[clug] IPSec / L2TP as dial-in access for remote netbook

Daniel Pittman daniel at rimspace.net
Wed Aug 19 19:09:17 MDT 2009


Ian McLeod <ianmcleod75 at gmail.com> writes:

> Thanks Daniel - this is the first useful and clear suggestions found thus
> far.
>
> So basically I need to configure a few services on my Ubuntu netbook to
> function as a client back to the modem VPN access point - using IPSec will
> be fine (once I complete the required cryptography degree).

Yes, and yes — IPSec is about as complicated as it is possible to make a
protocol, more or less full-stop.

> Basically I know little about VPN except that my Billion 7404-VGO modem
> supports IPSec, L2TP and PPTP - but it doesn't support my embarrassing lack
> of knowledge.  I thought IPSec could only be used for LAN to LAN (fixed to
> fixed IP) - not dynamic IP (roaming remote access) to fixed access point
> (although I have a home dynamic IP I presume I can set up a DynDNS account).

IPSec is a combination of two protocols: one that ensures the IP packet has
not been modified in flight, and one that encrypts the IP packet.  On top of
that you can do /anything/ at all that you can do with plain IP.

Someone else already pointed out that "Road Warrior" is the stupid term that
became attached to the idea of using a roaming client against an IPSec access
concentrator.

> [...]

> Also - on another note - I have heard of the TOR anonymising proxy - not
> sure if this is worth looking at - seems like an academic proof-of-concept
> more than anything useful - unless one lives in China or North Korea
> perhaps.

It isn't.  Even if you /think/ you have a good reason to use it, you probably
don't, unless indeed you live in a significantly less nice country than
Australia.

> Could be fun to deploy in the sport of scam-baiting though.

...I /so/ wouldn't advise that.

        Daniel


More information about the linux mailing list