9 Feb
2023
9 Feb
'23
3:44 a.m.
I am looking for some directions on setting this up with a cellular Hotspot modem.
I am trying to get this to work with a DStar gateway. I have looked at the wiki for the
setting up the MikroTik route
Sincerely
David Harris
KE6GAE
Sent from my Galaxy
9 Feb
9 Feb
4:18 a.m.
I don't think this is possible with a hotspot from a cellular connection.
You are behind a nat on cellular, which shares one public IP with many and doesn't
allow routable ports/protocols.
The only solution would be to get a public IP address from a home connection or a vps, and
setup a VPN to access it from remote.
I could be wrong, but that is my understanding at this point.
Ken
KC2IDB
Get Outlook for Android<https://aka.ms/AAb9ysg>
________________________________
From: David Harris via 44net <44net(a)mailman.ampr.org>
Sent: Wednesday, February 8, 2023 10:44:00 PM
To: 44net(a)mailman.AMPR.org <44net(a)mailman.AMPR.org>
Subject: [44net] IPIP Tunnel
I am looking for some directions on setting this up with a cellular Hotspot modem.
I am trying to get this to work with a DStar gateway. I have looked at the wiki for the
setting up the MikroTik route
Sincerely
David Harris
KE6GAE
Sent from my Galaxy
13 Feb
13 Feb
5:21 p.m.
I don't think this is possible with a hotspot from
a cellular
connection.
You are behind a nat on cellular, which shares one public IP with many
and doesn't allow routable ports/protocols.
The only solution would be to get a public IP address from a home
connection or a vps, and setup a VPN to access it from remote.
I could be wrong, but that is my understanding at this point.
Not only that, but some VPSs do not allow loading the IPIP module, which
means that a full KVM virtualized private server is the only solution
short of setting up a VPS to announce a /24 via BGP.
--
Kris Kirby, KE4AHR
Disinformation Architect, Systems Mangler, & Network Mismanager
5:41 p.m.
While it is not a panacea, the still developing HamGate project could help.
Go to http://hamgate.ampr.org and make sure to click the docs link. There
are operating HamGates in ME, MA, RI, CT, NY, NJ & PA. There is movement
for one in MD and possibly OH. This was all borne out of the frustration
of 44net allocation holders with IPIP issues or those behind NAT situations.
On 2/13/2023 12:21 PM, Kris Kirby via 44net wrote:
I don't
think this is possible with a hotspot from a cellular
connection.
You are behind a nat on cellular, which shares one public IP with many
and doesn't allow routable ports/protocols.
The only solution would be to get a public IP address from a home
connection or a vps, and setup a VPN to access it from remote.
I could be wrong, but that is my understanding at this point.
Not only that, but
some VPSs do not allow loading the IPIP module, which
means that a full KVM virtualized private server is the only solution
short of setting up a VPS to announce a /24 via BGP.
--
Kris Kirby, KE4AHR
Disinformation Architect, Systems Mangler, & Network Mismanager 
5:44 p.m.
On the client side, using Mikrotik can be done with Wireguard if on RouterOS v7. Use an
AP as a client to the Cellular Hotspot and build Wireguard tunnel back to “VPN
Concentrator” somewhere.
Of course would require someone on remote end to have public IP to terminate tunnel and
route the 44net subnet allocation.
I have done this, but both ends of tunnel and subnet allocation are all in my control. If
interested, I can go more in depth.
On Feb 13, 2023, at 12:21 PM, Kris Kirby via 44net
<44net(a)mailman.ampr.org> wrote:
I don't think this is possible with a hotspot
from a cellular
connection.
You are behind a nat on cellular, which shares one public IP with many
and doesn't allow routable ports/protocols.
The only solution would be to get a public IP address from a home
connection or a vps, and setup a VPN to access it from remote.
I could be wrong, but that is my understanding at this point.
Not only that, but some VPSs do not allow loading the IPIP module, which
means that a full KVM virtualized private server is the only solution
short of setting up a VPS to announce a /24 via BGP.
--
Kris Kirby, KE4AHR
Disinformation Architect, Systems Mangler, & Network
Mismanager_______________________________________________
44net mailing list -- 44net(a)mailman.ampr.org
To unsubscribe send an email to 44net-leave(a)mailman.ampr.org 
9:18 p.m.
I was just going to add Wireguard VPN as a solution for the Cellphone
hotspot.
Available at 10 Hamgates and many other nodes. Mikrotik V7 OS works well.
Go here for a howto
http://hamgatepa.ampr.org/docs/Programming%20the%20MikroTik%20hAP%20lite%20…
On Mon, Feb 13, 2023 at 12:44 PM Joshua McDonald via 44net <
44net(a)mailman.ampr.org> wrote:
On the client side, using Mikrotik can be done with
Wireguard if on
RouterOS v7. Use an AP as a client to the Cellular Hotspot and build
Wireguard tunnel back to “VPN Concentrator” somewhere.
Of course would require someone on remote end to have public IP to
terminate tunnel and route the 44net subnet allocation.
I have done this, but both ends of tunnel and subnet allocation are all in
my control. If interested, I can go more in depth.
Mismanager_______________________________________________
On Feb 13, 2023, at 12:21 PM, Kris Kirby via
44net <
44net(a)mailman.ampr.org> wrote:
I don't think this is possible with a hotspot
from a cellular
connection.
You are behind a nat on cellular, which shares one public IP with many
and doesn't allow routable ports/protocols.
The only solution would be to get a public IP address from a home
connection or a vps, and setup a VPN to access it from remote.
I could be wrong, but that is my understanding at this point.
Not only that, but some VPSs do not allow loading the IPIP module, which
means that a full KVM virtualized private server is the only solution
short of setting up a VPS to announce a /24 via BGP.
--
Kris Kirby, KE4AHR
Disinformation Architect, Systems Mangler, & Network 44net mailing list -- 44net(a)mailman.ampr.org
To unsubscribe send an email to 44net-leave(a)mailman.ampr.org
_______________________________________________
44net mailing list -- 44net(a)mailman.ampr.org
To unsubscribe send an email to 44net-leave(a)mailman.ampr.org
14 Feb
14 Feb
5:05 p.m.
I've done this for myself, with my BGP block. This way I have multiple clients in
different locations all able to use the block via wireguard.
Get Outlook for Android<https://aka.ms/AAb9ysg>
________________________________
From: Mark Phillips <enicomms(a)gmail.com>
Sent: Monday, February 13, 2023 4:18:57 PM
To: Joshua McDonald <josh(a)2cold.net>
Cc: Kris Kirby <kris(a)catonic.us>us>; ken boyle <ken(a)kc2idb.net>et>; David Harris
<KE6GAE(a)hotmail.com>om>; 44net(a)mailman.AMPR.org <44net(a)mailman.ampr.org>
Subject: Re: [44net] Re: IPIP Tunnel
I was just going to add Wireguard VPN as a solution for the Cellphone hotspot.
Available at 10 Hamgates and many other nodes. Mikrotik V7 OS works well. Go here for a
howto
http://hamgatepa.ampr.org/docs/Programming%20the%20MikroTik%20hAP%20lite%20…
On Mon, Feb 13, 2023 at 12:44 PM Joshua McDonald via 44net
<44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>> wrote:
On the client side, using Mikrotik can be done with Wireguard if on RouterOS v7. Use an
AP as a client to the Cellular Hotspot and build Wireguard tunnel back to “VPN
Concentrator” somewhere.
Of course would require someone on remote end to have public IP to terminate tunnel and
route the 44net subnet allocation.
I have done this, but both ends of tunnel and subnet allocation are all in my control. If
interested, I can go more in depth.
On Feb 13, 2023, at 12:21 PM, Kris Kirby via 44net
<44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>> wrote:
_______________________________________________
44net mailing list -- 44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>
To unsubscribe send an email to
44net-leave@mailman.ampr.org<mailto:44net-leave@mailman.ampr.org>
I don't think this is possible with a hotspot
from a cellular
connection.
You are behind a nat on cellular, which shares one public IP with many
and doesn't allow routable ports/protocols.
The only solution would be to get a public IP address from a home
connection or a vps, and setup a VPN to access it from remote.
I could be wrong, but that is my understanding at this point.
Not only that, but some VPSs do not allow loading the IPIP module, which
means that a full KVM virtualized private server is the only solution
short of setting up a VPS to announce a /24 via BGP.
--
Kris Kirby, KE4AHR
Disinformation Architect, Systems Mangler, & Network
Mismanager_______________________________________________
44net mailing list -- 44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>
To unsubscribe send an email to
44net-leave@mailman.ampr.org<mailto:44net-leave@mailman.ampr.org> 
22 Feb
22 Feb
11:42 p.m.
How did you get the Wireguard VPN account assigned to you?
Kun
________________________________
From: Mark Phillips via 44net <44net(a)mailman.ampr.org>
Sent: Monday, February 13, 2023 13:18
To: Joshua McDonald <josh(a)2cold.net>
Cc: Kris Kirby <kris(a)catonic.us>us>; ken boyle <ken(a)kc2idb.net>et>; David Harris
<KE6GAE(a)hotmail.com>om>; 44net(a)mailman.AMPR.org <44net(a)mailman.ampr.org>
Subject: [44net] Re: IPIP Tunnel
I was just going to add Wireguard VPN as a solution for the Cellphone hotspot.
