[clug] IPSec / L2TP as dial-in access for remote netbook

Wed Aug 19 16:44:35 MDT 2009

Thanks Daniel - this is the first useful and clear suggestions found 
thus far.

So basically I need to configure a few services on my Ubuntu netbook to 
function as a client back to the modem VPN access point - using IPSec 
will be fine (once I complete the required cryptography degree).

Basically I know little about VPN except that my Billion 7404-VGO modem 
supports IPSec, L2TP and PPTP - but it doesn't support my embarrassing 
lack of knowledge.  I thought IPSec could only be used for LAN to LAN 
(fixed to fixed IP) - not dynamic IP (roaming remote access) to fixed 
access point (although I have a home dynamic IP I presume I can set up a 
DynDNS account).

My wife's Nokia E71 also has an inbuilt VPN client although this looks 
like a whole new level of complexity.

I would like to access some services remotely but also do not wish to 
open my network to the outside world - could be anything from grabbing a 
few files to remotely working on one of my systems - with future 
intention to run some house appliances off it (say set TV recorder or 
check webcams or something).

For now - I just feel more comfortable surfing from behind my modem NAT 
and firewall and on the Internode network - probably just blind brand 
loyalty but I just feel better doing that for some reason.

But especially when we go to Europe mid next year I will need this set 
up so I can do things like banking or pay for accommodation and travel 
while bypassing dodgy European internet cafes, and to check up on the 
house at home through webcams or other monitors from time to time (would 
suck to leave the stove on and not find out until you returned!).

So I don't really care what's used as long as it can tunnel from modem 
to roaming client and offer some level of overall security.

I won't be doing gaming on this though - latency across Zagreb, via 
Canberra, would be hilarious.

Also - on another note - I have heard of the TOR anonymising proxy - not 
sure if this is worth looking at - seems like an academic 
proof-of-concept more than anything useful - unless one lives in China 
or North Korea perhaps.

Could be fun to deploy in the sport of scam-baiting though.

BTW - there's a drink on offer for anyone who can conclusively help me 
set this up.