|
||||||||||
Hi Daniel! Am Mittwoch, den 19.10.2005, 10:56 +0200 schrieb Daniel Fabian: > Thanks for the answer, and sorry if this reply is messed up I do my best in rearranging the posting ;-) > What exactly do I need for OpenVPN over PPTP? Wrong question, see below. > Am I correct to assume that I need an additional OpenVPN server, You are free to do the encryption and decrytion on an extra machine behind your firewall/router. > or does it run on m0n0? It did it before 1.2. OpenVPN was removed from m0n0wall in 1.2. Use my images from [1]. They have much better support for OpenVPN anyway. Images based on 1.2final are expected by the end of this week. You can find prereleases in the testing subdirectory. > If the first is the case, I would only allow PPTP users to > connect to my OpenVPN Server, and if they are authenticated > there, they get access into my LAN. Is that correct? Do > you have any references for running OpenVPN over PPTP with m0n0? OpenVPN has nothing in common with PPTP (or IPSec). In short: A CA provides each of your clients with a valid certificate and key. When connecting to the OpenVPN Server, the certificate is checked and if valid, the client can send and receive encrypted packets to and from the main site. OpenVPN uses udp (or even tcp) based communication for that, so that it isn't any problem to tunnel these packets through a router which does NAT (no need for an own IP protocol like GRE or ESP/AH). Look at [2] for a much deeper description of what OpenVPN is and can do. Ciao ... ... PIT ... [1] http://www.protec-t.de/m0n0wall/downloads/ [2] http://openvpn.net --------------------------------------------------------------------------- copyleft(c) by | _-_ Why use Windows, since there is a door? (By Peter Allgeyer | 0(o_o)0 fachat at galileo dot rhein dash neckar dot de, Andre Fachat) ---------------oOO--(_)--OOo----------------------------------------------- |