[clug] IPSec / L2TP as dial-in access for remote netbook
Daniel Pittman
daniel at rimspace.net
Wed Aug 19 19:09:17 MDT 2009
Ian McLeod <ianmcleod75 at gmail.com> writes:
> Thanks Daniel - this is the first useful and clear suggestions found thus
> far.
>
> So basically I need to configure a few services on my Ubuntu netbook to
> function as a client back to the modem VPN access point - using IPSec will
> be fine (once I complete the required cryptography degree).
Yes, and yes — IPSec is about as complicated as it is possible to make a
protocol, more or less full-stop.
> Basically I know little about VPN except that my Billion 7404-VGO modem
> supports IPSec, L2TP and PPTP - but it doesn't support my embarrassing lack
> of knowledge. I thought IPSec could only be used for LAN to LAN (fixed to
> fixed IP) - not dynamic IP (roaming remote access) to fixed access point
> (although I have a home dynamic IP I presume I can set up a DynDNS account).
IPSec is a combination of two protocols: one that ensures the IP packet has
not been modified in flight, and one that encrypts the IP packet. On top of
that you can do /anything/ at all that you can do with plain IP.
Someone else already pointed out that "Road Warrior" is the stupid term that
became attached to the idea of using a roaming client against an IPSec access
concentrator.
> [...]
> Also - on another note - I have heard of the TOR anonymising proxy - not
> sure if this is worth looking at - seems like an academic proof-of-concept
> more than anything useful - unless one lives in China or North Korea
> perhaps.
It isn't. Even if you /think/ you have a good reason to use it, you probably
don't, unless indeed you live in a significantly less nice country than
Australia.
> Could be fun to deploy in the sport of scam-baiting though.
...I /so/ wouldn't advise that.
Daniel
More information about the linux
mailing list