[clug] IPSec / L2TP as dial-in access for remote netbook

[Francis Markham]

Hi Ian,

I've not much experience with IPSec, but I would second Daniel's
suggestion to use openVPN instead.  Because it operates at the
application layer, you don't need to do as much configuration of
routers, don't need to worry about hardware compatibility, etc. so it
is much easier to use.

Cheers,

Francis

2009/8/20 Ian McLeod <ianmcleod75 at gmail.com>:
> Thanks Daniel - this is the first useful and clear suggestions found thus
> far.
>
> So basically I need to configure a few services on my Ubuntu netbook to
> function as a client back to the modem VPN access point - using IPSec will
> be fine (once I complete the required cryptography degree).
>
> Basically I know little about VPN except that my Billion 7404-VGO modem
> supports IPSec, L2TP and PPTP - but it doesn't support my embarrassing lack
> of knowledge.  I thought IPSec could only be used for LAN to LAN (fixed to
> fixed IP) - not dynamic IP (roaming remote access) to fixed access point
> (although I have a home dynamic IP I presume I can set up a DynDNS account).
>
> My wife's Nokia E71 also has an inbuilt VPN client although this looks like
> a whole new level of complexity.
>
> I would like to access some services remotely but also do not wish to open
> my network to the outside world - could be anything from grabbing a few
> files to remotely working on one of my systems - with future intention to
> run some house appliances off it (say set TV recorder or check webcams or
> something).
>
> For now - I just feel more comfortable surfing from behind my modem NAT and
> firewall and on the Internode network - probably just blind brand loyalty
> but I just feel better doing that for some reason.
>
> But especially when we go to Europe mid next year I will need this set up so
> I can do things like banking or pay for accommodation and travel while
> bypassing dodgy European internet cafes, and to check up on the house at
> home through webcams or other monitors from time to time (would suck to
> leave the stove on and not find out until you returned!).
>
> So I don't really care what's used as long as it can tunnel from modem to
> roaming client and offer some level of overall security.
>
> I won't be doing gaming on this though - latency across Zagreb, via
> Canberra, would be hilarious.
>
> Also - on another note - I have heard of the TOR anonymising proxy - not
> sure if this is worth looking at - seems like an academic proof-of-concept
> more than anything useful - unless one lives in China or North Korea
> perhaps.
>
> Could be fun to deploy in the sport of scam-baiting though.
>
> BTW - there's a drink on offer for anyone who can conclusively help me set
> this up.
> --
> linux mailing list
> linux at lists.samba.org
> https://lists.samba.org/mailman/listinfo/linux
>