From owner-freebsd-questions@FreeBSD.ORG Thu Mar 13 18:09:08 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E01A5783 for ; Thu, 13 Mar 2014 18:09:07 +0000 (UTC) Received: from mail-wi0-x231.google.com (mail-wi0-x231.google.com [IPv6:2a00:1450:400c:c05::231]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 79EC6B51 for ; Thu, 13 Mar 2014 18:09:07 +0000 (UTC) Received: by mail-wi0-f177.google.com with SMTP id cc10so1531605wib.16 for ; Thu, 13 Mar 2014 11:09:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20120113; h=from:to:date:mime-version:subject:message-id:priority:content-type :content-transfer-encoding:content-description; bh=ClJz9oIxb6ezr9zIXejsdScglnnBuXwg+MZrBmQwOUU=; b=wXXoiQ0r2TJwzTANTLfD+/2UHfP//IyXDnFYjk01c/7+Q7p7Ok2U8BmIfWbt/8b1qP mNTPqSLjyN+/7eAyR6brqxLzJIZJiKtslIF0+tuQZI6DU31/Ule/YZwaw8wokK9qMZ6q KbrF5tkvmh7tCZGnxvRVv9KCT3zqrRK9hW3IEoEUsKwSZZuaCeCy0UgHlevM6sNW/vtu gyko8pjEPgzFymPOLmPwyQR/fiS6m2HFL66N6mtHWlMlazd/cu2P5Kqv5Bj5tEnym0/C /FyiJZW1I00GTb8JQ4JxTdKHQ13VTnLaUoJJVlPK22/oKkjqqlYfz3thESJz/AquvFDp Fhtw== X-Received: by 10.180.19.138 with SMTP id f10mr2736569wie.11.1394734145876; Thu, 13 Mar 2014 11:09:05 -0700 (PDT) Received: from [192.168.16.70] ([217.41.35.220]) by mx.google.com with ESMTPSA id ee5sm9509979wib.8.2014.03.13.11.09.04 for (version=TLSv1 cipher=RC4-SHA bits=128/128); Thu, 13 Mar 2014 11:09:05 -0700 (PDT) From: Dave B To: freebsd-questions@freebsd.org Date: Thu, 13 Mar 2014 18:08:55 -0000 MIME-Version: 1.0 Subject: VPN choices? Message-ID: <5321F437.25463.1EE12BF@g8kbvdave.gmail.com> Priority: normal X-mailer: Pegasus Mail for Windows (4.62) Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Content-description: Mail message body X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Mar 2014 18:09:08 -0000 Hi All. A question for the collective. I'm asking here, as I trust the opinions of the assembled masses, over some other (perhaps) more appropriated lists. Anyway... I have a need for a simple VPN, to tunnel TCP and UDP trafic. It's the UDP requiement that's stumping me at present. I want to recreate something I did a few years ago. (Remote control my Ham Radio station, from my desk at lunchtime, and when stuck in a hotel when traveling for work.) The VPN I used at that time was "Hamachi" on windows boxes both ends. Nothing wrong with it, it was easy to setup, robust, fast and reliable, and carried all protocols without issue. But, alas Hamachi is no more in that guise, since the '5 dot' IP addresses were finaly released for routable internet use. That, and the no-cost personal option of service was removed by LMI who bought it from it's authors. All I need, is a single instance of a remote to home link, to tunnel UDP/TCP traffic. IPV4 only too. (No danger of my ISP moving to IPV6 for home users at least, in the forseeable future.) So, what choices... At the home end, I have the FBSD9.2 box ticking away nicely, and I regularly SSH into that and can do a lot of what I want over that path with PuTTY on the portable (Windows7/64) box. It "just works." But, it doesn't do UDP. So, I have to use Skype (or similar) for the sound path at present. That's where the issues lie. Bandwidth! Skype works OK, fine indeed here in the UK, but if either my domestic management is on Skype to her sister, or here at work, people are streaming music or video at lunchtime, then our 20MEG link gets saturated, or if I'm out in whereverland, bandwidth is scarce (some hotel systems actively block it too.) I'm stumped. What would the collective recommend, for either a simple UDP tunnel (only obscurity needed for privacy, and of course no back doors) to run alongside the sshd service. Or a full blown minimal VPN. The "remote" end, is a ubiquitous Windows7 (64bit) laptop, that already has all the usual MS based VPN client tools that work OK when traveling as I can easily get back to the office network. Would that carry UDP? If so, is there a FBSD service I can install to support that? So, not needing any extra software on the laptop. Else, what sensible choices please? Whatever it is, it has to be suitable for a bear of simple brain capacity to handle, when something burps some way in the future. 73. Dave B. (G0WBX)