30 Dec
2020
30 Dec
'20
7:07 a.m.
I think Rob, PE1CHL, had some approach to offer 44net
VPN access using
LOTW certificate for authentication if I remember correctly... Maybe he
could tell us more on how people where attracted to it.
No, that is not me. I think it is a Finnish ham who is doing that.
Over here we have OpenVPN access with locally issued certificates, not connected to
any officially trusted source. When a Dutch amateur wants to use OpenVPN, they request
a certificate (usually via me) and there is a script which generates a certificate
for the requested callsign and makes an OpenVPN config file containing the correct
parameters, the user certificate, and the CA certificate.
When the user uses this to connect to the OpenVPN server, their IP address is retrieved
from DNS (based on the certificate name which is their callsign), so they get their
fixed IP address. A route is distributed via BGP to route the traffic to their
OpenVPN connection from anywhere within the network, as long as the connection is up.
While such a system could be used to "give all amateurs their own fixed IP
address"
(either via this locally issued certificate or with something like LOTW) I agree that
there is little point in doing that "to make use of our IP space". Such a bank
of
allocated but rarely ever used addresses should not be considered "used" just
for
sake of "use it or lose it".
Rob