Eliezer Croitoru
2015-Sep-18 01:33 UTC
[CentOS] I want to connect to a l2tp server from centos.
Hey John, I do not require encryption at all, it's a secure and internal channel but it requires me to connect via either pptp or l2tp. This is the reason I am asking. I had the chance of finding the SoftEther Project which gives a lot in terms of VPN Client and Server. At: http://www.softether-download.com/en.aspx But yet to try it. Also they have all sorts of beta versions but not something they call stable in their downloads. I think I will try to use their product if I will not find an example on how to use l2tp without ipsec encryption. Thanks, Eliezer On 18/09/2015 03:00, John R Pierce wrote:> On 9/17/2015 4:47 PM, Eliezer Croitoru wrote: >> I have a server currently connecting to a pptp remote server. >> This server(lns\lac) has the option for pptp connections and l2tp >> connections. >> The l2tp connections are not using ipsec encryption at all. > > PPTP doesn't use ipsec either, it uses its own MPPE encryption based on > RC4, which is considered insecure as of years ago. > > L2TP is normally used within another encrypted transport.
Eliezer Croitoru
2015-Sep-18 06:21 UTC
[CentOS] I want to connect to a l2tp server from centos.
OK So i took the time and finally built a RPM for the softether vpn server and client. I have not tested them for usage but I found out that only the server side can work with multiple protocols while the client side works only with one protocol. The actual protocol is called "ethernet overl HTTPS". More info on the product: http://www.softether.org/ The gui is only for windows as far as I could understand. So no l2tp client there but aleast a nice VPN service. SRPM can be found here: http://ngtech.co.il/rpm/centos/7/SRPMS/softethervpn-4.18.9570-2.el7.centos.src.rpm The repo is here(also latest squid-cache repo): http://ngtech.co.il/rpm/centos/7/x86_64/ Eliezer On 18/09/2015 04:33, Eliezer Croitoru wrote:> Hey John, > > I do not require encryption at all, it's a secure and internal channel > but it requires me to connect via either pptp or l2tp. > This is the reason I am asking. > I had the chance of finding the SoftEther Project which gives a lot in > terms of VPN Client and Server. > At: > http://www.softether-download.com/en.aspx > > But yet to try it. > Also they have all sorts of beta versions but not something they call > stable in their downloads. > > I think I will try to use their product if I will not find an example on > how to use l2tp without ipsec encryption. > > Thanks, > Eliezer > > On 18/09/2015 03:00, John R Pierce wrote: >> On 9/17/2015 4:47 PM, Eliezer Croitoru wrote: >>> I have a server currently connecting to a pptp remote server. >>> This server(lns\lac) has the option for pptp connections and l2tp >>> connections. >>> The l2tp connections are not using ipsec encryption at all. >> >> PPTP doesn't use ipsec either, it uses its own MPPE encryption based on >> RC4, which is considered insecure as of years ago. >> >> L2TP is normally used within another encrypted transport. > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos
Richard Zimmerman
2015-Sep-18 14:02 UTC
[CentOS] I want to connect to a l2tp server from centos.
-----Original Message----- From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On Behalf Of Eliezer Croitoru Sent: Friday, September 18, 2015 2:21 AM To: centos at centos.org Subject: Re: [CentOS] I want to connect to a l2tp server from centos. <OK So i took the time and finally built a RPM for the softether vpn server and client. I have not tested them for usage but I found out that only the server side can work with multiple protocols while the client side works only with one protocol. The actual protocol is called "ethernet overl HTTPS". More info on the product: http://www.softether.org/> For what it's worth, it runs just fine downloading and running it directly. I will agree, they usually only release beta versions so we hang back one or two beta's from the latest. In my case SoftEther VPN "just works". I will say if you are new to VPN's as I was (and still learning) it'll drive you nuts at times setting things up to make it all mesh together. Router tables, firewall rules, etc. Once your golden, you can literally forget how it works. Yup, took plenty of notes. (Hopefully they are good enough :) ) We have a remote office and my home lan VPN'd into the server (All CentOS 6.7 boxen) on a virtual hub. My remote users (Windows only so far) VPN in on a separate virtual hub and so far it has gone well. Kudos to SoftEther VPN for a double click to start, double click to stop a VPN connection in Windows! I also wrote a script to setup the tap interfaces, routing table entries and do several test pings to make sure the links setup correctly. This was done because softEther VPN would be ready to go before the TAP interfaces were up and ready and caused issues. My smartphone users can connect via l2tp/IPsec but no one (including me) wants to mess with it. It would be really nice if the SoftEther VPN folks would write a smartphone client. <The gui is only for windows as far as I could understand.> Yes the GUI is Windows only (as far as I know) but works well no matter what platform the server is running well. <So no l2tp client there but aleast a nice VPN service.> Because my employer has AT&T Fiber/PNT/firewall/VPN services (read software defined networking) I'm actually happy my main support is SSL-VPN (via https) Makes my life a lot easier. It's to the point our company has decided NOT to use the AT&T global network client in favor of SoftEther VPN for our remote needs. Kind regards, Richard SRPM can be found here: http://ngtech.co.il/rpm/centos/7/SRPMS/softethervpn-4.18.9570-2.el7.centos.src.rpm The repo is here(also latest squid-cache repo): http://ngtech.co.il/rpm/centos/7/x86_64/ Eliezer --- Richard Zimmerman Systems / Network Administrator River Bend Hose Specialty, Inc. 1111 S Main Street South Bend, IN 46601-3337 (574) 233-1133 (574) 280-7284 Fax On 18/09/2015 04:33, Eliezer Croitoru wrote:> Hey John, > > I do not require encryption at all, it's a secure and internal channel > but it requires me to connect via either pptp or l2tp. > This is the reason I am asking. > I had the chance of finding the SoftEther Project which gives a lot in > terms of VPN Client and Server. > At: > http://www.softether-download.com/en.aspx > > But yet to try it. > Also they have all sorts of beta versions but not something they call > stable in their downloads. > > I think I will try to use their product if I will not find an example > on how to use l2tp without ipsec encryption. > > Thanks, > Eliezer > > On 18/09/2015 03:00, John R Pierce wrote: >> On 9/17/2015 4:47 PM, Eliezer Croitoru wrote: >>> I have a server currently connecting to a pptp remote server. >>> This server(lns\lac) has the option for pptp connections and l2tp >>> connections. >>> The l2tp connections are not using ipsec encryption at all. >> >> PPTP doesn't use ipsec either, it uses its own MPPE encryption based >> on RC4, which is considered insecure as of years ago. >> >> L2TP is normally used within another encrypted transport. > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos_______________________________________________ CentOS mailing list CentOS at centos.org https://lists.centos.org/mailman/listinfo/centos