[clug] IPSec / L2TP as dial-in access for remote netbook

Ian McLeod ianmcleod75 at gmail.com
Wed Aug 19 17:15:50 MDT 2009 

Thanks Chris - yes road warrior type.  Roaming Netbook -> DynDNS? -> Billion Modem



Chris Zhang wrote:
> Yes, sorry I forgot to cc to the list.
>
> In that case a plain IPSec tunnel is what you need. It's like the road 
> warrior type, similar to an OpenVPN setup? You run your laptop as a 
> IPSec client and your home device as a server.
>
> The article talked about L2TP/IPSec. The purpose of that is to run PPP 
> over L2TP for authentication using user/password. Unless that's what 
> you are after, alternatively isakmpd2 is another way to implement 
> user/pass, and in addition to a preshared key or certificate 
> authentication. But again I don't think you need that for home use.
>
> For your need, since you already connected to Internet, there is no 
> need for a LAC, it's main purpose is to save long distance telephone 
> cost.
>
> Check the RFC on L2TP, it has a nice diagram.
>
> OpenBSD's isakmp is VERY simple by the way.
>
> Chris
>
> On 20/08/2009, at 7:20 AM, Ian McLeod <ianmcleod75 at gmail.com> wrote:
>
>> should this go to the list?
>>
>> Basically I just want to tunnel back through my home network from an 
>> Ubuntu netbook over a public wi-fi or 3G connection - IPSec can do that?
>>
>> Chris Zhang wrote:
>>> How come you need IPSec/L2TP? what other traffic do you intend to 
>>> tunnel inside that L2TP? I think L2TP is only needed if you need IPX 
>>> or Appletalk protocol on your network as well, for plain IP traffic, 
>>> you can use a plain IPSec tunnel.
>>>
>>> Or are you looking at a dial in server that accpets a phone 
>>> connection throught the PSTN cloud? In that case you will need 
>>> IPSec/L2TP I think. But you will also need a L2TP Access 
>>> Concentrator? I would be very interested if this is your setup though.
>>>
>>> Have you had a look at 
>>> http://www.jacco2.dds.nl/networking/freeswan-panther.html ?
>>>
>>> Chris
>>>
>>> On Wed, Aug 19, 2009 at 10:11 PM, Ian McLeod <ianmcleod75 at gmail.com 
>>> <mailto:ianmcleod75 at gmail.com>> wrote:
>>>
>>>    Has anyone figured out the rocket science behind configuring a
>>>    IPSec / L2TP capable router as a 'dial-in' server (remote access -
>>>    not LAN2LAN) for a netbook or laptop (with Ubuntu)?
>>>
>>>    I hear PPTP is easy to set up - but insecure.
>>>
>>>    Basically I have a Billion 7404-VGO-M VPN capable modem with PPTP,
>>>    IPSec and L2TP, and a small netbook running Ubuntu - and not a
>>>    clue how to get VPN working.  I have searched over the Net and
>>>    found instructions resembling Ikea manuals for how to construct a
>>>    kit nuclear reactor - nothing straight forward - if this is 
>>> possible.
>>>    --     linux mailing list
>>>    linux at lists.samba.org <mailto:linux at lists.samba.org>
>>>    https://lists.samba.org/mailman/listinfo/linux
>>>
>>>

More information about the linux mailing list