Setting up a SoftEther VPN server for personal use

Having your own VPN server can be very useful for watching TV from home while travelling, and plenty of other reasons too. With Microsoft Azure putting servers in London I decided to have a go at building my own automated VPN server so I could learn more about Azure (I work for SwiftKey, now part of Microsoft). My team at work had suggested using SoftEther and I quickly agreed with them after seeing it in use.

I had built SoftEther on other cloud providers but not built it in a way that survived reboots and automatically starting the VPN. As Ubuntu has changed to using systemd in Ubuntu 16.04 I thought I'd give that a go. I've documented what I've done below so I can remember and others might find helpful. I'm assuming basic knowledge of Linux, and also that you can work out how to use Azure or your preferred provider. As a side note I also configured this server while in Windows 10 using the new bash functionality and ssh from there which was pretty cool.

First of all…

Setting up a Raspberry Pi 2 as an Access Point

Recently for work I setup a Raspberry Pi 2 as an Access Point (AP) to compensate for our APs not covering all the gaps and some weird devices that won't connect reliably to our Meraki network (e.g. my Wileyfox Swift). I couldn't find one simple guide that just worked so documenting here in case it's useful. It took a fair bit of playing around to get it working and I altered configuration a few times so tell me if things don't work and I'll try to correct my instructions. I'm assuming that you also have Linux knowledge but do tell me if things are unclear. You don't need to be a Raspberry Pi expert - this was my first project on it.

The simplest way is to buy this Raspberry Pi 2 kit and to add the Raspberry Pi Offical Wi-Fi Dongle. Full disclosure - I will make a (small) amount of money if you buy from those links. You don't have to buy the kit - other Raspberry Pi 2s will work and I'm guessing that the original Raspberry Pi will also work as networ…

My takeaways from Google I/O 2015

Rather than a proper writeup I thought I'd post a few key links of interesting things at Google I/O 2015:

Google allows you to test your apps on virtual and actual devices - Google Cloud Test Lab - link

Android Wear allows gestures and always on apps - link

Google Now able to be surfaced anywhere when holding home button and is aware of context - link, link

Google have more kid content in Google Play - link

Full offline coming to Google Maps (finally) - link

Google Inbox is open to all - including businesses - link

Improvements to Google Play Developer Console - link and allows A/B testing - link

A whole lot of improvements to Chromecast - link

Android M preview available to download now - link, link (also mentions improved Android Studio including NDK - C/C++ development)

Android M supports USB-C (inc charging other devices) and MIDI - link

Android M has better power saving, user selectable permissions and a fingerprint API - link

Android M has better application backups - link


Shellshock / bash vulnerability

There's been a lot written about this already so not going to say too much more but posting so I can keep a collection of links together and point people to it. It does warrant you changing your schedule and go patch things quickly.

The original vulnerability can be found at CVE-2014-6271.

Unfortunately the vulnerability and fix wasn't complete so if you patched you may need to go and patch again. Details of this updated vulnerability can be found at CVE-2014-7169

Here is Ubuntu Linux advisory. You need to be on bash 4.3-7ubuntu1.3 or higher

Here is Amazon Linux advisory. You need to be on bash 4.1.2-15.21 or higher

Here is Red Hat advisory. The version you need depends on your version of RHEL. See more details here.

The link for AWS for what needs doing is here.

Some good discussion on the issue is at

Getting Apple USB Ethernet adapter working with Windows 8.1 (or Windows 10)

At work I'm now alternating between Windows 8.1 on a Dell and an Apple Macbook Air. As part of this I just want to switch one USB cable between machines when I switch, that is connected to a USB hub.

One of the things I've attached to my USB hub is a USB to Ethernet converter. The one I had was a no-name brand one which didn't work by default on Apple. Rather than trying to get it working on Apple (and being unstable from past experience) I just plugged in an Apple USB to Ethernet converter (part A1277). Worked fine on the Mac, no joy on the Dell.

Having a poke around the Dell could see what the hardware was fine, just couldn't find drivers. Now if you Google around you'll quickly see that it is an Asix chipset and people tell you to download their drivers and update drivers. Tried this, didn't work and more Googling said you can shoehorn them in by resigning, altering INF files etc. I've done this before but this just didn't seem right to me consideri…

Google Compute Engine vs AWS

I've had a few people ask me what I think of Google Compute Engine vs AWS.
My take on Google Compute Engine is that it is now a viable alternative to AWS, as is Microsoft Azure for some firms. It is less mature than AWS in many ways and has had a few glitches - like AWS had in it's early days.
Areas that are particularly strong for Google Compute Engine are:
automatic price discounting (sustained use discounts) when machines run for a while (you have to reserve instances with AWS)data querying. You pay for what you use versus AWS Redshift which charge you continuouslyGoogle App Engine can be connected to it and is a true PaaS. I feel AWS Elastic Beanstalk is IaaS shoehorned into PaaS. AWS remains stronger for the maturity, the ecosystem around it and the sheer depth of products Amazon offer.

For me the pain to migrate from AWS to GCE wouldn't be worth any (theoretical) gain right now, especially given it would probably cause a few months delay to business. Google are keen t…

Mobile broadband for home usage in the UK

I've recently moved into our own home (yeah!) but found myself with no timeline yet on when I can get home broadband :-( The situation is that Openreach has an open order on our new phone/ADSL line so can't do anything for quite a few weeks, until then - and that particular order is probably a cancellation!! It is a peculiar situation in that it would have been quicker if the previous owners hadn't done the right thing and then we could have "taken over" the line. No ISP is interested in the line until then even though I can show we legally own the house. So I've decided to document how I kept working and kept our sanity.

Firstly my requirements were that needed a fair bit of bandwidth as we have three heavy Internet users in the house and many devices, and that we don't get hit with massive bills if we go over any cap. I looked at pure pay as you go devices but the cost per GB worked out at about £5 per GB. Nasty! So for the main bandwidth I went with Th…