Available at 10 Hamgates and many other nodes. Mikrotik V7 OS works well. Go here for a
howto
http://hamgatepa.ampr.org/docs/Programming%20the%20MikroTik%20hAP%20lite%20…
On Mon, Feb 13, 2023 at 12:44 PM Joshua McDonald via 44net
<44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>> wrote:
On the client side, using Mikrotik can be done with Wireguard if on RouterOS v7. Use an
AP as a client to the Cellular Hotspot and build Wireguard tunnel back to “VPN
Concentrator” somewhere.
Of course would require someone on remote end to have public IP to terminate tunnel and
route the 44net subnet allocation.
I have done this, but both ends of tunnel and subnet allocation are all in my control. If
interested, I can go more in depth.
On Feb 13, 2023, at 12:21 PM, Kris Kirby via 44net
<44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>> wrote:
_______________________________________________
44net mailing list -- 44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>
To unsubscribe send an email to
44net-leave@mailman.ampr.org<mailto:44net-leave@mailman.ampr.org>
I don't think this is possible with a hotspot
from a cellular
connection.
You are behind a nat on cellular, which shares one public IP with many
and doesn't allow routable ports/protocols.
The only solution would be to get a public IP address from a home
connection or a vps, and setup a VPN to access it from remote.
I could be wrong, but that is my understanding at this point.
Not only that, but some VPSs do not allow loading the IPIP module, which
means that a full KVM virtualized private server is the only solution
short of setting up a VPS to announce a /24 via BGP.
--
Kris Kirby, KE4AHR
Disinformation Architect, Systems Mangler, & Network
Mismanager_______________________________________________
44net mailing list -- 44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>
To unsubscribe send an email to
44net-leave@mailman.ampr.org<mailto:44net-leave@mailman.ampr.org>
23 Feb
23 Feb
12:21 a.m.
You create one when you build a Wireguard server on your BGP host.
On Wed, Feb 22, 2023 at 6:42 PM KUN LIN <dnwk(a)linkun.info> wrote:
How did you get the Wireguard VPN account assigned to
you?
Kun
------------------------------
*From:* Mark Phillips via 44net <44net(a)mailman.ampr.org>
*Sent:* Monday, February 13, 2023 13:18
*To:* Joshua McDonald <josh(a)2cold.net>
*Cc:* Kris Kirby <kris(a)catonic.us>us>; ken boyle <ken(a)kc2idb.net>et>; David
Harris <KE6GAE(a)hotmail.com>om>; 44net(a)mailman.AMPR.org <
44net(a)mailman.ampr.org>
*Subject:* [44net] Re: IPIP Tunnel
I was just going to add Wireguard VPN as a solution for the Cellphone
hotspot.
Available at 10 Hamgates and many other nodes. Mikrotik V7 OS works well.
Go here for a howto
http://hamgatepa.ampr.org/docs/Programming%20the%20MikroTik%20hAP%20lite%20…
On Mon, Feb 13, 2023 at 12:44 PM Joshua McDonald via 44net <
44net(a)mailman.ampr.org> wrote:
On the client side, using Mikrotik can be done with Wireguard if on
RouterOS v7. Use an AP as a client to the Cellular Hotspot and build
Wireguard tunnel back to “VPN Concentrator” somewhere.
Of course would require someone on remote end to have public IP to
terminate tunnel and route the 44net subnet allocation.
I have done this, but both ends of tunnel and subnet allocation are all in
my control. If interested, I can go more in depth.
Mismanager_______________________________________________
On Feb 13, 2023, at 12:21 PM, Kris Kirby via
44net <
44net(a)mailman.ampr.org> wrote:
I don't think this is possible with a hotspot
from a cellular
connection.
You are behind a nat on cellular, which shares one public IP with many
and doesn't allow routable ports/protocols.
The only solution would be to get a public IP address from a home
connection or a vps, and setup a VPN to access it from remote.
I could be wrong, but that is my understanding at this point.
Not only that, but some VPSs do not allow loading the IPIP module, which
means that a full KVM virtualized private server is the only solution
short of setting up a VPS to announce a /24 via BGP.
--
Kris Kirby, KE4AHR
Disinformation Architect, Systems Mangler, & Network 44net mailing list -- 44net(a)mailman.ampr.org
To unsubscribe send an email to 44net-leave(a)mailman.ampr.org
_______________________________________________
44net mailing list -- 44net(a)mailman.ampr.org
To unsubscribe send an email to 44net-leave(a)mailman.ampr.org
5:41 p.m.
Well, Chris denied my /24 request to build a Wireguard VPN service. He claimed 44Net would
have a official one out there. How did you get your assignment approved?
Kun
________________________________
From: Mark Phillips <enicomms(a)gmail.com>
Sent: Wednesday, February 22, 2023 16:21
To: KUN LIN <dnwk(a)linkun.info>
Cc: Joshua McDonald <josh(a)2cold.net>et>; Kris Kirby <kris(a)catonic.us>us>; ken boyle
<ken(a)kc2idb.net>et>; David Harris <KE6GAE(a)hotmail.com>om>; 44net(a)mailman.AMPR.org
<44net(a)mailman.ampr.org>
Subject: Re: [44net] Re: IPIP Tunnel
You create one when you build a Wireguard server on your BGP host.
On Wed, Feb 22, 2023 at 6:42 PM KUN LIN
<dnwk@linkun.info<mailto:dnwk@linkun.info>> wrote:
How did you get the Wireguard VPN account assigned to you?
Kun
________________________________
From: Mark Phillips via 44net
<44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>>
Sent: Monday, February 13, 2023 13:18
To: Joshua McDonald <josh@2cold.net<mailto:josh@2cold.net>>
Cc: Kris Kirby <kris@catonic.us<mailto:kris@catonic.us>>; ken boyle
<ken@kc2idb.net<mailto:ken@kc2idb.net>>; David Harris
<KE6GAE@hotmail.com<mailto:KE6GAE@hotmail.com>>;
44net@mailman.AMPR.org<mailto:44net@mailman.AMPR.org>
<44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>>
Subject: [44net] Re: IPIP Tunnel
I was just going to add Wireguard VPN as a solution for the Cellphone hotspot.
Available at 10 Hamgates and many other nodes. Mikrotik V7 OS works well. Go here for a
howto
http://hamgatepa.ampr.org/docs/Programming%20the%20MikroTik%20hAP%20lite%20…
On Mon, Feb 13, 2023 at 12:44 PM Joshua McDonald via 44net
<44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>> wrote:
On the client side, using Mikrotik can be done with Wireguard if on RouterOS v7. Use an
AP as a client to the Cellular Hotspot and build Wireguard tunnel back to “VPN
Concentrator” somewhere.
Of course would require someone on remote end to have public IP to terminate tunnel and
route the 44net subnet allocation.
I have done this, but both ends of tunnel and subnet allocation are all in my control. If
interested, I can go more in depth.
On Feb 13, 2023, at 12:21 PM, Kris Kirby via 44net
<44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>> wrote:
_______________________________________________
44net mailing list -- 44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>
To unsubscribe send an email to
44net-leave@mailman.ampr.org<mailto:44net-leave@mailman.ampr.org>
I don't think this is possible with a hotspot
from a cellular
connection.
You are behind a nat on cellular, which shares one public IP with many
and doesn't allow routable ports/protocols.
The only solution would be to get a public IP address from a home
connection or a vps, and setup a VPN to access it from remote.
I could be wrong, but that is my understanding at this point.
Not only that, but some VPSs do not allow loading the IPIP module, which
means that a full KVM virtualized private server is the only solution
short of setting up a VPS to announce a /24 via BGP.
--
Kris Kirby, KE4AHR
Disinformation Architect, Systems Mangler, & Network
Mismanager_______________________________________________
44net mailing list -- 44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>
To unsubscribe send an email to
44net-leave@mailman.ampr.org<mailto:44net-leave@mailman.ampr.org>
6:24 p.m.
Chris is not the only issuer of numbers in this space. My group manages the
allocations for 10 States here on the East Coast. Find your local
co-ordinator and ask him.
AFAIK, we are the ONLY group offering Wireguard VPN that you can actually
use.
Chris (FEF) is trying to get away from the regional allocation of IP
addresses and simply issue them from the top of the pile. This suggests to
me that ARDC are aligning themselves for another selloff? If they can get
everyone below 44.128/10 they can sell that off too?
On Thu, Feb 23, 2023 at 12:41 PM KUN LIN <dnwk(a)linkun.info> wrote:
Well, Chris denied my /24 request to build a Wireguard
VPN service. He
claimed 44Net would have a official one out there. How did you get your
assignment approved?
Kun
------------------------------
*From:* Mark Phillips <enicomms(a)gmail.com>
*Sent:* Wednesday, February 22, 2023 16:21
*To:* KUN LIN <dnwk(a)linkun.info>
*Cc:* Joshua McDonald <josh(a)2cold.net>et>; Kris Kirby <kris(a)catonic.us>us>; ken
boyle <ken(a)kc2idb.net>et>; David Harris <KE6GAE(a)hotmail.com>om>;
44net(a)mailman.AMPR.org <44net(a)mailman.ampr.org>
*Subject:* Re: [44net] Re: IPIP Tunnel
You create one when you build a Wireguard server on your BGP host.
