I'm looking at ways of connecting a small Linux system (a Beaglebone Black, but a Raspberry Pi is near enough) on my boat in France which is headless and behind a NAT WiFi (or 3G/4G) server to my home desktop or laptop so I can 'talk' to it.
Currently I have ssh reverse tunnels set up by outward connections from the remote Linux system that allow me to ssh into the system. This works OK except that the marina WiFi it uses is a 'captive portal' system where you have to open a web browser and it pops up a login screen where you enter name and password before it connects you to the internet. The connection, once made, stays up for several weeks but when it disconnects for any reason there's no easy way to reconnect automatically, has to be a human being to do it.
So, I'm considering getting a 3G/4G USB dongle to connect via the mobile network so I don't have to jump through the marina's WiFi hoops.
I can continue to do my reverse ssh tunnel connection but everyone I talk to about this says a VPN is the answer. However I'm having a hard time seeing how to get this installed and working without a huge amount of effort.
For example wireguard is supposed to be a simpler, easier alternative to OpenVPN but take a look at:-
https://www.wireguard.com/quickstart/
It's horrible! It's do-able, I can understand all the stages but it's just not nice.
Similarly VPN tutorials are full of misinformation, take a look at this one:- https://thishosting.rocks/how-to-set-up-openvpn-on-ubuntu/
It's rubbish! ... and all the others I've looked at are either similarly wrong or more complex than the wireguard one.
Is VPN *really* this difficult? If so I'll stay with my ssh approach.
A totally rookie point, and probably one you've already considered, but we (the UK) regain roaming charges as of next year so 3G/4G will cost.
Bev.
On 27/12/2020 22:47, Chris Green wrote: <snip background>
So, I'm considering getting a 3G/4G USB dongle to connect via the mobile network so I don't have to jump through the marina's WiFi hoops.
<snip>
On Mon, Dec 28, 2020 at 12:07:37AM +0000, Bev Nicolson wrote:
On 27/12/2020 22:47, Chris Green wrote:
<snip background> > > > So, I'm considering getting a 3G/4G USB dongle to connect via the > mobile network so I don't have to jump through the marina's WiFi > hoops. > A totally rookie point, and probably one you've already considered, but we (the UK) regain roaming charges as of next year so 3G/4G will cost.
Yes, but I'll have a french SIM in the dongle in France and it will just connect to the mobile provider's network to get a connection, no roaming involved.
On Sun, 27 Dec 2020 at 23:10, Chris Green cl@isbd.net wrote:
For example wireguard is supposed to be a simpler, easier alternative to OpenVPN but take a look at:-
https://www.wireguard.com/quickstart/It's horrible! It's do-able, I can understand all the stages but it's just not nice.
I don't honestly think that looks that bad, and it looks better than the average docs.
If you cast your mind back to reading the ssh man page, looking at ssh examples and trying to set up reverse tunnels (is this the right way round?) that was also quite bad I'm sure.
Is VPN *really* this difficult? If so I'll stay with my ssh approach.
I might well do the same but that's probably because we are both quite familiar with SSH not because it's any easier than wireguard.
S
On Sun, 27 Dec 2020 22:47:42 +0000 Chris Green cl@isbd.net allegedly wrote:
I can continue to do my reverse ssh tunnel connection but everyone I talk to about this says a VPN is the answer. However I'm having a hard time seeing how to get this installed and working without a huge amount of effort.
For example wireguard is supposed to be a simpler, easier alternative to OpenVPN but take a look at:-
https://www.wireguard.com/quickstart/It's horrible! It's do-able, I can understand all the stages but it's just not nice.
Similarly VPN tutorials are full of misinformation, take a look at this one:- https://thishosting.rocks/how-to-set-up-openvpn-on-ubuntu/
It's rubbish! ... and all the others I've looked at are either similarly wrong or more complex than the wireguard one.
Is VPN *really* this difficult? If so I'll stay with my ssh approach.
Chris
No, it really isn't difficult, and there are plenty of really good tutorials out there. Take a look in particular at the Debian article at https://wiki.debian.org/OpenVPN or the excellent Arch tutorial at https://wiki.archlinux.org/index.php/OpenVPN.
But haven't we been here before? Back in 2012 I wrote a post https://baldric.net/2012/10/27/using-openvpn-to-bypass-nat-firewalls/ following a similar discussion on ALUG. Does that help?
Mick
--------------------------------------------------------------------- Mick Morgan gpg fingerprint: FC23 3338 F664 5E66 876B 72C0 0A1F E60B 5BAD D312 https://baldric.net/about-trivia ---------------------------------------------------------------------
On Mon, Dec 28, 2020 at 03:17:11PM +0000, mick wrote:
On Sun, 27 Dec 2020 22:47:42 +0000 Chris Green cl@isbd.net allegedly wrote:
I can continue to do my reverse ssh tunnel connection but everyone I talk to about this says a VPN is the answer. However I'm having a hard time seeing how to get this installed and working without a huge amount of effort.
For example wireguard is supposed to be a simpler, easier alternative to OpenVPN but take a look at:-
https://www.wireguard.com/quickstart/It's horrible! It's do-able, I can understand all the stages but it's just not nice.
Similarly VPN tutorials are full of misinformation, take a look at this one:- https://thishosting.rocks/how-to-set-up-openvpn-on-ubuntu/
It's rubbish! ... and all the others I've looked at are either similarly wrong or more complex than the wireguard one.
Is VPN *really* this difficult? If so I'll stay with my ssh approach.
Chris
No, it really isn't difficult, and there are plenty of really good tutorials out there. Take a look in particular at the Debian article at https://wiki.debian.org/OpenVPN or the excellent Arch tutorial at https://wiki.archlinux.org/index.php/OpenVPN.
But haven't we been here before? Back in 2012 I wrote a post https://baldric.net/2012/10/27/using-openvpn-to-bypass-nat-firewalls/ following a similar discussion on ALUG. Does that help?
Yes, I have been here before but it was coming from a different direction! :-)
On 27/12/2020 22:47, Chris Green wrote: []
I can continue to do my reverse ssh tunnel connection but everyone I talk to about this says a VPN is the answer. However I'm having a hard time seeing how to get this installed and working without a huge amount of effort.
For example wireguard is supposed to be a simpler, easier alternative to OpenVPN but take a look at:-
https://www.wireguard.com/quickstart/It's horrible! It's do-able, I can understand all the stages but it's just not nice.
Similarly VPN tutorials are full of misinformation, take a look at this one:- https://thishosting.rocks/how-to-set-up-openvpn-on-ubuntu/
It's rubbish! ... and all the others I've looked at are either similarly wrong or more complex than the wireguard one.
Is VPN *really* this difficult? If so I'll stay with my ssh approach.
Well....
You *could* add a Pi to your system and add PIVPN to the mix. It is an absolute doddle to use and I don't think it would tax a pi so you could run it on any except a 1st gen one. You'd want it wired-networked though.
Steve
-
Bev Nicolson -
Chris Green -
mick -
Steve Mynott -
steve-ALUG@hst.me.uk