[ale] HomeVPN

mike at trausch.us mike at trausch.us
Wed Nov 14 11:22:53 EST 2012 

On 11/09/2012 10:08 AM, Robert L. Harris wrote:
> Setting up a VPN at home for my laptop and (hopefully) mobile android
> devices.    I've got the first device working (laptop) easily enough. 
> 
> Has anyone else done this?  Anyone up for sharing configs/discussing?
>  There's so much information out there and still a lot of ambiguity.

I've actually just (within the past week) set up two remote networks
with a program called "tinc".  I'm actually really liking it a lot.
It's stupidly simple once you get the hang of the configuration (and its
quirks).  It is intended for more-or-less permanent connections, and it
uses pub/priv RSA keys so that you can easily revoke a system's access
and sever their connection without much in the way of effort.

I'm currently using it to distribute IPv6 networking to some remote
locations and a single road warrior that need to be able to have
coherent access to these networks.

Also, tinc makes it quite easy to do "mesh" networking.  For example:

 - I have a PoP to the Internet here.
 - Site A has a tinc connection to here, with its own IP space.
 - Site B has a tinc connection to here, with its own IP space.
 - Road Warrior C has a tinc connectino to here, with its own IP space.

This is a simple setup, but no meshing.  Everything depends on my
network in this scenario.  But you can actually configure tinc to make
connections between A and B, between C and A, and between C and B.  That
way, routing can stay in-tact even in the failure of one location.
Granted, failure of *my* location still leads to no IPv6-route to the
Internet, but since these aren't really being used for Internet, just
for management, that's more or less a non-concern, at least for the moment.

	--- Mike

-- 
A man who reasons deliberately, manages it better after studying Logic
than he could before, if he is sincere about it and has common sense.
                                   --- Carveth Read, “Logic”

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 726 bytes
Desc: OpenPGP digital signature
URL: <http://mail.ale.org/pipermail/ale/attachments/20121114/c6644373/attachment.sig>

More information about the Ale mailing list