On Wed, Feb 22, 2023 at 6:42 PM KUN LIN <dnwk(a)linkun.info> wrote:
How did you get the Wireguard VPN account assigned to you?
Kun
------------------------------
*From:* Mark Phillips via 44net <44net(a)mailman.ampr.org>
*Sent:* Monday, February 13, 2023 13:18
*To:* Joshua McDonald <josh(a)2cold.net>
*Cc:* Kris Kirby <kris(a)catonic.us>us>; ken boyle <ken(a)kc2idb.net>et>; David
Harris <KE6GAE(a)hotmail.com>om>; 44net(a)mailman.AMPR.org <
44net(a)mailman.ampr.org>
*Subject:* [44net] Re: IPIP Tunnel
I was just going to add Wireguard VPN as a solution for the Cellphone
hotspot.
Available at 10 Hamgates and many other nodes. Mikrotik V7 OS works well.
Go here for a howto
http://hamgatepa.ampr.org/docs/Programming%20the%20MikroTik%20hAP%20lite%20…
On Mon, Feb 13, 2023 at 12:44 PM Joshua McDonald via 44net <
44net(a)mailman.ampr.org> wrote:
On the client side, using Mikrotik can be done with Wireguard if on
RouterOS v7. Use an AP as a client to the Cellular Hotspot and build
Wireguard tunnel back to “VPN Concentrator” somewhere.
Of course would require someone on remote end to have public IP to
terminate tunnel and route the 44net subnet allocation.
I have done this, but both ends of tunnel and subnet allocation are all in
my control. If interested, I can go more in depth.
Mismanager_______________________________________________
On Feb 13, 2023, at 12:21 PM, Kris Kirby via
44net <
44net(a)mailman.ampr.org> wrote:
I don't think this is possible with a hotspot
from a cellular
connection.
You are behind a nat on cellular, which shares one public IP with many
and doesn't allow routable ports/protocols.
The only solution would be to get a public IP address from a home
connection or a vps, and setup a VPN to access it from remote.
I could be wrong, but that is my understanding at this point.
Not only that, but some VPSs do not allow loading the IPIP module, which
means that a full KVM virtualized private server is the only solution
short of setting up a VPS to announce a /24 via BGP.
--
Kris Kirby, KE4AHR
Disinformation Architect, Systems Mangler, & Network 44net mailing list -- 44net(a)mailman.ampr.org
To unsubscribe send an email to 44net-leave(a)mailman.ampr.org
_______________________________________________
44net mailing list -- 44net(a)mailman.ampr.org
To unsubscribe send an email to 44net-leave(a)mailman.ampr.org
6:38 p.m.
There is no sell off plan that I know off after being for my 3rd year in the TAC committee
2 of wich as the chairman.
The reason for using the lower part of the IP addresses is to answer to the internet ip
routing community to use the ip space properly not is small batch here and there.
Pierre
VE2PF
Obtenir Outlook pour Android<https://aka.ms/AAb9ysg>
________________________________
From: Mark Phillips via 44net <44net(a)mailman.ampr.org>
Sent: Thursday, February 23, 2023 1:24:58 PM
To: KUN LIN <dnwk(a)linkun.info>
Cc: Joshua McDonald <josh(a)2cold.net>et>; Kris Kirby <kris(a)catonic.us>us>; ken boyle
<ken(a)kc2idb.net>et>; David Harris <KE6GAE(a)hotmail.com>om>; 44net(a)mailman.AMPR.org
<44net(a)mailman.ampr.org>
Subject: [44net] Re: IPIP Tunnel
Chris is not the only issuer of numbers in this space. My group manages the allocations
for 10 States here on the East Coast. Find your local co-ordinator and ask him.
AFAIK, we are the ONLY group offering Wireguard VPN that you can actually use.
Chris (FEF) is trying to get away from the regional allocation of IP addresses and simply
issue them from the top of the pile. This suggests to me that ARDC are aligning themselves
for another selloff? If they can get everyone below 44.128/10 they can sell that off too?
On Thu, Feb 23, 2023 at 12:41 PM KUN LIN
<dnwk@linkun.info<mailto:dnwk@linkun.info>> wrote:
Well, Chris denied my /24 request to build a Wireguard VPN service. He claimed 44Net would
have a official one out there. How did you get your assignment approved?
Kun
________________________________
From: Mark Phillips <enicomms@gmail.com<mailto:enicomms@gmail.com>>
Sent: Wednesday, February 22, 2023 16:21
To: KUN LIN <dnwk@linkun.info<mailto:dnwk@linkun.info>>
Cc: Joshua McDonald <josh@2cold.net<mailto:josh@2cold.net>>; Kris Kirby
<kris@catonic.us<mailto:kris@catonic.us>>; ken boyle
<ken@kc2idb.net<mailto:ken@kc2idb.net>>; David Harris
<KE6GAE@hotmail.com<mailto:KE6GAE@hotmail.com>>;
44net@mailman.AMPR.org<mailto:44net@mailman.AMPR.org>
<44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>>
Subject: Re: [44net] Re: IPIP Tunnel
You create one when you build a Wireguard server on your BGP host.
On Wed, Feb 22, 2023 at 6:42 PM KUN LIN
<dnwk@linkun.info<mailto:dnwk@linkun.info>> wrote:
How did you get the Wireguard VPN account assigned to you?
Kun
________________________________
From: Mark Phillips via 44net
<44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>>
Sent: Monday, February 13, 2023 13:18
To: Joshua McDonald <josh@2cold.net<mailto:josh@2cold.net>>
Cc: Kris Kirby <kris@catonic.us<mailto:kris@catonic.us>>; ken boyle
<ken@kc2idb.net<mailto:ken@kc2idb.net>>; David Harris
<KE6GAE@hotmail.com<mailto:KE6GAE@hotmail.com>>;
44net@mailman.AMPR.org<mailto:44net@mailman.AMPR.org>
<44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>>
Subject: [44net] Re: IPIP Tunnel
I was just going to add Wireguard VPN as a solution for the Cellphone hotspot.
Available at 10 Hamgates and many other nodes. Mikrotik V7 OS works well. Go here for a
howto
http://hamgatepa.ampr.org/docs/Programming%20the%20MikroTik%20hAP%20lite%20…
On Mon, Feb 13, 2023 at 12:44 PM Joshua McDonald via 44net
<44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>> wrote:
On the client side, using Mikrotik can be done with Wireguard if on RouterOS v7. Use an
AP as a client to the Cellular Hotspot and build Wireguard tunnel back to “VPN
Concentrator” somewhere.
Of course would require someone on remote end to have public IP to terminate tunnel and
route the 44net subnet allocation.
I have done this, but both ends of tunnel and subnet allocation are all in my control. If
interested, I can go more in depth.
On Feb 13, 2023, at 12:21 PM, Kris Kirby via 44net
<44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>> wrote:
_______________________________________________
44net mailing list -- 44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>
To unsubscribe send an email to
44net-leave@mailman.ampr.org<mailto:44net-leave@mailman.ampr.org>
I don't think this is possible with a hotspot
from a cellular
connection.
You are behind a nat on cellular, which shares one public IP with many
and doesn't allow routable ports/protocols.
The only solution would be to get a public IP address from a home
connection or a vps, and setup a VPN to access it from remote.
I could be wrong, but that is my understanding at this point.
Not only that, but some VPSs do not allow loading the IPIP module, which
means that a full KVM virtualized private server is the only solution
short of setting up a VPS to announce a /24 via BGP.
--
Kris Kirby, KE4AHR
Disinformation Architect, Systems Mangler, & Network
Mismanager_______________________________________________
44net mailing list -- 44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>
To unsubscribe send an email to
44net-leave@mailman.ampr.org<mailto:44net-leave@mailman.ampr.org> 
6:53 p.m.
It was noted that some users would find key generation, etc. to be quite
advanced/expert.
It's interesting that was noted.
A main reason I understood some commercial companies generate a private key for you - is
so that they can offer you a complete Wireguard configuration file for setup purposes.
They would be unable to do that via a public-key-only exchange/setup with the remote
peer.
73,
- LynwoodKB3VWG
7:01 p.m.
Actually, providers generate public and the corresponding private
certificates to their users since it is the easiest way to sign a
certificate with an intermediate authority certificate and verify their
authenticity on their servers.
This is much more complicated if the user would provide his
self-generated public key only.
Marius, YO2LOJ
On 23/02/2023 20:53, lleachii--- via 44net wrote:
It was noted that some users would find key
generation, etc. to be
quite advanced/expert.
It's interesting that was noted.
A main reason I understood some commercial companies generate a
private key for you - is so that they can offer you a complete
Wireguard configuration file for setup purposes. They would be unable
to do that via a public-key-only exchange/setup with the remote peer.
73,
- Lynwood
KB3VWG
_______________________________________________
44net mailing list --44net(a)mailman.ampr.org
To unsubscribe send an email to44net-leave(a)mailman.ampr.org
7:05 p.m.
FYI, Wireguard doesn't use PKI infrastructure, unless a commercial company is using
it with some other technology to store accounts/keys.
