From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 810D81382C5 for ; Thu, 5 Apr 2018 22:54:03 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id CFED5E0978; Thu, 5 Apr 2018 22:53:55 +0000 (UTC) Received: from tncsrv06.tnetconsulting.net (tncsrv06.tnetconsulting.net [IPv6:2600:3c00::f03c:91ff:fe26:8849]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 5F16EE0966 for ; Thu, 5 Apr 2018 22:53:54 +0000 (UTC) Received: from REDACTED ([IPv6:2620:0:102a:11:fe50:e322:5780:92c6]) (authenticated bits=0) by tncsrv06.tnetconsulting.net (8.15.2/8.15.2/Debian-3) with ESMTPSA id w35MrqX8006291 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO) for ; Thu, 5 Apr 2018 17:53:53 -0500 ARC-Filter: OpenARC Filter v0.1.0 tncsrv06.tnetconsulting.net w35MrqX8006291 Authentication-Results: tncsrv06.tnetconsulting.net; arc=none header.d=tnetconsulting.net ARC-Seal: i=1; a=rsa-sha256; d=tnetconsulting.net; s=2015; t=1522968833; cv=none; b=z3RhPUhHK52+uFeV43n0cJqdUMxpYbqvy7AstLeIw4LhHNXGkLJKDGC9RE0PCgrXvrQfF6B/FKkh6flwpowFJrGFXWy0bP47cDXGGywv+pkk66MDDXYSiAWlI1gFq2BK0/SWvTc/DtOanJ6onqi/7r0PwdVHtBcb+DHHHJko3Rk= ARC-Message-Signature: i=1; a=rsa-sha256; d=tnetconsulting.net; s=2015; t=1522968833; c=relaxed/simple; bh=8FOWuRJ/YQEYVKh6cFd0lqCAOlgbKTpHfdLncd0gFP0=; h=Subject:To:From:Message-ID:Date:User-Agent:MIME-Version: Content-Type:Content-Language:Content-Transfer-Encoding; b=KcnKdV3eWmWTba6oCItDXXFAYGlLqgM/Kh5sDR7hJ4cUFCwbfH06Rm6QCF07nAhGRovUd5USZBhcHBOAeY0HoTujpLPTGtaCuPKuOAmkwYwqwaGqvk8ZEl25vETHSi0RjNANzhDuQh/HKFdUdrXrpR+54b5HxKMVwa5A7xysALE= ARC-Authentication-Results: i=1; tncsrv06.tnetconsulting.net; none Subject: Re: [gentoo-user] [OT] What is the best open-source VPN server for Linux? To: gentoo-user@lists.gentoo.org References: From: Grant Taylor Organization: TNet Consulting Message-ID: <11ac7a29-109b-883f-9d98-0b29ab24c400@spamtrap.tnetconsulting.net> Date: Thu, 5 Apr 2018 16:53:52 -0600 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit X-Archives-Salt: 7173855c-544d-4840-9939-610cc82d49b0 X-Archives-Hash: 2619a7d1122a6f64334d6002adb21255 On 04/05/2018 08:51 AM, gevisz wrote: > It is strange because just today I have learned that VPN server should > be set on the host with static IP visible the in Internet. Otherwise a > VPN-client has no way to connect to the VPN-server. The static IP is not a strict requirement. It just greatly simplifies things. — There are multiple ways to deal with dynamic IPs. The biggest requiremment is the ability for traffic (from the VPN client(s)) to make it into the VPN server. Ideally the VPN server is directly connected to the internet. It is possible to get many (if not most) VPN protocols to work thorugh something like NAT port forwarding with proper due dilligence. The inability to get traffic into the VPN server means that it's a non-starter. -- Grant. . . . unix || die