Sometimes they use pellets to dial in the right amount of hops as only whole cans are used.  Thought this didn’t seem significant
  • When Amarillo was added no other hop additions were reduced
  • All hop additions are pellet hops, ie no whole leaf additions
  • Crystal has been reduced.  No indication of how much

There is also a rather lengthy forum on HomeBrewTalk.com that I’ve gotten a few notes from.  #63 by RichBenn says this is pretty spot on, but maybe the comparison wasn’t side by side since the PTE he has is at a bar.  The quote below is one of the few direct comparisons that I’ve come across.

#431 by D-Train I had the opportunity to try my execution of this clone side by side with a bottle of Pliny tonight. Keep in mind that I’m fairly new to brewing and maybe experience would change the results. They were close, but there are a few things I would change next time.

1. Add Amarillo to the dry/late addition hops. The real Pliny was definitely weighted more to the citrus side. The clone had more dank/pine. I’ve read that Pliny now includes Amarillo.
2. Use only 2 hopshots for the first addition. I used 3 hopshots and the clone was more bitter. Earlier I posted that I was using hop extract for the recipe.
3. Make it lighter in color by reducing the crystal and/or boiling for 60 mins instead of 90 and/or increasing the dextrose. I scaled up the recipe and went with 14lb 2row, 0.6lb carapils, 0.6lb crystal, 12 oz dextrose. The clone was more orange and the Pliny more yellow.
4. Switch to RO water and the additions in the chemistry primer on this site. So far I’ve ignored water chemistry in my brews. I have high pH, high alkalinity tap water with chlorine and I think it’s limiting the full potential of my brews.

All said the above differences were not significant. With a few tweaks I don’t think a blind test would pick the real Pliny. Again it could simply be my execution of the recipe. Caveat emptor.

Some thoughts on this.

For #1, a look at the RRB website of Pliny the Elder and as the Sunday session interview notes that Amarillo is now in the recipe which wasn’t in the original.  Since I’m trying to do a taste comparison I’ve added Amarillo where I think it might go.

#2 shows he used hop shots.  In other articles (#85, 5 tips for better IPAs by Vinnie recommends extracts, and oldschool hints that a Sunday Session recording states the real PTE uses extracts too), it is noted that that the 90 and 45min additions of PTE are extract additions, so this is some good information.  Its also worth pointing out that the Vinnie recipe shows the AA values for each hops.  When looking online it seems that the AA levels are a bit higher that noted by Vinnie.  I don’t think I’m going to adjust for this now except for in the extract additions, but it might be something worth tweaking if I do this again.  Now there is the issue of converting the hops to extract amounts.  To do this I partially used two websites.  The first, from brewer’s friend,  I user to convert the hop additions to an IBU calculation.  The second I use to convert the IBU calculation into an extract amount.  The extract calculation uses a utilization faction which is more or less a function of the amount of time the extract is in contact with boiling wort and the amount of wort it can be in contact with.  I’ve noticed that it doesn’t quite account for the volume right, so I’ve looked at the html source to get the calculations and have made the needed adjustments.  The adjustments are slight and probably won’t make a difference in the end, but being an engineer I wanted to see the math done right.  My calculations show that 18.75mL and 4.34mL of extract is needed for the two additions.  From what D-train recommended 2 hop shots instead of 3 (I’ve translated this to be 10mL instead of 15mL) whereas I’m going to be even higher.  I think I’ll stick to my calculations for now and see what I think too, but it is probably that not only has Amarillo been added, but that the extract has gone down too to please more pallets and/or to reduce the cost (though RRB  does seem to make too many recipe decisions on cost).

#3, color, is interesting.   It seems to have been repeated by VTCCbrewer (#295) though one note on this one is that he mentions is volume is slightly low which would affect the color too. bobbrews (#131) has a similar suspicion as I do that perhaps crystal 40 is used rather than crystal 45 and MMjfan (#161) suggests 1/2 the amount crystal 40 at 0.3lbs.  After adjusting the recipe to this the OG sits at 1.071.  When looking at the PTE website is states an OG of 1.070, but if you look back through the web archives it can be seen that this was 1.071 circa 2005 (and 1.073 circa 2004). So I think this is on the right track and I’ll go with it.  Funny thing is that after making the adjustments I come up with a grain bill almost the same as Scott (bertusbrewery.com) on his PTE 3.0 review.  Aside from the fast that his reviews are a recollection of his tasting it at least feels nice that I’ve ended up with what one person thinks is pretty good after adjusting twice.