They're the private key is just randomly generated.
- Lynwood
7:08 p.m.
I don't contest that. But key generation and management is a thing that
is usually above the regular user's pay grade.
So companies usually go the easy way, especially if a PKI trust chain is
involved.
On 23/02/2023 21:05, lleachii(a)aol.com wrote:
FYI, Wireguard doesn't use PKI infrastructure,
unless a commercial
company is using it with some other technology to store accounts/keys.
They're the private key is just randomly generated.
- Lynwood
7:08 p.m.
There is no need for a private key to sign a certificate with a PKI.
73,
Ruben - ON3RVH
On 23 Feb 2023, at 20:02, Marius Petrescu via 44net <44net(a)mailman.ampr.org>
wrote:
Actually, providers generate public and the corresponding private certificates to their
users since it is the easiest way to sign a certificate with an intermediate authority
certificate and verify their authenticity on their servers.
This is much more complicated if the user would provide his self-generated public key
only.
Marius, YO2LOJ
On 23/02/2023 20:53, lleachii--- via 44net wrote:
It was noted that some users would find key generation, etc. to be quite
advanced/expert.
It's interesting that was noted.
A main reason I understood some commercial companies generate a private key for you - is
so that they can offer you a complete Wireguard configuration file for setup purposes.
They would be unable to do that via a public-key-only exchange/setup with the remote
peer.
73,
- Lynwood
KB3VWG
_______________________________________________
44net mailing list -- 44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>
To unsubscribe send an email to
44net-leave@mailman.ampr.org<mailto:44net-leave@mailman.ampr.org>
_______________________________________________
44net mailing list -- 44net(a)mailman.ampr.org
To unsubscribe send an email to 44net-leave(a)mailman.ampr.org
7:16 p.m.
I was getting ready to say the same thing. A vpn service provider is MUST issue you a
private key for your connection only (that is the only way the service works). BUT they
are NEVER going to send you the private key for their server. That is exactly what we do
for IRLP VPN to provide basic connectivity. We are now approaching 500 repeaters (nodes)
with 44.127.x.x IP addresses.
OTOH, we use PGP to authenticate all connections in to the IRLP network and connections
between repeaters (regardless of VPN use). The private key is generated during their
installation of the software, but never leaves the IRLP computer. Public keys are
collected and circulated throughout the network. A human reviews and authorizes a specific
key be added to the public key ring. But this is completely separate from the use of a
VPN.
—
Dave K9DC, K9IP
On Feb 23, 2023, at 13:53, lleachii--- via 44net
<44net(a)mailman.ampr.org> wrote:
It was noted that some users would find key generation, etc. to be quite
advanced/expert.
It's interesting that was noted.
A main reason I understood some commercial companies generate a private key for you - is
so that they can offer you a complete Wireguard configuration file for setup purposes.
They would be unable to do that via a public-key-only exchange/setup with the remote
peer.
73,
- Lynwood
KB3VWG
7:37 p.m.
That's exactly why we dictate all the keys. We send you a complete setup
file which you import into your client/router/whatever.
The file looks like this (this one does not work!!) Pull this into your
client application and bingo; you're on the 44Net. Note how we do not share
our private key? We do tell you what your private key is going to be but we
only share our public key. We even use a different PSK for each client.
And, we only support 44net routing. No internet access via us.
[Interface]
Address = 44.56.0.220/26
ListenPort = 51844
PrivateKey = AD/zd1stXzehSRe68YHf+lKGlquitR8FN0YAAL1YZWs=
[Peer]
PublicKey = nW9HaYfZeM5opuqiBdPMb1kW0Eo42+CKH6SxWvKmLWM=
PresharedKey = Ky17b00UsqJ+mcZ3QjL720UWWQZKXKLKI1H4SaB8IQk=
AllowedIPs = 44.0.0.0/9, 44.128.0.0/10
Endpoint = hamgatepa.ampr.org:51844
On Thu, Feb 23, 2023 at 1:56 PM lleachii--- via 44net <
44net(a)mailman.ampr.org> wrote:
It was noted that some users would find key
generation, etc. to be quite
advanced/expert.
It's interesting that was noted.
A main reason I understood some commercial companies generate a private
key for you - is so that they can offer you a complete Wireguard
configuration file for setup purposes. They would be unable to do that via
a public-key-only exchange/setup with the remote peer.
73,
- Lynwood
KB3VWG
_______________________________________________
44net mailing list -- 44net(a)mailman.ampr.org
To unsubscribe send an email to 44net-leave(a)mailman.ampr.org
7:50 p.m.
My local coordinator forwards my case to Chris because I am asking for BGP.
I believe Nathan Sales KJ7DMC also has a /24 and runs wireguard for public at Fremont
location. I can't find his website right now.
Kun
Nathan Sales 34553 KJ7DMC
________________________________
From: Mark Phillips <enicomms(a)gmail.com>
Sent: Thursday, February 23, 2023 10:24
To: KUN LIN <dnwk(a)linkun.info>
Cc: Joshua McDonald <josh(a)2cold.net>et>; Kris Kirby <kris(a)catonic.us>us>; ken boyle
<ken(a)kc2idb.net>et>; David Harris <KE6GAE(a)hotmail.com>om>; 44net(a)mailman.AMPR.org
<44net(a)mailman.ampr.org>
Subject: Re: [44net] Re: IPIP Tunnel
Chris is not the only issuer of numbers in this space. My group manages the allocations
for 10 States here on the East Coast. Find your local co-ordinator and ask him.
AFAIK, we are the ONLY group offering Wireguard VPN that you can actually use.
Chris (FEF) is trying to get away from the regional allocation of IP addresses and simply
issue them from the top of the pile. This suggests to me that ARDC are aligning themselves
for another selloff? If they can get everyone below 44.128/10 they can sell that off
too?
On Thu, Feb 23, 2023 at 12:41 PM KUN LIN
<dnwk@linkun.info<mailto:dnwk@linkun.info>> wrote:
Well, Chris denied my /24 request to build a Wireguard VPN service. He claimed 44Net would
have a official one out there. How did you get your assignment approved?
Kun
________________________________
From: Mark Phillips <enicomms@gmail.com<mailto:enicomms@gmail.com>>
Sent: Wednesday, February 22, 2023 16:21
To: KUN LIN <dnwk@linkun.info<mailto:dnwk@linkun.info>>
Cc: Joshua McDonald <josh@2cold.net<mailto:josh@2cold.net>>; Kris Kirby
<kris@catonic.us<mailto:kris@catonic.us>>; ken boyle
<ken@kc2idb.net<mailto:ken@kc2idb.net>>; David Harris
<KE6GAE@hotmail.com<mailto:KE6GAE@hotmail.com>>;
44net@mailman.AMPR.org<mailto:44net@mailman.AMPR.org>
<44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>>
Subject: Re: [44net] Re: IPIP Tunnel
You create one when you build a Wireguard server on your BGP host.
On Wed, Feb 22, 2023 at 6:42 PM KUN LIN
<dnwk@linkun.info<mailto:dnwk@linkun.info>> wrote:
How did you get the Wireguard VPN account assigned to you?
Kun
________________________________
From: Mark Phillips via 44net
<44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>>
Sent: Monday, February 13, 2023 13:18
To: Joshua McDonald <josh@2cold.net<mailto:josh@2cold.net>>
Cc: Kris Kirby <kris@catonic.us<mailto:kris@catonic.us>>; ken boyle
<ken@kc2idb.net<mailto:ken@kc2idb.net>>; David Harris
<KE6GAE@hotmail.com<mailto:KE6GAE@hotmail.com>>;
44net@mailman.AMPR.org<mailto:44net@mailman.AMPR.org>
<44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>>
Subject: [44net] Re: IPIP Tunnel
I was just going to add Wireguard VPN as a solution for the Cellphone hotspot.
Available at 10 Hamgates and many other nodes. Mikrotik V7 OS works well. Go here for a
howto
http://hamgatepa.ampr.org/docs/Programming%20the%20MikroTik%20hAP%20lite%20…
On Mon, Feb 13, 2023 at 12:44 PM Joshua McDonald via 44net
<44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>> wrote:
On the client side, using Mikrotik can be done with Wireguard if on RouterOS v7. Use an
AP as a client to the Cellular Hotspot and build Wireguard tunnel back to “VPN
Concentrator” somewhere.
Of course would require someone on remote end to have public IP to terminate tunnel and
route the 44net subnet allocation.
I have done this, but both ends of tunnel and subnet allocation are all in my control. If
interested, I can go more in depth.
On Feb 13, 2023, at 12:21 PM, Kris Kirby via 44net
<44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>> wrote:
_______________________________________________
44net mailing list -- 44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>
To unsubscribe send an email to
44net-leave@mailman.ampr.org<mailto:44net-leave@mailman.ampr.org>
I don't think this is possible with a hotspot
from a cellular
connection.
You are behind a nat on cellular, which shares one public IP with many
and doesn't allow routable ports/protocols.
The only solution would be to get a public IP address from a home
connection or a vps, and setup a VPN to access it from remote.
I could be wrong, but that is my understanding at this point.
Not only that, but some VPSs do not allow loading the IPIP module, which
means that a full KVM virtualized private server is the only solution
short of setting up a VPS to announce a /24 via BGP.
