Linux/BSD VPN software for net-to-net with DynDNS at both ends?
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
Linux/BSD VPN software for net-to-net with DynDNS at both ends?
Hi,
I'm currently living in an apartment away from 'home', but most of my machines are at home. Both ends have residential high-bandwidth connections (Verizon FiOS and OptOnline, respectively) with dynamic IPs. I have IPcop running at both ends at the moment, but have had no success with either the builtin IPsec or the Zerina (OpenVPN) add-on.
I was wondering whether anyone can suggest any router/firewall software (or hardware, though I'd prefer software, since I already have the two boxes) that they *know* will work with dynamic IPs and dynDNS at both ends?
The IP for OptOnline changes quite often, so hard-coding it isn't an option.
Have you personally used m0n0wall in this scenario?
The reason why I ask is that I'm currently using IPcop, and while many people have said that it will work fine, the connection works fine with current IPs specified manually, but won't work with DynDNS FQDNs.
If the FQDN is spoofed, and they managed to get a copy of the certificate that lets them masquerade as that end-point... then I guess I've been compromised.
I'm on dynamic IP, so I can't rely on an IP either. The only real way to provide security against spoofing, and maybe handle the whole IP/DNS issue, is to have each end-point run a script, triggered by a WAN IP change, that SSH's into the other end-point and calls a script with the new IP, which in turn stops the VPN, updates the IP in the config file, and then restarts the VPN. Sounds like a lot of logic for something if there may already be a solution out there.
I don't know if you saw that "M0n0wall IPSEC VPN Auto Updater
can let you setup an IPSEC tunnel between a static-dynamic or dynamic-dynamic ip address."
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
