Actually, I think I just found a solution that I like. All I need to do is add 'cipther none' to both my server and the client routers' OpenVPN configuration. That way I still have excellent NAT transversal capabilities, compression, and signing to prevent Man in the Middle attacks, while not actually encrypting the traffic.
I also like this solution because it's very well support by many hardware venders, and OpenVPN does a great job of handling my routing table.
My only issue is that I was also using this server to encrypt my web browsing...but I'm sure I'll find a solution to that problem.
On Wed, Aug 21, 2013 at 3:05 PM, Brian Rogers n1uro@n1uro.ampr.org wrote:
(Please trim inclusions from previous messages) _______________________________________________ On Wed, 2013-08-21 at 10:21 -0700, Blaine Forbort spake:
But like I said, I need to choose a solution other then OpenVPN for
routing
between my gateway to my nodes to comply with FCC rules, if a node
connects
to the internet via the mesh instead of the WAN port anyway.
You may want to read into dgip. You load the server side, and the clients each request their routing when they become active... similar to dhcp.
I have it available at ftp://n1uro.ampr.org/packet/dgipip_0.1a.orig.tar.gz -- 73 de Brian Rogers - N1URO email: n1uro@n1uro.ampr.org Web: http://www.n1uro.net/ Ampr1: http://n1uro.ampr.org/ Ampr2: http://nos.n1uro.ampr.org Linux Amateur Radio Services axMail-Fax & URONode AmprNet coordinator for: Connecticut, Delaware, Maine, Massachusetts, New Hampshire, Pennsylvania, Rhode Island, and Vermont.