Re: [Dorset] VPN Options

2020-06-08 Thread Ralph Corderoy 
Hi Terry,

> a user popped up and recommended PiStrong.  (He probably would, he
> wrote it.  :-)  )  Does anyone know anything about this?  The links
> are here:
>
> https://www.raspberrypi.org/forums/viewtopic.php?f=66=276458=1675122#p1675110

It's an installer for strongSwan, which is a good program if it meets
your needs regarding platforms.  https://www.strongswan.org/about.html
https://en.wikipedia.org/wiki/Strongswan

You've the author willing to help; I'd give it a go.

-- 
Cheers, Ralph.

-- 
  Next meeting: Online, Jitsi, Tuesday, 2020-07-07 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] VPN Options

2020-06-08 Thread Keith Edmunds 
On Mon, 08 Jun 2020 12:51:43 +0100, d-...@hadrian-way.co.uk said:

> I've not been able to find any Tutorials (or indeed any mention of the
> tool, apart from in his links)

That's sufficient reason to keep looking.

> Alternatively, does anyone else have any information about other VPN
> Servers that will install on a Pi (and also be easy to set up,
> especially the clients)?

I still believe OpenVPN fits the bill.
-- 
Linux Tips: https://www.tiger-computing.co.uk/category/techtips/

-- 
  Next meeting: Online, Jitsi, Tuesday, 2020-07-07 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] VPN

2019-01-24 Thread Ian Morris 
I use strongswan on my phone and on a "server" at home to which said 
phone connects to save me from the perils other peoples wifi. took a 
little bit of setting up (problems with getting let's encrypt certs 
working at first) but seems to work fairly well now.



On 24/01/2019 15:52, Ralph Corderoy wrote:

Hi,

On the general topic of VPN software, rather than using a third-party
service, I've found these two projects interesting in the past.

https://www.strongswan.org/

‘runs on Linux 2.6, 3.x and 4.x kernels, Android, FreeBSD, OS X, iOS
 and Windows’

‘The focus of strongSwan is on
 simplicity of configuration
 strong encryption and authentication methods
 powerful IPsec policies supporting large and complex VPN
 networks
 modular design with great expandability’

‘The maintainer of the strongSwan project is Andreas Steffen, who is
 a professor for security in communications and head of the Institute
 for Networked Solutions at the University of Applied Sciences
 Rapperswil in Switzerland’

http://software.schmorp.de/pkg/gvpe.html

‘GVPE creates a virtual ethernet network with multiple nodes using a
 variety of transport protocols. Participating nodes do not need to
 trust each other.’

‘Unlike other virtual private "network" solutions which merely create
 a single tunnel, GVPE creates a real network with multiple
 endpoints.’

Cheers, Ralph.

--
   Next meeting: BEC, Bournemouth, Tuesday, 2019-02-05 20:00
   Check to whom you are replying
   Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
   New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk


--
 Next meeting: BEC, Bournemouth, Tuesday, 2019-02-05 20:00
 Check to whom you are replying
 Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
 New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] VPN

2019-01-24 Thread Stephen Wolff 
Hi,

> On the general topic of VPN software, rather than using a third-party
> service, I've found these two projects interesting in the past.
> 
> https://www.strongswan.org/
> 
>   ‘runs on Linux 2.6, 3.x and 4.x kernels, Android, FreeBSD, OS X, iOS
>and Windows’

There’s also

 - https://www.openswan.org/ 

I seem to remember being advised to use it by a chap at GPS (who provide global 
credit card processing services).

--
  Next meeting: BEC, Bournemouth, Tuesday, 2019-02-05 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] VPN

2019-01-24 Thread Ralph Corderoy 
Hi,

On the general topic of VPN software, rather than using a third-party
service, I've found these two projects interesting in the past.

https://www.strongswan.org/

   ‘runs on Linux 2.6, 3.x and 4.x kernels, Android, FreeBSD, OS X, iOS
and Windows’

   ‘The focus of strongSwan is on
simplicity of configuration
strong encryption and authentication methods
powerful IPsec policies supporting large and complex VPN
networks
modular design with great expandability’

   ‘The maintainer of the strongSwan project is Andreas Steffen, who is
a professor for security in communications and head of the Institute
for Networked Solutions at the University of Applied Sciences
Rapperswil in Switzerland’

http://software.schmorp.de/pkg/gvpe.html

   ‘GVPE creates a virtual ethernet network with multiple nodes using a
variety of transport protocols. Participating nodes do not need to
trust each other.’