Water.  As noted in #4 water should be addressed.  My first attempt at water adjustments was on #10 Irish Red.  I didn’t quite have a handle on things then, nor do I really know what I’ve doing now, but I’ve been reading a lot since then and think I can at least do better.  Another HBT forum discusses PTE water which concludes by saq (#5) that the water profile should be:

  •  Calcium (CA) 76
  • Magnesium (MG) 13
  • Sodium (NA) 9
  • Bicarbonate (HCO3) 26
  • Sulfate (SO4) 133
  • Chloride (CL) 56

 Process Notes

per Vinnie’s article.

  • Mash will be at 151 (or the closest I can do this)
  • Stir in the dextrose at the start of the boil
  • ferment at 67
    • last two days drop to 60F to get yeast out then transfer to secondary
      • I won’t keep the yeast, but think I’ll cool to 52 to help clear things up as best as possible prior to mucking things up again with dry hops.
  • dry hop at 68F
  • Vinnie notes that he does a C02 blast every day or so to keep the hops in suspension.  I don’t have C02 for this, but will swirl like paradoc suggests in this post.
  • last 2 days of dry hopping is at cold crash temps
  • purge with CO2 if you have it….I don’t

In a (need to find link) Vinnie notes that PTE takes 21-24 days.   This is up to kegging so for me I need to add 3 days for fining and 3 weeks for bottle conditioning.  My schedule at 25 days, not counting conditioning, is pretty close to Vinnie’s schedule

  • 8 days fermenting
  • 2 days cool crash to 52
  • 7 days first dry hop, 12-5 days
  • 3 days second dry hop
  • 2 days cold crash
  • 3 days gelatin
  • 21 days conditioning

The yeast, Cal Ale WLP001, normally has an attenuation around 76.5% and according to White Labs attenuation ranges from 73-80%.  With the corn sugar, many people have noted that they can get near the a FG of 1.011 which places the attenuation around 85%. to get to 8.0% with the grain bill I’ve selected I’ll need to get 86.1% which seems within reason.

Finally, the name for my clone.  As is pointed out by RRB and many other sources, Pliny the Elder gave the name or at least recorded the name for hops as he was an author of many books.  From Wikipedia, it notes that:

He (Pliny the Elder) published a three-book, six-volume educational manual on rhetoric, entitled Studiosus, “the Student”

Just maybe my blog has enough rhetoric where you think I have the best plan possible to clone Pliny the Elder.

Rhetoric: the art of effective or persuasive speaking or writing, especially the use of figures of speech and other compositional techniques.

With that beer #11 will be called The Student

Links

Here are the list of links I bookmarked while researching this recipe.

 Recipe:  The Student

Ingredients

Grain

  • 13.25 lb Two-Row pale malt
  • 0.3 lb Crystal 40 malt
  • 0.6 lb Carapils (Dextrin) Malt
  • 0.75 lb Dextrose (corn) sugar

Hops

  • 90 min boil
    • 3.5 oz Columbus (US)
    • replaced with 18.75mL of extract
  • 45 min boil
    • 0.75 oz Columbus (US)
    • replaced with 4.34mL of extract
  • 30 min boil
    • 1.0 oz Simcoe (US)
  • 20 min whirlpool
    • 2.5 oz Simcoe (US)
    • 1.0 oz Centennial (US)
  • 12 days Dry Hop
    • 1.0 oz Simcoe (US)
    • 1.0 oz Centennial (US)
    • 1.0 oz Columbus (US)
    • 1.0 oz Amarillo (US)
  • 5 days Dry Hop
    • 0.25 oz Simcoe (US)
    • 0.25 oz Centennial (US)
    • 0.25 oz Columbus (US)
    • 0.25 oz Amarillo (US)
  • *Tomahawk/Zeus can be substituted for Columbus

Yeast

  • White Labs WLP001 California Ale Yeast
    • attenuation at 86.1% due to corn sugar

for 6.0 gallons into primary, Hopefully, net 5 gallons after hop loss

Original Gravity: 1.071
Final Gravity: 1.010
Efficiency: 75 percent
ABV: 8.0%
SRM: 4

