Tuesday Dec 18, 2007

Installed punchin on my Mac

Today I went to the installfest at MPK17, and under Dan McDonald's guidance, successfully installed punchin on my Powerbook running OS X 10.4.11. It took less time—about 20 minutes—than I expected, even though we had to re-install the client after realizing what I had the first time wasn't the latest version (Punchin 2.1.0 for OS X).

Punchin is a secure remote access solution at Sun that is currently used by over 1,000 employees. Unlike Cisco's VPN client, punchin uses the native TCP/IP stack with IPsec and IKE on a platform, so there's no need for third-party kernel extension, which leads to better stability.

These are the commands I learned (punchctl is found under /usr/local/bin so make sure it's in $PATH):

~$ punchctl configure (gathers preferences and generates keys)
~$ punchctl start
~$ punchctl stop
~$ punchctl cleanup_local (is like stop but doesn't talk to the remote gateway)

The only difference I've noticed is that punchin connection persists (or perhaps re-establishes is the more correct term) when the laptop awakes from sleep. Per Dan, the maximum idle timeout is four hours. This is a time-saver for me as I often close the lid on my laptop before carrying it to another part of the house, only to realize upon wake up that VPN got disconnected, and have to make another trip to get my token card.

On the flip side, establishing punchin connection takes noticeably longer (3-4 times that of Cisco's solution). According to others, it's faster once the tunnel is up, but I haven't noticed any significant difference in speed myself.

Punchin is available on Solaris, Mac OS X and Linux.

[UPDATE Dec 19, 2007] The slower startup is due to quirks in IPsec on Mac OS X.

Posted on Dec 18, 2007 | Permalink | Comments (1) | Tags:

Tuesday Nov 20, 2007

Finally, no more Gmail blank page

For months, I couldn't use Gmail on my PowerBook. Instead of my INBOX, a blank page would load in Firefox 2 and Safari 2. Clearing cache and related cookies made no difference. Here's what it looked like:

My workaround had been to use a second computer but it's inconvenient. Then Gmail IMAP came along and at least I could use Mail.app. But Gmail IMAP hasn't been very reliable so it would be nice to be able to use the web version from time to time.

Then when Gmail 2.0 came out, the blank page problem was gone from Firefox, but Safari still showed constant "Loading...".

Today, I installed the OS X 10.4.11 update, which includes Safari 3, and now it's usable with Gmail again.

Posted on Nov 20, 2007 | Permalink | Comments (2) | Tags:

Wednesday Oct 31, 2007

Debugging OS X Mail.app

Below are some commands to capture Mail.app sessions.

In Jaguar the session is recorded in /var/tmp/console.log
In Panther the session is recorded in /Library/Logs/Console/<username>/console.log
In Tiger the session is recorded in /Library/Logs/Console/<username>/console.log

/usr/bin/defaults write com.apple.mail LogActivityOnPort 25
/usr/bin/defaults write com.apple.mail LogActivityOnPort 143
/usr/bin/defaults write com.apple.mail LogActivityOnPort "25,143"

And to disable the logging use this command:

/usr/bin/defaults remove com.apple.mail LogActivityOnPort

Alternately, launch Mail.app in debug mode and send errors to a log file:

/Applications/Mail.app/Contents/MacOS/Mail -LogSocketErrors YES -LogActivityOnHost your.mail.server -LogActivityOnPort 143 &> ~/Desktop/ConnectionLog.txt
Sources http://lists.balius.com/pipermail/mac-users/2005-December/000043.html and
http://developer.apple.com/bugreporter/bugbestpractices.html#Mail

[UPDATE Nov 21, 2007] More debugging options listed on: http://www.macosxhints.com/article.php?story=2004101603285984

Posted on Oct 31, 2007 | Permalink | Comments (1) | Tags:

This blog copyright 2008 by chienr