[Openswan Users] Need a VDSL2 modem known to work with Openswan
thecajun at nmia.com
Sun Feb 24 12:04:12 EST 2013
> Hi Durwin,
> On 13-02-24 11:17 AM, Durwin wrote:
> >>>> You don't want "ipsec passthrough" in most cases. As I said in my previous postings, just like SIP ALG, it is usually completely broken and if you can't disable it, you are quite often screwed. The Zyxels are pretty good - isn't there a newer device in their portfolio that might suit? Netgear is also reasonable if you get the right model. I've heard some good comments about Billion but I've never used one myself. Also look at some of the more expensive routers that specialise in VoIP or security - just google for "Secure Router", "Security Router", etc. Many of them in fact have IPSEC built in, I got this:
> >>> So a modem that does not support ipsec pass through will still work with
> >>> openswan? If so, why do they bother supporting pass through? Without
> >>> pass through is it required to forward ports?
> >> If you're using a *modem* or a router in "modem mode" (many have this) your public IP will be on your OpenSWAN box so no need to bother with port forwarding.
> > The Actiontec C1000A has a transparent mode. It says it passes the
> > responsability of logging in to (in this case the linux machine) another
> > device. Could this be what I could do? If so can you direct me to
> > proceedures for this?
> This looks promising indeed. As Alex said, having the PPPoE (logging in)
> done by your Linux machine would mean it would be "directly" connected
> to the Internet. Since it would hold your public IP, you wouldn't have
> to fight with NAT.
I agree Simon. But I need direction to confiure Linux to take over the
login process. Any help in this area is appreciated. I assume the
Actiontec C1000A Transparent mode is what would get me this ability, bit
what packages do I need and how to configure them on linux.
> Users at lists.openswan.org
> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
> Building and Integrating Virtual Private Networks with Openswan:
Durwin F. De La Rue <thecajun at nmia.com>
reality.sys corrupted. universe halted. reboot (y/n)?
More information about the Users