Directions (mostly from Vinnie’s article)

  1. Mash grains at 151-152° F (66-67° C) for an hour or until starch conversion is complete.
  2. Mash out at 170° F (77° C) and sparge.
  3. Collect wort, bring to a boil for 90 mins
  4. Stir in dextrose
  5. Add hops as indicated in the recipe.
  6. After a boil and whirlpool, chill wort to 67° F (19° C)
  7. Transfer to fermenter.
  8. Aerate well
  9. Pitch yeast starter
  10. Ferment at 67° F (19° C) until fermentation activity subsides, then rack
    to secondary.
  11. Add first set of dry hops on top of the racked beer and age
  12. Then add the second set and age
  13. Then bottle after adding priming sugar.

 

Tags: , , , ,

Beer 8 – Black Rye IPA

November 15, 2014 in Beer Topics, Beers by Brian Thompson | 1 comment

  • Beer Name: Burnin’ Spades RIPA
  • Style:  Black, Rye, IPA
  • Alcohol: 7.1%
  • Color: unknown

My first venture into all grain brewing has literally blown up in front of me.  So who know how it tastes, but here is what happened.   After coming home from vacation I saw liquid coming from the fermentation chamber.  When I opened the doors about 6 bottle or so had exploded at the bottom.  So I took everything out and cleaned things up, exactly what you want to do after a long travel day.  Just as I was putting the beers back in the fridge, the bottom of a six pack broke open and the bottles dropped maybe a foot.  Well all 6 of those bottles exploded.  Sounded like a bomb went off.  I was lucky no glass hit my face, but my legs and feet were not so lucky and had blood streaming down.  Now I had another mess to clean up.  So while I was cleaning that up 2 more bottles exploded just sitting on the sidewalk.  Awesome, I have bottle bombs.  Not wanting to loose everything. I place the remaining beer bottles in a cooler and inside my fridge.  That night I heads several more explode…sounded like a gun shot.  Hoping to save the beers, I planned to pop the tops on the remaining bottles and then re-cap them.  I put on my bomb squad gear (an old paintball face mask, a thick long sleeve, and some gloves) and reached into the cooler to take the tops off.  The first one gushed everywhere, same with the second, third and so on.  After a bit there was so much foam I was just feeling through the cooler to find unopened bottles.  Well needless to say this was a total loss.  I did try about half a glass full just to see what it was like and it was sweet almost like the raw wort.

So here is what I think happened.  During my last batch of beer my fridge died, so I didn’t really have good fermentation control while this beer was fermenting.  We had really hot days and warm nights.  I think the yeast shutdown due to the high temperatures.  I should have noticed that my final gravity reading was high and done something, but just moved right into bottling.  After I bottled I also replaced the AC unit with a min-fridge coils and was able to set the temp.  I think when I did this the yeast woke up again and started chomping on all the unprocessed sugars, thus creating my bottle bombs.

On the fun side, I got some 3/4″ stickers to make cap labels for my beers.  I got lucky and made labels for my previous beers as I had to move my bottles all around while cleaning.  Making a label is now part of my beer making process.

Total Loss
Bottle Bomb Casualty
First explosions
Exploded 6-pack
Bomb Squad
Welcome home
What I saved
Before the explosions
Labels
Recipe Notes
yeast output actual

[Show as slideshow]

My Brew Notes

Recipe Info

 Recipe Notes

Execution Notes

Tried making a 2L starter in a 2L flask.  Resulted in a boil over.  Separated into two flask for the boil then recombined when they cooled.  Ended up with 1.6L of the 2L.

First time making all grain batch.  MLT filter was too small and got a stuck sparge.  I knew what my number were supposed to be, but wasn’t prepared to be able to measure if I was hitting them or not (ie. depth to volume conversions). Messed around switching in a different filter which caused the temps to go wild.  Through all the hops directly in which wasn’t so bad.  What was bad way the bag I had to catch the gunk at the output end of the hose when transferring to the primary got clogged up and ended up not using it which passed a lot of material in the fermenter.  When transferring to bottling bucket the the filter around the tube also was causing problems so a lot of material ended up in bottles.  Need to do this better next time