--
Kris Kirby, KE4AHR
Disinformation Architect, Systems Mangler, & Network
Mismanager_______________________________________________
44net mailing list -- 44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>
To unsubscribe send an email to
44net-leave@mailman.ampr.org<mailto:44net-leave@mailman.ampr.org>
24 Feb
24 Feb
6:34 p.m.
@Kun
VPN is me, guilty…
Nate and I run ARIX and I’ve been experimenting with Wireguard VPN in Fremont.
Try using the approach with Chris, requesting IP's for BGP experimentation.
-Learning/Experimentation is one of the driving goals of ARDC.
For me, It was a hard-sell for getting IP’s for IX and VPN.
BTW: If anyone has a design for a VPN , DM me, I’d be interested in your approach !
Adam (KC7GDY)
On Feb 23, 2023, at 12:50 PM, KUN LIN via 44net
<44net(a)mailman.ampr.org> wrote:
My local coordinator forwards my case to Chris because I am asking for BGP.
I believe Nathan Sales KJ7DMC also has a /24 and runs wireguard for public at Fremont
location. I can't find his website right now.
Kun
Nathan Sales 34553 KJ7DMC
From: Mark Phillips <enicomms(a)gmail.com <mailto:enicomms@gmail.com>>
Sent: Thursday, February 23, 2023 10:24
To: KUN LIN <dnwk(a)linkun.info <mailto:dnwk@linkun.info>>
Cc: Joshua McDonald <josh(a)2cold.net <mailto:josh@2cold.net>>; Kris Kirby
<kris(a)catonic.us <mailto:kris@catonic.us>>; ken boyle <ken(a)kc2idb.net
<mailto:ken@kc2idb.net>>; David Harris <KE6GAE(a)hotmail.com
<mailto:KE6GAE@hotmail.com>>; 44net(a)mailman.AMPR.org
<mailto:44net@mailman.AMPR.org> <44net(a)mailman.ampr.org
<mailto:44net@mailman.ampr.org>>
Subject: Re: [44net] Re: IPIP Tunnel
Chris is not the only issuer of numbers in this space. My group manages the allocations
for 10 States here on the East Coast. Find your local co-ordinator and ask him.
AFAIK, we are the ONLY group offering Wireguard VPN that you can actually use.
Chris (FEF) is trying to get away from the regional allocation of IP addresses and simply
issue them from the top of the pile. This suggests to me that ARDC are aligning themselves
for another selloff? If they can get everyone below 44.128/10 they can sell that off too?
On Thu, Feb 23, 2023 at 12:41 PM KUN LIN <dnwk(a)linkun.info
<mailto:dnwk@linkun.info>> wrote:
Well, Chris denied my /24 request to build a Wireguard VPN service. He claimed 44Net
would have a official one out there. How did you get your assignment approved?
Kun
From: Mark Phillips <enicomms(a)gmail.com <mailto:enicomms@gmail.com>>
Sent: Wednesday, February 22, 2023 16:21
To: KUN LIN <dnwk(a)linkun.info <mailto:dnwk@linkun.info>>
Cc: Joshua McDonald <josh(a)2cold.net <mailto:josh@2cold.net>>; Kris Kirby
<kris(a)catonic.us <mailto:kris@catonic.us>>; ken boyle <ken(a)kc2idb.net
<mailto:ken@kc2idb.net>>; David Harris <KE6GAE(a)hotmail.com
<mailto:KE6GAE@hotmail.com>>; 44net(a)mailman.AMPR.org
<mailto:44net@mailman.AMPR.org> <44net(a)mailman.ampr.org
<mailto:44net@mailman.ampr.org>>
Subject: Re: [44net] Re: IPIP Tunnel
You create one when you build a Wireguard server on your BGP host.
On Wed, Feb 22, 2023 at 6:42 PM KUN LIN <dnwk(a)linkun.info
<mailto:dnwk@linkun.info>> wrote:
How did you get the Wireguard VPN account assigned to you?
Kun
From: Mark Phillips via 44net <44net(a)mailman.ampr.org
<mailto:44net@mailman.ampr.org>>
Sent: Monday, February 13, 2023 13:18
To: Joshua McDonald <josh(a)2cold.net <mailto:josh@2cold.net>>
Cc: Kris Kirby <kris(a)catonic.us <mailto:kris@catonic.us>>; ken boyle
<ken(a)kc2idb.net <mailto:ken@kc2idb.net>>; David Harris <KE6GAE(a)hotmail.com
<mailto:KE6GAE@hotmail.com>>;44net@mailman.AMPR.org
<mailto:44net@mailman.AMPR.org> <44net(a)mailman.ampr.org
<mailto:44net@mailman.ampr.org>>
Subject: [44net] Re: IPIP Tunnel
I was just going to add Wireguard VPN as a solution for the Cellphone hotspot.
Available at 10 Hamgates and many other nodes. Mikrotik V7 OS works well. Go here for a
howto
http://hamgatepa.ampr.org/docs/Programming%20the%20MikroTik%20hAP%20lite%20…
<http://hamgatepa.ampr.org/docs/Programming%20the%20MikroTik%20hAP%20lite%20for%2044net%20VPN%20use.pdf>
On Mon, Feb 13, 2023 at 12:44 PM Joshua McDonald via 44net <44net(a)mailman.ampr.org
<mailto:44net@mailman.ampr.org>> wrote:
On the client side, using Mikrotik can be done with Wireguard if on RouterOS v7. Use an
AP as a client to the Cellular Hotspot and build Wireguard tunnel back to “VPN
Concentrator” somewhere.
Of course would require someone on remote end to have public IP to terminate tunnel and
route the 44net subnet allocation.
I have done this, but both ends of tunnel and subnet allocation are all in my control.
If interested, I can go more in depth.
On Feb 13, 2023, at 12:21 PM, Kris Kirby via
44net <44net(a)mailman.ampr.org <mailto:44net@mailman.ampr.org>> wrote:
_______________________________________________
44net mailing list -- 44net(a)mailman.ampr.org <mailto:44net@mailman.ampr.org>
To unsubscribe send an email to 44net-leave(a)mailman.ampr.org
<mailto:44net-leave@mailman.ampr.org>
_______________________________________________
44net mailing list -- 44net(a)mailman.ampr.org <mailto:44net@mailman.ampr.org>
To unsubscribe send an email to 44net-leave(a)mailman.ampr.org
<mailto:44net-leave@mailman.ampr.org> I don't think this is possible with a hotspot
from a cellular
connection.
You are behind a nat on cellular, which shares one public IP with many
and doesn't allow routable ports/protocols.
The only solution would be to get a public IP address from a home
connection or a vps, and setup a VPN to access it from remote.
I could be wrong, but that is my understanding at this point.
Not only that, but some VPSs do not allow loading the IPIP module, which
means that a full KVM virtualized private server is the only solution
short of setting up a VPS to announce a /24 via BGP.
--
Kris Kirby, KE4AHR
Disinformation Architect, Systems Mangler, & Network
Mismanager_______________________________________________
44net mailing list -- 44net(a)mailman.ampr.org <mailto:44net@mailman.ampr.org>
To unsubscribe send an email to 44net-leave(a)mailman.ampr.org
<mailto:44net-leave@mailman.ampr.org>
9 p.m.
@Adam
I do find your service very helpful. So I didn't push further for getting IP
assignment.
Thanks a lot for the valuable service.
Kun
________________________________
From: air gapped <airgapped1(a)gmail.com>
Sent: Friday, February 24, 2023 10:34
To: KUN LIN <dnwk(a)linkun.info>
Cc: 44net(a)mailman.AMPR.org <44net(a)mailman.ampr.org>
Subject: Re: [44net] IPIP Tunnel
@Kun
VPN is me, guilty…
Nate and I run ARIX and I’ve been experimenting with Wireguard VPN in Fremont.
Try using the approach with Chris, requesting IP's for BGP experimentation.
-Learning/Experimentation is one of the driving goals of ARDC.
For me, It was a hard-sell for getting IP’s for IX and VPN.
BTW: If anyone has a design for a VPN , DM me, I’d be interested in your approach !
Adam (KC7GDY)
On Feb 23, 2023, at 12:50 PM, KUN LIN via 44net
<44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>> wrote:
My local coordinator forwards my case to Chris because I am asking for BGP.
I believe Nathan Sales KJ7DMC also has a /24 and runs wireguard for public at Fremont
location. I can't find his website right now.
Kun
Nathan Sales 34553 KJ7DMC
________________________________
From: Mark Phillips <enicomms@gmail.com<mailto:enicomms@gmail.com>>
Sent: Thursday, February 23, 2023 10:24
To: KUN LIN <dnwk@linkun.info<mailto:dnwk@linkun.info>>
Cc: Joshua McDonald <josh@2cold.net<mailto:josh@2cold.net>>; Kris Kirby
<kris@catonic.us<mailto:kris@catonic.us>>; ken boyle
<ken@kc2idb.net<mailto:ken@kc2idb.net>>; David Harris
<KE6GAE@hotmail.com<mailto:KE6GAE@hotmail.com>>;
44net@mailman.AMPR.org<mailto:44net@mailman.AMPR.org>
<44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>>
Subject: Re: [44net] Re: IPIP Tunnel
Chris is not the only issuer of numbers in this space. My group manages the allocations
for 10 States here on the East Coast. Find your local co-ordinator and ask him.
