Jump to content

This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!

Router:Linux - Debian - With L2TP Fallback: Difference between revisions

Router:Linux - Debian - With L2TP Fallback (view source)

Revision as of 12:49, 11 April 2020

606 bytes added ,  11 April 2020
Added notes on security ssh
(Created page with "DSL lines are not perfect, and line resyncs are guaranteed to happen at the most inconvenient moment. Fortunately AAISP provide L2TP for subscriber...")
 
(Added notes on security ssh)
 
= Prerequsites =
* a Linux PCmachine with Debian JessieBuster already installed and twothree network interfaces - one for the connection to the modem, one for the connection to the alternative path router, and one for the connection to your LAN. The machine should be ready for internet facing duties, that means strong password!
* a ADSL or FTTC modem, or a fibre ONT (for FTTP) (as appropriate for your connection)
* an alternative path router of some type. In my case I am using a Huawei B315 4G router (With ethernet)
/sbin/ip -6 route del default dev ppp-aaisp-l2tp scope link
fi
 
=== Security ===
Your linux router will get the line /32 address, and sshd will listen on 0.0.0.0, hence will accept ssh connections from the internet. You'll find very quickly /var/log/auth.log fills with automated password attempts. I recommend altering /etc/ssh/sshd_config - either restrict it to binding on the internal IP only
ListenAddress 192.168.0.1
ListenAddress 2001:db8:0::1
 
or configure for ssh key authentication with no password fallback.
 
=== Finishing off ===
Wishy
28

edits

Retrieved from ‘http://support.aa.net.uk/Special:MobileDiff/14544