Schedule

  • Brew day: 6/13/2014
  • Cold Crash Start: N/A (Broken fermentation chamber)
  • Secondary Fermentation: 7/2/2014
  • Dry Hopping: 7/29/2014
  • Cold Crash 2: N/A
  • Gelatin: N/A
  • Bottling Prep: 8/4/2014
  • Bottling: 8/5/2014

Recommendations for next time

  • Get the filtering down much better
  • Make sure the fermentation chamber is working
  • Know numbers better and know how to take measurements

Tags: , , , , , ,

VPN Server Setup on Ubuntu

September 25, 2014 in Tech Talk & Other Thoughts by Brian Thompson | No comments

Below is an unfinished post as I eventually gave up as I could not get bridging (tap) to work.  Instead I resorted to going back to Windows 7 and discuss it more here

 

My latest adventure in setting up my media server is to get a VPN server going so that I can watch my movies outside of my home network without opening up my dlna ports to the world. After reading about VPN servers it was pretty clear that OpenVPN is the preferred method due to its strength over PPTP and L2TP.  However, with the issues that I ran into with installing and getting OpenVPN up and running it seems the simplicity of PPTP is attractive.  I just have to keep telling myself that this is a one time setup. Once I decided that I’d go with OpenVPN I got swirled around for a while before I discovered the http://openvpn.net/ website hosts the Open Source Project version, called the Community OpenVPN, and a commercial not-free version, called VPN Solution.  Prior to knowing this it seemed the VPN solution was the way to go.  I installed it and was working with the configurations when I noticed that I was only allowed 2 licnesnes and was required to buy more if needed.  From what I say the VPN solution had a nice web interface, but I want to use the Open Source Project version and not me limited to 2 licenses or have to make a purchase.

Installing OpenVPN

At first it seemed that this might be straight forward as there are two applications through quantal universe packages that appeared to do want I wanted: openvpn and network-manager-openvpn.  After installing these with an ‘apt-get install’ I discovered that this is for maintaining the client side of OpenVPN. It turns out that most blogs, forums, how-tos are about setting up the client and very few are about setting up a OpenVPN server (maybe this will help someone in the future) So onto the Community OpenVpn.net site about getting a OpenVPN server up and running.   Well the How-To documentations makes installing OpenVPN to be pretty easy:

  1. Download the tarball
  2. Expand the .tar.gz file:    tar xfz openvpn-[version].tar.gz
  3. cd to the top-level directory
  4. And type:
./configure
make
make install

Getting and opening the tarball is easy, but I ran into several issues with the ./configure First issue was

error: configure: error: ssl is required but missing

After several Google searches I found this forumn post which informed me to run:

apt-get install libcurl4-openssl-dev

 Second issue was

configure: error: lzo enabled but missing

A few more Google searches directed me to the LZO download page, http://www.oberhumer.com/opensource/lzo/download/,  where I downloaded latest version 2.06.  I dide the untar, configure, make, and make istall with no issues.  I don’t know if the original files are needed after the isntall so I moved the untar’d version to /sbin/lzo* just in case. The third issue was

configure: error: libpam required but missing

Again more Google searches which lead me to install a libpam version: apt-get install libpam0g-dev Well after 3 issues the ./configure worked, followed by the make and the make install.

 Installing Easy-RSA

The How-TO documentation then directs me to use the Easy-RSA for creating certificates. This site also has some good directions about using Easy-RSA.   The fun part about this as it doesn’t really go into how to get Easy-RSA.    Easy-RSA is in a git hub, so by following the directions from a nice document I started to installing Git: apt-get install git and then doing the directions for a first time install. Now it is time to get the easy-rsa files.  I went to the /usr/share directory and then typed sudo git clone https://github.com/OpenVPN/easy-rsa.git (Note after doing all of the above, I later realized that the OpenVPN installation placed Easy-RSA in the /usr/share/doc/openvpn/examples folder.)  From reading the configure.ac file it seems that a program called autoconf is needed.  So I setout to get that going with apt-get install autoconf but after more poking around I think everything is ready to go in the easy-rsa/2.0 folder.  At the command prompt I followed the directions and typed:

. ./vars

/usr/share/easy-rsa/easy-rsa/2.0$ . ./vars
NOTE: If you run ./clean-all, I will be doing a rm -rf on /usr/share/easy-rsa/easy-rsa/2.0/keys

