Techkiwi's Blog

The adventures of a technical kiwi



Ipredator OpenVPN Android Setup

I have been tinkering with VPN services provided by (One of The Pirate Bay founders companies) for the past couple of days.

I will be doing a more in depth write up about their services and how I have experienced them in the future (So far I am happy with the service) but this post is just to give others an updated configuration file so that it can be easily used on the Android platform.


After successfully getting the VPN connected with OpenVPN for my LinuxMint machine I moved onto my Android device where I have had quite a few issues.

It appears that the configuration file they are providing does not work correctly with the latest version of OpenVPN for Android (Which is what they recommend).


I have adjusted this configuration file manually by creating a new one and then migrating the lines of code I can see that they have in their configuration file which seems to work perfectly.

The generated config file was used on Android 4.4.2 Kitkat via my new Sony Z2 and successfully opened and held a OpenVPN connection to the Ipredator network.


It appears it is mostly relating to the GUI options that are at the top of the configuration.


So far I am averaging speeds around 2/2mb’s from fibre 100/50 based connections here, the only end point servers are located in Sweeden so this is acceptable at this stage in my opinion.

Configuration Download Link:


*Note* Please use this configuration file at your own risk, it has been tested but checking the settings are correct for security is up to you


SBS 2008 SSTP 619 Error – After SSL Certificate Renewal

Came across an interesting issue today. This was on a SBS 2008 server which has had a 3rd party certificate installed before without any issues.

Renewed the certificate and installed it using the wizards and everything appeared to work fine, except the SSTP VPN connections now rejected Error: 619.

After a bit of head scratching here is the issue and resolution.

Error 619 reports that the certificate hashs do not match (which in this case was the issue).

Step 1: Run “netsh http show ssl” in an administrator command prompt. Check to see if both of the IPV4 :443 hashs are the same listed here. My guess is they will be different (if so follow to the next step)

Step 2: Click Start and type “mmc” and press enter, now click File ->Add/Remote Snapin -> Certificates -> Local Computer and follow the Next buttons. Click Personal -> Certificates and find the new certificate you have just installed. Double click the certificate -> Details -> scroll to the bottom and copy the ThumbPrint. Now take all of the spaces out so it heads something like this “f7a0z0b21773c4a2761f0b34588fafb895245e82”.

Step 3: Run these commands from an elevated command prompt ->

netsh http delete sslcert ipport=

netsh http delete sslcert ipport=[::]:443

reg delete HKLM\SYSTEM\CurrentControlSet\Services\SstpSvc\Parameters /v SHA256CertificateHash /f

netsh http add sslcert ipport= certhash=YourHashFromAbove appid={ba195980-cd49-458b-9e23-c84ee0adcd75} certstorename=MY

netsh http add sslcert ipport=[::]:443 certhash=YourHashFromAbove  appid={ba195980-cd49-458b-9e23-c84ee0adcd75} certstorename=MY

net stop sstpsvc /y

net start remoteaccess

The first three commands remove both of the network bindings and the certificate hash from the registry, the second 2 then add the new hash in for both of the network bindings. The last 2 restart SSTP and remote access services.

Once you have completed the above steps if your issue is that the certificates don’t match then this should resolve your issue.

Windows 8/8.1 .Net Framework Installation Issues

This is widely documented throughout the internet already, yet it still took me hours to get sorted so I thought I would share a few tips.

In my case I could not add .Net 3.5 from Add/Remote features within Windows itself, this failed.

The next step was to try using Dism.exe commands which also failed (This does work, I will explain why it did not work for me)

With my Installation I installed Windows 8 and then proceeded to run the upgrade to 8.1 from the Windows Store.

The installation of .Net 3.5 for Windows 8 & 8.1 are DIFFERENT which is not widely documented.

If you upgrade to 8.1 then you need to enable this feature with Dism.exe from a Windows 8.1 disc, your version 8 disc will not work.
Here is the code to do this: Dism.exe /online /enable-feature /featurename:NetFX3 /All /Source:E:\sources\sxs /LimitAccess

This is where E:\ is your CD Drive.


This code is the same for Windows 8 but you need to use a Windows 8 disc not 8.1

Alternatively I will post links to both the Windows 8 & Windows 8.1 .Net standalone installer, I used these to get .Net installed correctly.

Windows8 32/64bit .Net 3.5 Standalone:

Windows8.1 32/64bit .Net 3.5 Standalone:

Thanks to My Digital life forum for the 8.1 Link (

Mikrotik RouterOS – 6.5 Certificate Import Issue

Have just been working on a couple of New Mikrotik router installations. It would seem RouterOS 6.5 has a bug relating to the importation of SSL certificates.

It is easily fixed with a quick downgrade of RouterOS, install the certificate and then upgrade again.

#1: Download the 6.4 version of RouterOS -> (This is no longer listed on their website but I manipulated the url and it worked for me).


Power PC:



#2: Upload this file under the “Files” tab

#3: Open a new terminal – > /system package downgrade

#4: Import the certificate and install as you please, then upgrade the router back to 6.5 and you will still have the latest version (At the time of writing) installed with the certificate as needed.



