[clug] IPSec / L2TP as dial-in access for remote netbook

Chris Zhang chris.zhang.syd at gmail.com
Wed Aug 19 16:58:30 MDT 2009 

> Yes, sorry I forgot to cc to the list.
>
> In that case a plain IPSec tunnel is what you need. It's like the  
> road warrior type, similar to an OpenVPN setup? You run your laptop  
> as a IPSec client and your home device as a server.
>
> The article talked about L2TP/IPSec. The purpose of that is to run  
> PPP over L2TP for authentication using user/password. Unless that's  
> what you are after, alternatively isakmpd2 is another way to  
> implement user/pass, and in addition to a preshared key or  
> certificate authentication. But again I don't think you need that  
> for home use.
>
> For your need, since you already connected to Internet, there is no  
> need for a LAC, it's main purpose is to save long distance telephone  
> cost.
>
> Check the RFC on L2TP, it has a nice diagram.
>
> OpenBSD's isakmp is VERY simple by the way.
>
> Chris
>
> On 20/08/2009, at 7:20 AM, Ian McLeod <ianmcleod75 at gmail.com> wrote:
>
>> should this go to the list?
>>
>> Basically I just want to tunnel back through my home network from  
>> an Ubuntu netbook over a public wi-fi or 3G connection - IPSec can  
>> do that?
>>
>> Chris Zhang wrote:
>>> How come you need IPSec/L2TP? what other traffic do you intend to  
>>> tunnel inside that L2TP? I think L2TP is only needed if you need  
>>> IPX or Appletalk protocol on your network as well, for plain IP  
>>> traffic, you can use a plain IPSec tunnel.
>>>
>>> Or are you looking at a dial in server that accpets a phone  
>>> connection throught the PSTN cloud? In that case you will need  
>>> IPSec/L2TP I think. But you will also need a L2TP Access  
>>> Concentrator? I would be very interested if this is your setup  
>>> though.
>>>
>>> Have you had a look at http://www.jacco2.dds.nl/networking/freeswan-panther.html 
>>>  ?
>>>
>>> Chris
>>>
>>> On Wed, Aug 19, 2009 at 10:11 PM, Ian McLeod  
>>> <ianmcleod75 at gmail.com <mailto:ianmcleod75 at gmail.com>> wrote:
>>>
>>>   Has anyone figured out the rocket science behind configuring a
>>>   IPSec / L2TP capable router as a 'dial-in' server (remote access -
>>>   not LAN2LAN) for a netbook or laptop (with Ubuntu)?
>>>
>>>   I hear PPTP is easy to set up - but insecure.
>>>
>>>   Basically I have a Billion 7404-VGO-M VPN capable modem with PPTP,
>>>   IPSec and L2TP, and a small netbook running Ubuntu - and not a
>>>   clue how to get VPN working.  I have searched over the Net and
>>>   found instructions resembling Ikea manuals for how to construct a
>>>   kit nuclear reactor - nothing straight forward - if this is  
>>> possible.
>>>   --     linux mailing list
>>>   linux at lists.samba.org <mailto:linux at lists.samba.org>
>>>   https://lists.samba.org/mailman/listinfo/linux
>>>
>>>

More information about the linux mailing list