./clean-all

/usr/share/easy-rsa/easy-rsa/2.0$ ./clean-all
mkdir: cannot create directory `/usr/share/easy-rsa/easy-rsa/2.0/keys': Permission denied
/usr/share/easy-rsa/easy-rsa/2.0$ sudo ./clean-all
Please source the vars script first (i.e. "source ./vars")

It took me quite some time to figure out why I was running into this error.  I read through the vars and clean-all files and everything seemed good.  In the end the error is a pretty basic one, the permissions were wrong.  When I used the ‘git source’  the folder permissions belonged to root as 755.  With a sudo chmod 777 -R easy-rsa the permissions were fixed and the scripts worked as advertised

Server certificates and keys

./build-ca

./build-key-server server

When you run the build scripts the fields are pre-populated with the information edited from the vars file.  Simply press enter through the prompts.

Client certificates and keys

The directions then go to create client keys with the ./build-key.  I’m a fan of of password protecting the client keys so I used the ./build-key-pass script to create my keys

Other items

I’m not too sure what these do and didn’t spend the time researching it, I simply ran them. I created then Diffie Hellman parameters with:

 ./build-dh 

From the wiki site and the Hardening OpenVPN Security section I created the HMAC  with

openvpn –genkey –secret /keys/ta.key

 Configuring OpenVPN Server

The How-TO directions continue with setting up the configuration files.  The documentation does not provide any directions where all these files should go, but after poking around the openvpn.init file in the sample scripts (/usr/share/doc/openvpn/examples/sample-scripts) the script will look for the configuration files in the /etc/openvpn/ folder. I started with the sample server.conf and made changes as needed.  I changed the following:

  • For the ca, cert, key, and dh lines I added the full path name /etc/openvpn/server_keys/ as recommended in the wiki  . Additionally for these files, I did the following:
    • created a server_keys folder to keep the folders organized.
    • changed the permissions on the files so that they can be moved.moved all the keys, certs, etc files with exception to the client files and the ca.key file to this folder
      • The client files went to another location to be shared as needed
      • The ca.key file went to a different computer as recommended
  • Uncommented the client-t0-client line to allow my VPN clients
  • Uncommented the HMAC line, tls-auth, and changed the path to the server_keys folder
  • Changed the crpytographic cipher to, cipher AES-256-CBC, rather than any of the 3 listed options in the file for stronger security.  I’ve also read that this has little impact to the throughout of the VPN network too.
  • Enabled and changed the max clients to 10.  This is for a small home network and really 10 is too much too.
  • Enabled ‘user nobody’ and ‘group nogroup’ lines.  Note the example file has nogroup rather than nobody as noted in the How-to and wiki for the group option.
  • Enabled log-append.  I don’t expect too many logons so this file shouldn’t grow to a massive size.
  • TODO: write about lof file and other permission erorrs
    • created a log folder and changed the log paths to point to it as I was getting an error

:/usr/sbin$ openvpn –config /etc/openvpn/server.confTue Mar 19 14:02:02 2013 Warning: Error redirecting stdout/stderr to –log file: openvpn.log: Permission denied (errno=13)Options error: –dh fails with ‘/etc/openvpn/server_keys/dh1024.pem’: No such file or directoryOptions error: –ca fails with ‘/etc/openvpn/server_keys2/ca.crt’: No such file or directoryOptions error: –key fails with ‘/etc/openvpn/server_keys/M1730_server.key’: Permission deniedOptions error: –status fails with ‘openvpn-status.log’: Permission deniedOptions error: Please correct these errors.

Next I made copied the client.conf file from the examples and made the changes below.  The wiki seemed pretty clear for this, but once I started into it I realized that the file is specific to each client crt/key combo.  Since I made several client keys during the Easy-RSA section I had to create a client.conf file for each client key combo and then named the file appropriately.

  • created a client_keys folder to keep the folders organized.
    • note the ca.crt and ta.key files are shared and I left them in the server_keys folder
  • update the ‘remote’ line for my specific IP address and ports
  • Enable the user and group lines.  Again the group has the nogroup option rather than the nobody.
  • Enabled the ‘mute-replay-warnings’ as I plan to use the VPN for laptops and my android phone
  • Updated the ca, cert, key, and tls-auth lines to point to the files.  Again I used the full filepath /etc/openvpn/client_keys/ as suggested by the wiki
  • Changed the crpytographic cipher to, cipher AES-256-CBC

 

Other Things

My VPN server is behind a router that uses dd-wrt.  In order to expose the VPN ports to the world I went to the NAT/QoS -> Port Forwards tab and added my VPN server to the list of port forwards.  I also have the VPN server set to have a static IP address which is configured on Services -> Services tab.

