I realize this is a bit off-topic, but since the VPN topic just popped up
I figured I'd ask ... at least it's not spam. ;-)
I was wondering if anyone had a HOWTO pointer or some general ideas on
how to create a VPN using Linux. Ideally, the system should encapsulate
an IP packet (with a non-routable address) inside another packet as data,
fully (128bit) encrypted, which would then be tunnelled to another Linux
machine, to decrypt the packet and route it properly. I know Linux will
do IP encapsulation (especially for the notebook users) but how would one
go about implementing an encryption layer in there?
Secondly, one of the key issues dealing with VPNs is authentication.
Sadly, I'm not terribly well versed in the OSI models et al, and don't
even know where to start in this respect. Does the TCP layer have an
extra (or data) field that can store an auth-key, or would I have to use
a modificied TCP stack? This system would use, of course, IPv4 ...
unless, of course, IPv4 could encapsulate an IPv6 packet that can be
authenticated against...
Ideas, suggestions?
Thanks,
Chrisotopher
Follow-Ups:
|
|