   ‘Unlike other virtual private "network" solutions which merely create
a single tunnel, GVPE creates a real network with multiple
endpoints.’

Cheers, Ralph.

--
  Next meeting: BEC, Bournemouth, Tuesday, 2019-02-05 20:00
  Check to whom you are replying
  Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
  New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk

Re: [Dorset] VPN

2019-01-14 Thread aidangcole--- via dorset 


You'll have a ton of choices available when looking for vpn services and 
vpn clients.


Companies like Nord et-al are generally very good if what you want is a 
wide range of available servers, and in many cases good support and 
knowledgebases for Linux and other clients.
Some log their user's use, some do not. Some operate serious encryption, 
some do not.
In all cases there is a performance penalty to pay. Typically that is 
variable depending upon the workload placed upon their servers. (ie when 
English Premier League football games are played most company's servers 
get rather busy...).


Alternatively, roll your own - Many people who have some vps space 
available (on say Digitalocean, Vultr, Bitfolk etc etc etc) will put a 
vpn server on that as a way of getting a bigger-bang for their buck, and 
that often mitigates the vast majority of any performance penalty one 
might find on commercial services. Those are very easy to install and 
run/maintain and are often cheaper than paying for a commercial 
solution. That said, it will be fixed to one location, so if you have a 
need to "move around the world" allot, then that is not always the best 
answer.


At the client end of things on Linux, the Open VPN client is available 
in pretty much all of the repositories and is very easy and clean to 
use. (yes it can be turned on and off at will). There are Open VPN 
clients for just about all platforms as well. It is also possible to 
install a vpn client on some routers and access-point appliances as well 
(ie ones that are not the typical crop of ISP supplied junk appliances, 
but ones with a decent hardware spec running Netgear-WRT, DD-WRT, 
Asus-WRT, Merlin etc etc).


Personally, I use a mix of things. I travel a hell of allot in both my 
personal and work lives. I have a couple of my own cloud servers 
available for my own use based here in the UK. The primary use of those 
servers is not for vpn purposes really but I just add the open-vpn 
server to it as I am paying for it anyway, I might as well get my 
money's worth. (each of those servers costs me a flat $5usd per month 
whether I use them or not).


For a commercial provider I have used for many years now the vpnarea 
service as well which is a commercial service based in Switzerland with 
many vpn servers located around the world. Tons of choice, very good 
support for just about all devices and platforms and I think quite good 
value at $59usd per year (for my use case anyway). Am happy to recommend 
them to anyone with similar requirements.


I guess that it all really boils down to what it is that you feel that 
you want/need from a vpn service. Many people (to some degree true of 
myself) just want to be a bit bloody-minded and want to make it harder 
for the authorities and their ISP's to censor and block them and 
otherwise interfere. Others just want to watch a game of football on a 
saturday afternoon at a reasonable price. (thankfully, they don't 
censor/block the cricket (yet)). Others just want a bit of belt and 
braces security that always on encryption brings them and their 
families. There will be other motives I am sure. - - - to each their own 
I guess, but it's all pretty easy straight forward stuff to implement.




On 14/01/2019 17:35, greg oconnell via dorset wrote:

I am thinking about installing VPN software.
Does anybody have experience of using it? Any pros and cons?
Is any particular one recommended? I remember a magazine praising Nord and they 
seem to be advertising at the moment.

I suspect it introduces some delay. I only want it for transactions with financial 
institutions and possibly playing content that is UK blocked, so can it be "turned 
off and on" at will? Greg
--
   Next meeting: BEC, Bournemouth, Tuesday, 2019-02-05 20:00
   Check to whom you are replying
   Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
   New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk


--
 Next meeting: BEC, Bournemouth, Tuesday, 2019-02-05 20:00
 Check to whom you are replying
 Meetings, mailing list, IRC, ...  http://dorset.lug.org.uk/
 New thread, don't hijack:  mailto:dorset@mailman.lug.org.uk