Note: This issue seems to be fixed with the release of RouterOS 6.6

Samsung S4 I9505 – Foxhound Rom 2.0 Installation – LTE

I couldn’t find anything amoung the 50 or so pages of XDA-Dev so thought I would share my fix here. I have a NZ new Samsung S4 I9505 which I have just rooted and loaded Foxhound2.0 using the Google Kernal. At first I tried the Faux kernal but the unit seemed to run hot so I swapped back. LTE does work, however you have to flash it twice before you see it as an option (rather odd but consistent with the testing I ran). To turn LTE on after you have flashed twice, Settings -> Mobile Networks -> Network Mode -> LTE/WCDMA/GSM

If you can’t see this option try flashing the Rom again, but that is it. When using the Google kernal I have proper LTE, Blutetooth and everything else encountered has worked.


Tested with New Zealand Vodafone 4G, got a very respectable speed across all tests.

Google Apps Sync – Migrate .PST

A common question I always had with our Google Apps users was, can you shift the .pst storing file from one machine to another say if they got a new machine?

After doing some research I found one person who had tried it so I thought I would give it a go and here are the results and what you need to do to migrate.

On the original machine locate the Google Apps Sync folder and files. C:\Users\%username%\AppData\Local\Google\Google Apps Sync

Here you should see multiple files, you just need to copy the .pst file.

On the new machine, download and setup google apps sync, configure the user and profile and open Outlook.

Once an email arrives shut down Outlook (Don’t leave it syncing!).

Go to: C:\Users\%username%\AppData\Local\Google\Google Apps Sync

It should look something like this (I have made blanks for the users email and username).


Copy the name of the current .pst file in this location and rename the current .pst in this location by adding .old to the end.

Copy over the old .pst file from the old machine and rename it to the name you copied above (effectively replacing it).

This should trick google apps sync into thinking it is the same file.

Now you just need to remove ALL the other files in this location, (not the tracing folder though). There should now be the tracing folder and the renamed .pst file here.

Reopen Outlook, it will rebuild the files you deleted and should then realize the file exists and just make increment changes rather than downloading the entire email file again.

There are a few reasons why you might need to do this, Saving Outlook only data like flags and categories, or purely because the .pst file is very large (In this case I wanted both the file was 18GB!)

Paypal PHP IPN – Action Required before October 7, 2013 Email

Paypal recently sent out an email subject: Action Required before October 7, 2013

This was to instruct all current sellers using their PHP IPN for automatically completing payments that would you need to make changes as they are changing over to HTTP1.1 from HTTP1.0


The PHP code they emailed:

// post back to PayPal system to validate
$header=”POST /cgi-bin/webscr HTTP/1.1\r\n”;
$header .=”Content-Type: application/x-www-form-urlencoded\r\n”;
$header .=”Host:\r\n”;
$header .=”Connection: close\r\n\r\n”;
This is missing Content-Length which is required for HTTP1.1
Here is a modified version of the code which I have tested and does work:
// post back to PayPal system to validate
$header = “POST /cgi-bin/webscr HTTP/1.1\r\n”;
$header .= “Content-Type: application/x-www-form-urlencoded\r\n”;
$header .= “Content-Length: ” . strlen($req) . “\r\n”;
$header .= “Host:\r\n”;
$header .= “Connection: close\r\n\r\n”;


I guess not even one of the web giants double checks all code sent out to millions of customers before clicking send!

Windows 8 SSTP VPN Error 0x800704D4

I received the error 0x800704D4 today when trying to help a client with their SSTP VPN issues.

While there are many causes for this error to occur this was not one of the issues I found listed so I thought I would share it as an option.

This was caused because there were not enough SSTP VPN ports free in routing and remote access.


To Resolve:

On the server (in this case SBS 2008)

Start – > Administration Tools -> Routing and remote access.

Click the + to open the site -> Right click on Ports and select properties

Highlight the Wan Miniport (SSTP) option and click Configure at the bottom -> Add the number of ports you require and click Ok.


Now try connecting the SSTP VPN connection again remotely and hopefully your issue will be resolved.




Windows 8 computer fails to remote desktop using RWW

I had a really interesting error when using Remote Web Workplace (RWW) from a Windows 8 machine back to a SBS2008 server this morning which caused me a few problems.

The error was:

The wizard cannot configure remote desktop connection settings, make sure that the client version of remote desktop protocol (RDP) 6.0 or later is installed on this computer.

The wizard cannot configure remote desktop connection settings, make sure that the client version of remote desktop protocol (RDP) 6.01 or later is installed on this computer.



This is not an error I have seen before, usually RWW is a very stable way for clients to get basic Remote Desktop (RDP) back to their work machines, This issue appears to only be related to Windows 8/IE10.

Here is the work around which has been trialled on multiple machines and works correctly.


Fix Option #1:

Click the compatibility icon and try logging in again



Fix Option #2:

Click on Tools (If tools isn’t appearing, right click on the top banner and select “menu) -> Compatibility View Settings




All the sites name in and click Add



Try logging out of RWW and logging back in, now you should be able to connect to RWW computers correctly from a Windows 8 machine.


Hopefully this will help you solve any issues you encounter using RWW from a 2008/2011 server with Windows 8.


(Screen Shots were taken from MS Technet, all rights reserved)

Create a free website or blog at

Up ↑