15 Jan
2018
15 Jan
'18
12:08 a.m.
Hi Dennis,
On Sun, Jan 14, 2018 at 09:06:10PM +0100, Dennis Hecken wrote:
Dear LibrrMesh Team,
is it possible only grant access to internet only via VPN like vpn.ac or
PricateInternetAccess.com or just fastd? In Germany the law is not the
best in this case and publishing the private internet Access to public
is risky!
I did not find any information about this feature. Thanks a lot!
As VPN connectivity usually requires per-device credentials it is
up to you to setup VPN on a capable device -- either on the libremesh
router itself by installing fastd, openvpn, wireguard, ... via opkg or
by using a dedicated, more powerfull OpenWrt box capable of doing the
VPN gateway traffic at wirespeed.
In terms of using the libremesh scripts to pre-provision a VPN client:
It's as easy as adding uci-defaults scripts setting up the vpn config
and dependencies e.g. on fastd in a community profile package.
However, then you'd have to publish the vpn credentials in a public
git repository which may not be what you want and probably the reason
why nobody does it like that.
For all the rest, such as setting up VPN network configuration,
firewall stuff and routing protocol setup a uci-default script would
currently be the way to go.
However, it would generally be nice if we had a more defined model
for inter-mesh (ie. using routing protocols) as well as gateway VPNs
(ie. server pushed default route). Anyone?
Cheers
Daniel
Best regards,
Dennis
_______________________________________________
lime-dev mailing list
lime-dev(a)lists.libremesh.org
https://lists.libremesh.org/mailman/listinfo/lime-dev