AFAIK, we are the ONLY group offering Wireguard VPN that you can actually use.
Chris (FEF) is trying to get away from the regional allocation of IP addresses and simply
issue them from the top of the pile. This suggests to me that ARDC are aligning themselves
for another selloff? If they can get everyone below 44.128/10 they can sell that off
too?
On Thu, Feb 23, 2023 at 12:41 PM KUN LIN
<dnwk@linkun.info<mailto:dnwk@linkun.info>> wrote:
Well, Chris denied my /24 request to build a Wireguard VPN service. He claimed 44Net would
have a official one out there. How did you get your assignment approved?
Kun
________________________________
From: Mark Phillips <enicomms@gmail.com<mailto:enicomms@gmail.com>>
Sent: Wednesday, February 22, 2023 16:21
To: KUN LIN <dnwk@linkun.info<mailto:dnwk@linkun.info>>
Cc: Joshua McDonald <josh@2cold.net<mailto:josh@2cold.net>>; Kris Kirby
<kris@catonic.us<mailto:kris@catonic.us>>; ken boyle
<ken@kc2idb.net<mailto:ken@kc2idb.net>>; David Harris
<KE6GAE@hotmail.com<mailto:KE6GAE@hotmail.com>>;
44net@mailman.AMPR.org<mailto:44net@mailman.AMPR.org>
<44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>>
Subject: Re: [44net] Re: IPIP Tunnel
You create one when you build a Wireguard server on your BGP host.
On Wed, Feb 22, 2023 at 6:42 PM KUN LIN
<dnwk@linkun.info<mailto:dnwk@linkun.info>> wrote:
How did you get the Wireguard VPN account assigned to you?
Kun
________________________________
From: Mark Phillips via 44net
<44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>>
Sent: Monday, February 13, 2023 13:18
To: Joshua McDonald <josh@2cold.net<mailto:josh@2cold.net>>
Cc: Kris Kirby <kris@catonic.us<mailto:kris@catonic.us>>; ken boyle
<ken@kc2idb.net<mailto:ken@kc2idb.net>>; David Harris
<KE6GAE@hotmail.com<mailto:KE6GAE@hotmail.com>>;44net@mailman.AMPR.org<mailto:44net@mailman.AMPR.org>
<44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>>
Subject: [44net] Re: IPIP Tunnel
I was just going to add Wireguard VPN as a solution for the Cellphone hotspot.
Available at 10 Hamgates and many other nodes. Mikrotik V7 OS works well. Go here for a
howto
http://hamgatepa.ampr.org/docs/Programming%20the%20MikroTik%20hAP%20lite%20…
On Mon, Feb 13, 2023 at 12:44 PM Joshua McDonald via 44net
<44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>> wrote:
On the client side, using Mikrotik can be done with Wireguard if on RouterOS v7. Use an
AP as a client to the Cellular Hotspot and build Wireguard tunnel back to “VPN
Concentrator” somewhere.
Of course would require someone on remote end to have public IP to terminate tunnel and
route the 44net subnet allocation.
I have done this, but both ends of tunnel and subnet allocation are all in my control. If
interested, I can go more in depth.
On Feb 13, 2023, at 12:21 PM, Kris Kirby via 44net
<44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>> wrote:
_______________________________________________
44net mailing list -- 44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>
To unsubscribe send an email to
44net-leave@mailman.ampr.org<mailto:44net-leave@mailman.ampr.org>
_______________________________________________
44net mailing list -- 44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>
To unsubscribe send an email to
44net-leave@mailman.ampr.org<mailto:44net-leave@mailman.ampr.org>
I don't think this is possible with a hotspot
from a cellular
connection.
You are behind a nat on cellular, which shares one public IP with many
and doesn't allow routable ports/protocols.
The only solution would be to get a public IP address from a home
connection or a vps, and setup a VPN to access it from remote.
I could be wrong, but that is my understanding at this point.
Not only that, but some VPSs do not allow loading the IPIP module, which
means that a full KVM virtualized private server is the only solution
short of setting up a VPS to announce a /24 via BGP.
--
Kris Kirby, KE4AHR
Disinformation Architect, Systems Mangler, & Network
Mismanager_______________________________________________
44net mailing list -- 44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>
To unsubscribe send an email to
44net-leave@mailman.ampr.org<mailto:44net-leave@mailman.ampr.org>
23 Feb
23 Feb
1:06 p.m.
That guide has a fundamental security flaw.
The *private* key should be only be known by the end-user. This is
randomly generated locally.
The end-user then tells the "sysop" what their *public* key is.
This is nothing specific to Wireguard, hamnet, etc. It's basic
public-private key cryptography.
Quote from guide:
*"Delete the contents of the “Private Key” field and paste the private key
from the config file supplied by your *
*local sysop". (WRONG!)*
On Wed, Feb 22, 2023, 6:42 PM KUN LIN via 44net <44net(a)mailman.ampr.org>
wrote:
How did you get the Wireguard VPN account assigned to
you?
Kun
------------------------------
*From:* Mark Phillips via 44net <44net(a)mailman.ampr.org>
*Sent:* Monday, February 13, 2023 13:18
*To:* Joshua McDonald <josh(a)2cold.net>
*Cc:* Kris Kirby <kris(a)catonic.us>us>; ken boyle <ken(a)kc2idb.net>et>; David
Harris <KE6GAE(a)hotmail.com>om>; 44net(a)mailman.AMPR.org <
44net(a)mailman.ampr.org>
*Subject:* [44net] Re: IPIP Tunnel
I was just going to add Wireguard VPN as a solution for the Cellphone
hotspot.
Available at 10 Hamgates and many other nodes. Mikrotik V7 OS works well.
Go here for a howto
http://hamgatepa.ampr.org/docs/Programming%20the%20MikroTik%20hAP%20lite%20…
On Mon, Feb 13, 2023 at 12:44 PM Joshua McDonald via 44net <
44net(a)mailman.ampr.org> wrote:
On the client side, using Mikrotik can be done with Wireguard if on
RouterOS v7. Use an AP as a client to the Cellular Hotspot and build
Wireguard tunnel back to “VPN Concentrator” somewhere.
Of course would require someone on remote end to have public IP to
terminate tunnel and route the 44net subnet allocation.
I have done this, but both ends of tunnel and subnet allocation are all in
my control. If interested, I can go more in depth.
Mismanager_______________________________________________
On Feb 13, 2023, at 12:21 PM, Kris Kirby via
44net <
44net(a)mailman.ampr.org> wrote:
I don't think this is possible with a hotspot
from a cellular
connection.
You are behind a nat on cellular, which shares one public IP with many
and doesn't allow routable ports/protocols.
The only solution would be to get a public IP address from a home
connection or a vps, and setup a VPN to access it from remote.
I could be wrong, but that is my understanding at this point.
Not only that, but some VPSs do not allow loading the IPIP module, which
means that a full KVM virtualized private server is the only solution
short of setting up a VPS to announce a /24 via BGP.
--
Kris Kirby, KE4AHR
Disinformation Architect, Systems Mangler, & Network 44net mailing list -- 44net(a)mailman.ampr.org
To unsubscribe send an email to 44net-leave(a)mailman.ampr.org
_______________________________________________
44net mailing list -- 44net(a)mailman.ampr.org
To unsubscribe send an email to 44net-leave(a)mailman.ampr.org
_______________________________________________
44net mailing list -- 44net(a)mailman.ampr.org
To unsubscribe send an email to 44net-leave(a)mailman.ampr.org
4:54 p.m.
"fundemental security flaw"
I disagree. You want to use my system? You use the keys I provide. You will
find that any other vendor using wireguard (e.g. private VPN companies)
will supply you a file in this same manner. It's not like I'm then
advertising the keys out to the world.
Plus, this has to be as idiot proof as possible. In our experience, the
majority of our VPN clients (we are approaching 50) could not find their
arse with both hands and so asking them for a key is rocket science. Its a
whole world of pain that frankly I just don't want.
You can all throw your objections out into the list but the difference is
that we are doing it while you are bitching about it.
On Thu, Feb 23, 2023 at 8:06 AM Nicholas Justin <njustin444(a)gmail.com>
wrote:
That guide has a fundamental security flaw.
The *private* key should be only be known by the end-user. This is
randomly generated locally.
The end-user then tells the "sysop" what their *public* key is.
This is nothing specific to Wireguard, hamnet, etc. It's basic
public-private key cryptography.
Quote from guide:
*"Delete the contents of the “Private Key” field and paste the private key
from the config file supplied by your *
*local sysop". (WRONG!)*
On Wed, Feb 22, 2023, 6:42 PM KUN LIN via 44net <44net(a)mailman.ampr.org>
wrote:
How did you get the Wireguard VPN account
assigned to you?
Kun
------------------------------
*From:* Mark Phillips via 44net <44net(a)mailman.ampr.org>
*Sent:* Monday, February 13, 2023 13:18
*To:* Joshua McDonald <josh(a)2cold.net>
*Cc:* Kris Kirby <kris(a)catonic.us>us>; ken boyle <ken(a)kc2idb.net>et>; David
Harris <KE6GAE(a)hotmail.com>om>; 44net(a)mailman.AMPR.org <
44net(a)mailman.ampr.org>
*Subject:* [44net] Re: IPIP Tunnel
I was just going to add Wireguard VPN as a solution for the Cellphone
hotspot.
