[44net] Re: IPIP Tunnel

You are maybe right if you are doing a large corporation networking vpn system. But we are only linking ham radio devices to a network of ip addresses that are routable to the internet. It is a convenience service not a security service. We don't want to hide from the government or the film industry to share illegal video or software. It would be nice to put things in perspective. Pierre VE2PF Obtenir Outlook pour Android<https://aka.ms/AAb9ysg> ________________________________ From: Nicholas Justin via 44net &lt;44net(a)mailman.ampr.org&gt; Sent: Thursday, February 23, 2023 8:06:00 AM To: KUN LIN &lt;dnwk(a)linkun.info&gt; Cc: Joshua McDonald &lt;josh(a)2cold.net&gt;et>; Mark Phillips &lt;enicomms(a)gmail.com&gt;om>; Kris Kirby &lt;kris(a)catonic.us&gt;us>; ken boyle &lt;ken(a)kc2idb.net&gt;et>; David Harris &lt;KE6GAE(a)hotmail.com&gt;om>; 44net(a)mailman.AMPR.org &lt;44net(a)mailman.ampr.org&gt; Subject: [44net] Re: IPIP Tunnel That guide has a fundamental security flaw. The private key should be only be known by the end-user. This is randomly generated locally. The end-user then tells the "sysop" what their public key is. This is nothing specific to Wireguard, hamnet, etc. It's basic public-private key cryptography. Quote from guide: "Delete the contents of the “Private Key” field and paste the private key from the config file supplied by your local sysop". (WRONG!) On Wed, Feb 22, 2023, 6:42 PM KUN LIN via 44net <44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>> wrote: How did you get the Wireguard VPN account assigned to you? Kun ________________________________ From: Mark Phillips via 44net <44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>> Sent: Monday, February 13, 2023 13:18 To: Joshua McDonald <josh@2cold.net<mailto:josh@2cold.net>> Cc: Kris Kirby <kris@catonic.us<mailto:kris@catonic.us>>; ken boyle <ken@kc2idb.net<mailto:ken@kc2idb.net>>; David Harris <KE6GAE@hotmail.com<mailto:KE6GAE@hotmail.com>>; 44net@mailman.AMPR.org<mailto:44net@mailman.AMPR.org> <44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>> Subject: [44net] Re: IPIP Tunnel I was just going to add Wireguard VPN as a solution for the Cellphone hotspot. Available at 10 Hamgates and many other nodes. Mikrotik V7 OS works well. Go here for a howto http://hamgatepa.ampr.org/docs/Programming%20the%20MikroTik%20hAP%20lite%20… On Mon, Feb 13, 2023 at 12:44 PM Joshua McDonald via 44net <44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>> wrote: On the client side, using Mikrotik can be done with Wireguard if on RouterOS v7. Use an AP as a client to the Cellular Hotspot and build Wireguard tunnel back to “VPN Concentrator” somewhere. Of course would require someone on remote end to have public IP to terminate tunnel and route the 44net subnet allocation. I have done this, but both ends of tunnel and subnet allocation are all in my control. If interested, I can go more in depth. _______________________________________________ 44net mailing list -- 44net@mailman.ampr.org<mailto:44net@mailman.ampr.org> To unsubscribe send an email to 44net-leave@mailman.ampr.org<mailto:44net-leave@mailman.ampr.org> _______________________________________________ 44net mailing list -- 44net@mailman.ampr.org<mailto:44net@mailman.ampr.org> To unsubscribe send an email to 44net-leave@mailman.ampr.org<mailto:44net-leave@mailman.ampr.org>