On Thu, 2 Dec 2021, Kristjan Komlo?i via 44Net wrote:
Considering that hamradio doesn't allow encryption, OpenVPN and Wireguard are off the table. What I think would be cooler is if we tried
Encryption is not allowed _over the air_. There is nothing wrong with running encryption over the public internet or between devices or over a NAT edge. It has to be GRE or another VPN method with the encryption turned off. OpenVPN supports an encryption of "none". Ubiquiti's EdgeOS no longer allows that to be passed to OpenVPN however. It's important to note that turning off encryption opens up the possibility of replay attacks and other misbehavior. Defense in depth should always be part of the implementation. Use in conjuction with firewall rules.
-- Kris Kirby, KE4AHR Disinformation Architect, Systems Mangler, & Network Mismanager