Available at 10 Hamgates and many other nodes. Mikrotik V7 OS works well.
Go here for a howto
http://hamgatepa.ampr.org/docs/Programming%20the%20MikroTik%20hAP%20lite%20…
On Mon, Feb 13, 2023 at 12:44 PM Joshua McDonald via 44net <
44net(a)mailman.ampr.org> wrote:
On the client side, using Mikrotik can be done with Wireguard if on
RouterOS v7. Use an AP as a client to the Cellular Hotspot and build
Wireguard tunnel back to “VPN Concentrator” somewhere.
Of course would require someone on remote end to have public IP to
terminate tunnel and route the 44net subnet allocation.
I have done this, but both ends of tunnel and subnet allocation are all
in my control. If interested, I can go more in depth.
which
On Feb 13, 2023, at 12:21 PM, Kris Kirby via
44net <
44net(a)mailman.ampr.org> wrote:
I don't think this is possible with a hotspot
from a cellular
connection.
You are behind a nat on cellular, which shares one public IP with many
and doesn't allow routable ports/protocols.
The only solution would be to get a public IP address from a home
connection or a vps, and setup a VPN to access it from remote.
I could be wrong, but that is my understanding at this point.
Not only that, but some VPSs do not allow loading the IPIP module, means that a full KVM virtualized private server
is the only solution
short of setting up a VPS to announce a /24 via BGP.
--
Kris Kirby, KE4AHR
Disinformation Architect, Systems Mangler, & Network
Mismanager_______________________________________________
44net mailing list -- 44net(a)mailman.ampr.org
To unsubscribe send an email to 44net-leave(a)mailman.ampr.org
_______________________________________________
44net mailing list -- 44net(a)mailman.ampr.org
To unsubscribe send an email to 44net-leave(a)mailman.ampr.org
_______________________________________________
44net mailing list -- 44net(a)mailman.ampr.org
To unsubscribe send an email to 44net-leave(a)mailman.ampr.org
6:04 p.m.
Hi Guys,
Just following the conversation here. I agree that users should *NEVER*
divulge their private keys, in any normal use scenario!! This is the
whole security premise that Diffie-Hellman key pairs are built on.
This is indeed a fundamental security flaw! Absolutely no doubt about
that! However, this being said, I realize this is a "no security" ham VPN
application for 44net and it is up to the provider to dictate their usage
specifications.
Hams should always remember that to be taken seriously, we need to
follow best-practice approaches whenever practical, where security
professionals won't roll their eyes at us and ultimately say "you're not
plugging that device into our network!"
As for "any other commercial vendor using wireguard" providing the
private/public keypair for me to use: really?? I've always just exchanged
public keys. If a commercial vendor demanded that I only use the keys
they provided, they wouldn't even get my consideration and I would send my
data (and money!) elsewhere.
73, David K4FXC
On Thu, 23 Feb 2023, Mark Phillips via 44net wrote:
"fundemental security flaw"
I disagree. You want to use my system? You use the keys I provide. You will
find that any other vendor using wireguard (e.g. private VPN companies)
will supply you a file in this same manner. It's not like I'm then
advertising the keys out to the world.
Plus, this has to be as idiot proof as possible. In our experience, the
majority of our VPN clients (we are approaching 50) could not find their
arse with both hands and so asking them for a key is rocket science. Its a
whole world of pain that frankly I just don't want.
You can all throw your objections out into the list but the difference is
that we are doing it while you are bitching about it.
On Thu, Feb 23, 2023 at 8:06 AM Nicholas Justin <njustin444(a)gmail.com>
wrote:
That guide has a fundamental security flaw.
The *private* key should be only be known by the end-user. This is
randomly generated locally.
The end-user then tells the "sysop" what their *public* key is.
This is nothing specific to Wireguard, hamnet, etc. It's basic
public-private key cryptography.
Quote from guide:
*"Delete the contents of the âPrivate Keyâ field and paste the private key
from the config file supplied by your *
*local sysop". (WRONG!)*
On Wed, Feb 22, 2023, 6:42 PM KUN LIN via 44net <44net(a)mailman.ampr.org>
wrote:
How did you get the Wireguard VPN account
assigned to you?
Kun
------------------------------
*From:* Mark Phillips via 44net <44net(a)mailman.ampr.org>
*Sent:* Monday, February 13, 2023 13:18
*To:* Joshua McDonald <josh(a)2cold.net>
*Cc:* Kris Kirby <kris(a)catonic.us>us>; ken boyle <ken(a)kc2idb.net>et>; David
Harris <KE6GAE(a)hotmail.com>om>; 44net(a)mailman.AMPR.org <
44net(a)mailman.ampr.org>
*Subject:* [44net] Re: IPIP Tunnel
I was just going to add Wireguard VPN as a solution for the Cellphone
hotspot.
Available at 10 Hamgates and many other nodes. Mikrotik V7 OS works well.
Go here for a howto
http://hamgatepa.ampr.org/docs/Programming%20the%20MikroTik%20hAP%20lite%20…
On Mon, Feb 13, 2023 at 12:44 PM Joshua McDonald via 44net <
44net(a)mailman.ampr.org> wrote:
On the client side, using Mikrotik can be done with Wireguard if on
RouterOS v7. Use an AP as a client to the Cellular Hotspot and build
Wireguard tunnel back to âVPN Concentratorâ somewhere.
Of course would require someone on remote end to have public IP to
terminate tunnel and route the 44net subnet allocation.
I have done this, but both ends of tunnel and subnet allocation are all
in my control. If interested, I can go more in depth.
On Feb 13, 2023, at 12:21 PM, Kris Kirby via
44net <
44net(a)mailman.ampr.org> wrote:
> I don't think this is possible with a hotspot from a cellular
> connection.
>
> You are behind a nat on cellular, which shares one public IP with many
> and doesn't allow routable ports/protocols.
>
> The only solution would be to get a public IP address from a home
> connection or a vps, and setup a VPN to access it from remote.
>
> I could be wrong, but that is my understanding at this point.
Not only that, but some VPSs do not allow loading the IPIP module,
which
means that a full KVM virtualized private server
is the only solution
short of setting up a VPS to announce a /24 via BGP.
--
Kris Kirby, KE4AHR
Disinformation Architect, Systems Mangler, & Network
Mismanager_______________________________________________
44net mailing list -- 44net(a)mailman.ampr.org
To unsubscribe send an email to 44net-leave(a)mailman.ampr.org
_______________________________________________
44net mailing list -- 44net(a)mailman.ampr.org
To unsubscribe send an email to 44net-leave(a)mailman.ampr.org
_______________________________________________
44net mailing list -- 44net(a)mailman.ampr.org
To unsubscribe send an email to 44net-leave(a)mailman.ampr.org
24 Feb
24 Feb
9:42 a.m.
Mark Phillips via 44net <44net(a)mailman.ampr.org> wrote:
You vant to use my system? You use the keys I provide!
Wireguard was designed to provide remarkably foolproof privacy and
security, but apparently fools are getting more ingenious these days.
The majority of our VPN clients (we are approaching
50) could not find
their arse with both hands and so ...
... so they don't know to avoid a VPN provider who insists on having a
database containing all the private keys that protect all the clients'
identities and traffic.
Yeah, I know, this ham radio networking stuff is a toy. It just causes
trouble to teach naive users, they're better left in the dark. The net
is mostly only used for ragchewing anyway, except when a regional
disaster or an armed attack occurs. <irony> Nobody would ever want to
interfere with government responses to emergencies, nor spy on how
effective an armed attack was. </irony>
John
PS: When I worked at Data General in the 1970s, it was the software
department policy that everyone must give their login password to the
department secretary. Working late one night, we examined her desk, and
found the sheets of paper where all the passwords were written down.
Then we could impersonate anyone in the whole department.
<irony>Luckily, we were just writing DG's operating system software!
What national intelligence agencies would want to throw any untraceable
back doors into that??? DG machines were often used for process
control, like in dams and chemical plants and nuclear installations.
12:04 p.m.
Since it is an amateur radio endeavor, we treat it like it is on the
open airwaves.
You know, unencrypted and able to be listened to. All that is being done
with the
VPN is to provide access to the 44net to those who are having networking
issues.
Did you ever watch the screen while people were connecting to the local
packet bbs?
Besides, the only person with the "keys" is the issuer/sysop. Look, it
works, it's
relatively easy to set up and it provides a needed service within Part
97 for others.
On 2/24/2023 4:42 AM, John Gilmore via 44net wrote:
... so they don't know to avoid a VPN provider who
insists on having a
database containing all the private keys that protect all the clients'
identities and traffic.
--
Charles J. Hargrove - N2NOV
NYC-ARECS/RACES Citywide Radio Officer/Skywarn Coord.
44net Coordinator - Northeast USA
"Information is the oxygen of the modern age. It seeps through the walls
topped
by barbed wire, it wafts across the electrified borders." - Ronald Reagan
"The more corrupt the state, the more it legislates." - Tacitus
"Molann an obair an fear" - Irish Saying
(The work praises the man.)