 

Running and Troubleshooting

 

ERROR: Cannot ioctl TUNSETIFF tun: Operation not permitted (errno=1)

run to fix permission problem: sudo openvpn –config /etc/openvpn/server.conf

 

OpenVPN on Android

One thing I want to be able to do is get to my home network from my phone, Samsung Note 2, so I used OpenVPN on Android for my VPN client.  The setup is pretty straight foward.  The only catch that I found was that:

  • Select ‘Certificates’ for the type in the ‘Basic tab
  • For each file selected tap on it then tap the ‘select’ button at the bottom
  • For the Encryption cipher I had to use all lower case (my phone capitalized the first character) for ‘aes-256-cbc’.
  • Change the TLS Authentication direction to 1, rather than the default of no direction
Authenticate/Decrypt packet error: packet HMAC authentication failed
Tue Mar 19 15:53:51 2013 us=248361 TLS Error: incoming packet authentication failed from [AF_INET]192.168.1.99:63090

check to see if openvpn is running (change port # as needed)

 

Other links and tools that I was using

#netstat -ltnup | grep 1194

 

samba shares not seen.  Added IP address to interfaces line in /etc/samba/smb.conf file per http://serverfault.com/questions/137933/howto-access-samba-share-over-vpn-tunnel

https://help.ubuntu.com/10.04/serverguide/openvpn.html   OpenVPN for Andriod https://play.google.com/store/apps/details?id=de.blinkt.openvpn&hl=en http://openvpn.net/index.php/open-source/documentation/howto.html#install

 

Bridge setup (Never got this to work)

get the openvpn bridge scripts from the sample-scripts folder

modify the bridge-start script

in the command prompt type ifconfig and get the information of the IP, netmask, and broadcast addresses

change the /etc/interfaces file to add

iptables -A INPUT -i tap0 -j ACCEPT
iptables -A INPUT -i br0 -j ACCEPT
iptables -A FORWARD -i br0 -j ACCEPT

create a symboloc link to creat the bridge at startup before openvpn

/etc/rc0.d$ sudo ln -s /etc/openvpn/bridge-start K79openvpn-bridge

create a symbolic link to remove the bridge at shutdown

/etc/rc6.d$ sudo ln -s /etc/openvpn/bridge-stop K99openvpn-bridge

Tags: , , , , , , , , , ,

Media Center: Giving up on Ubuntu, going to Windows 7

September 23, 2014 in Tech Talk & Other Thoughts by Brian Thompson | No comments

A while back I started converting an older laptop, Dell M1730, and had the best intentions to setup a media center with Ubuntu.  I stumbled into problems right away with the graphics card, but was able to overcome then. At least I thought.  I setup a VNC server, plex, and started into setting up a VPN account.  But no matter how little memory and processor throughput that I used the computer simply could not play a video without skipping.  After a lot of work I discovered that there where issues with the graphics card causing hardware interrupts.  After way too much time, I’ve finally tossed in the towel.

So rather than continue to eat up more time I’ve wiped the computer and loaded Windows 7.   With a fresh install I started updating all the drivers and wham, my pc started going so slow, unusable slow.  Again the culprit was the graphics card, specifically the Aegis physics processor.  Even after an uninstall the computer couldn’t recover.  Fortunately, I was able to revert back to all the defaults.  I also found out that one of my external USB hard drives had failed and was causing windows to lock up.  After some work on that I found out the drive really did fail and fortunately the drive was still under warranty and Seagate replaced it in 4 days.

Now I have a very simple pc setup as a media server with two 3TB external hard drives.  I used Plex to share my videos.  I have UltraVNC Server setup to remote into the laptop when I need to do something as I keep closed up and tucked under the entertainment center.  I use GoodSync to backup from our computers and cell phones to an external drive and mirror the content to the other external drive.  Finally, I have setup SoftEther for a VPN server so that I can get into our home network remotely.  I would have to say this setup was much much easier than Ubuntu and it is working.

 

Tags: , , , , ,

« Older entries § Newer entries »