We have about 200 sonicwall 1260, 2040.... And about 100 m0n0,
Our standard, if depends the bussines and the money, we prefer a mother and
father behind all.
For us, m0n0 is perfect for a first fw, little remote users, as example a
Remote user needs connect to the office.... We put a ipsec vpn from m0n0 to
Ussually we puts m0n0 over an EM appliance, never over soekris or old pc.
We have pptp users on special situations, usually we puts ipsec tunnels.
The bussines is the bussines, and our experience is, for a moderate support
price, the problems are out.
Tech Services Terapies.org
From: dan [mailto:haguru at gmail dot com]
Sent: Thursday, May 18, 2006 2:47 PM
To: m0n0wall at lists dot m0n0 dot ch
Subject: [m0n0wall] PPTP questions
1) I am strongly considering switching from an external SonicWall SOHO vpn
appliance (ipsec) to the internal pptp server m0n0wall offers. I have been
testing the PPTP server, and it seems to be pretty stable, but I am a little
concerned about the security aspect. Most whitepapers discussing PPTP
security mention that it is fairly easy to compromise this protocol. I do
enforce 128 bit security, but would like more details on how secure this
protocol really is. Also, are there any other reasons why I shouldn't
migrate to PPTP?
2) I configured the PPTP server to use our radius server (IAS on a win2k AD
box), and it looks like I can't assign static ip addresses when using
radius. Is this assumption correct, or did I miss something obvious?