"No matter how big and powerful government gets, and the many services it
provides, it can never take the place of volunteers." - Ronald Reagan
2:39 p.m.
Correct. For our use in the IRLP network, we are not trying to provide any security
enhancements at all. We are simply trying to make a link work, over an otherwise
incompatible infrastructure. Encryption is simply a side effect of OpenVPN. If we could
turn encryption off, we would. In fact we point this out in our FAQ that is sent to all of
our users.
Is my VPN traffic secure and anonymous?
Absolutely not. In fact quite the opposite. Most commercial VPN products are designed to
hide or obfuscate customer traffic. IRLP VPN actually does the opposite of that. IRLP VPN
brings a public Internet address directly to your node. All traffic is monitored, tracked
and measured as it crosses the VPN hub. Your address is registered in global DNS as soon
as your connection comes up, and tied directly to your node number. Confidentiality and
privacy are absolutely NOT features of IRLP VPN. In other words, we know who you are,
where you live and with whom you communicate.
IRLP does use PGP (PKI) to authenticate all connections inside the IRLP network, but there
is no encryption natively in IRLP itself. IRLP does not keep a database of each users
private keys. Private keys only ever exist on each IRLP node. Public keys for all nodes
are widely circulated. But this has nothing to do with the use of IRLP VPN, when needed.
[FWIW, we chose OpenVPN over Wireguard because OpenVPN supports TCP based tunnels.
WireGuard is UDP only. We found, quite by accident, that some ISPs, mostly Cable
operators, are not particularly good at delivering packets in order. Using TCP ensures
packet ordering and retransmits any dropped packets. There is a performance penalty. But
we only need roughly 80 kbps unidirectionally per connection, when it is actually
talking. It also plays better over some folks really crappy routers that seem to have
trouble with maintaining a connection over UDP.]
—
Dave K9DC, K9IP
On Feb 24, 2023, at 07:04, Charles Hargrove via 44net
<44net(a)mailman.ampr.org> wrote:
Since it is an amateur radio endeavor, we treat it like it is on the open airwaves.
You know, unencrypted and able to be listened to. All that is being done with the
VPN is to provide access to the 44net to those who are having networking issues.
Did you ever watch the screen while people were connecting to the local packet bbs?
Besides, the only person with the "keys" is the issuer/sysop. Look, it works,
it's
relatively easy to set up and it provides a needed service within Part 97 for others.
On 2/24/2023 4:42 AM, John Gilmore via 44net wrote:
... so they don't know to avoid a VPN
provider who insists on having a
database containing all the private keys that protect all the clients'
identities and traffic.
--
Charles J. Hargrove - N2NOV
NYC-ARECS/RACES Citywide Radio Officer/Skywarn Coord.
44net Coordinator - Northeast USA
2:36 p.m.
Many of our users cannot spell TCP/IP! I'm sure you have them too.
On Fri, Feb 24, 2023 at 4:42 AM John Gilmore <gnu(a)toad.com> wrote:
Mark Phillips via 44net <44net(a)mailman.ampr.org>
wrote:
You vant to use my system? You use the keys I
provide!
Wireguard was designed to provide remarkably foolproof privacy and
security, but apparently fools are getting more ingenious these days.
The majority of our VPN clients (we are
approaching 50) could not find
their arse with both hands and so ...
... so they don't know to avoid a VPN provider who insists on having a
database containing all the private keys that protect all the clients'
identities and traffic.
Yeah, I know, this ham radio networking stuff is a toy. It just causes
trouble to teach naive users, they're better left in the dark. The net
is mostly only used for ragchewing anyway, except when a regional
disaster or an armed attack occurs. <irony> Nobody would ever want to
interfere with government responses to emergencies, nor spy on how
effective an armed attack was. </irony>
John
PS: When I worked at Data General in the 1970s, it was the software
department policy that everyone must give their login password to the
department secretary. Working late one night, we examined her desk, and
found the sheets of paper where all the passwords were written down.
Then we could impersonate anyone in the whole department.
<irony>Luckily, we were just writing DG's operating system software!
What national intelligence agencies would want to throw any untraceable
back doors into that??? DG machines were often used for process
control, like in dams and chemical plants and nuclear installations.
23 Feb
23 Feb
5:11 p.m.
You are maybe right if you are doing a large corporation networking vpn system.
But we are only linking ham radio devices to a network of ip addresses that are routable
to the internet.
It is a convenience service not a security service. We don't want to hide from the
government or the film industry to share illegal video or software.
It would be nice to put things in perspective.
Pierre
VE2PF
Obtenir Outlook pour Android<https://aka.ms/AAb9ysg>
________________________________
From: Nicholas Justin via 44net <44net(a)mailman.ampr.org>
Sent: Thursday, February 23, 2023 8:06:00 AM
To: KUN LIN <dnwk(a)linkun.info>
Cc: Joshua McDonald <josh(a)2cold.net>et>; Mark Phillips <enicomms(a)gmail.com>om>; Kris
Kirby <kris(a)catonic.us>us>; ken boyle <ken(a)kc2idb.net>et>; David Harris
<KE6GAE(a)hotmail.com>om>; 44net(a)mailman.AMPR.org <44net(a)mailman.ampr.org>
Subject: [44net] Re: IPIP Tunnel
That guide has a fundamental security flaw.
The private key should be only be known by the end-user. This is randomly generated
locally.
The end-user then tells the "sysop" what their public key is.
This is nothing specific to Wireguard, hamnet, etc. It's basic public-private key
cryptography.
Quote from guide:
"Delete the contents of the “Private Key” field and paste the private key from the
config file supplied by your
local sysop". (WRONG!)
On Wed, Feb 22, 2023, 6:42 PM KUN LIN via 44net
<44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>> wrote:
How did you get the Wireguard VPN account assigned to you?
Kun
________________________________
From: Mark Phillips via 44net
<44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>>
Sent: Monday, February 13, 2023 13:18
To: Joshua McDonald <josh@2cold.net<mailto:josh@2cold.net>>
Cc: Kris Kirby <kris@catonic.us<mailto:kris@catonic.us>>; ken boyle
<ken@kc2idb.net<mailto:ken@kc2idb.net>>; David Harris
<KE6GAE@hotmail.com<mailto:KE6GAE@hotmail.com>>;
44net@mailman.AMPR.org<mailto:44net@mailman.AMPR.org>
<44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>>
Subject: [44net] Re: IPIP Tunnel
I was just going to add Wireguard VPN as a solution for the Cellphone hotspot.
Available at 10 Hamgates and many other nodes. Mikrotik V7 OS works well. Go here for a
howto
http://hamgatepa.ampr.org/docs/Programming%20the%20MikroTik%20hAP%20lite%20…
On Mon, Feb 13, 2023 at 12:44 PM Joshua McDonald via 44net
<44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>> wrote:
On the client side, using Mikrotik can be done with Wireguard if on RouterOS v7. Use an
AP as a client to the Cellular Hotspot and build Wireguard tunnel back to “VPN
Concentrator” somewhere.
Of course would require someone on remote end to have public IP to terminate tunnel and
route the 44net subnet allocation.
I have done this, but both ends of tunnel and subnet allocation are all in my control. If
interested, I can go more in depth.
On Feb 13, 2023, at 12:21 PM, Kris Kirby via 44net
<44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>> wrote:
_______________________________________________
44net mailing list -- 44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>
To unsubscribe send an email to
44net-leave@mailman.ampr.org<mailto:44net-leave@mailman.ampr.org>
_______________________________________________
44net mailing list -- 44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>
To unsubscribe send an email to
44net-leave@mailman.ampr.org<mailto:44net-leave@mailman.ampr.org>
I don't think this is possible with a hotspot
from a cellular
connection.
You are behind a nat on cellular, which shares one public IP with many
and doesn't allow routable ports/protocols.
The only solution would be to get a public IP address from a home
connection or a vps, and setup a VPN to access it from remote.
I could be wrong, but that is my understanding at this point.
Not only that, but some VPSs do not allow loading the IPIP module, which
means that a full KVM virtualized private server is the only solution
short of setting up a VPS to announce a /24 via BGP.
--
Kris Kirby, KE4AHR
Disinformation Architect, Systems Mangler, & Network
Mismanager_______________________________________________
44net mailing list -- 44net@mailman.ampr.org<mailto:44net@mailman.ampr.org>
To unsubscribe send an email to
44net-leave@mailman.ampr.org<mailto:44net-leave@mailman.ampr.org> 
13 Feb
13 Feb
9:40 p.m.
I use a Mikrotik LTE router with an IOT SIM on Wireguard to connect a
D-STAR repeater over 44Net
--
John D. Hays
Kingston, WA
K7VE / WRJT-215
439
days inactive
454
days old
30 comments
17 participants
participants (17)
-
air gapped -
Charles Hargrove -
Dave Gingrich -
David Harris -
David McGough -
John D. Hays -
John Gilmore -
Joshua McDonald -
ken boyle -
Kris Kirby -
KUN LIN -
lleachii@aol.com -
Marius Petrescu -
Mark Phillips -
Nicholas Justin -
pete M -
Ruben ON3RVH