[ previous ] [ next ] [ threads ]
 
 From:  "Tech Terapies" <tech at terapies dot org>
 To:  "'dan'" <haguru at gmail dot com>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] PPTP questions
 Date:  Fri, 19 May 2006 17:29:17 +0200 
In front of a the problems on the various vpn clients, and the many problems
for install and use on basic users without admin privileges, is the best
solution for a mobile clients, specially if users and pass are taken from
ldap or radius.
Try to run a sonic vpn client, or dlink, or cisco or any other on a portatil
with w2k or xp with a basic user without privileges (specially if you made a
hard work on domain polices) Is impossible.
 
The native pptp client from w2k or xp, works fine.
 
It's not the best, but the little problem.
 
best regards
 
 
 
Tech Services Terapies.org
Jan Arbona
__________________________________________
 

  _____  

From: dan [mailto:haguru at gmail dot com] 
Sent: Friday, May 19, 2006 5:24 PM
To: tech at terapies dot org
Subject: Re: [m0n0wall] PPTP questions


Do you consider PPTP to be secure enough? 


On 5/18/06, Tech Terapies <tech at terapies dot org> wrote: 

We have about 200 sonicwall 1260, 2040.... And about 100 m0n0,
Our standard, if depends the bussines and the money, we prefer a mother and
father behind all.
For us, m0n0 is perfect for a first fw, little remote users, as example a 
Remote user needs connect to the office.... We put a ipsec vpn from m0n0 to
sonicwall.

Ussually we puts m0n0 over an EM appliance, never over soekris or old pc.
We have pptp users on special situations, usually we puts ipsec tunnels. 

The bussines is the bussines, and our experience is, for a moderate support
price, the problems are out.




Tech Services Terapies.org
Jan Arbona
__________________________________________ 

-----Original Message-----
From: dan [mailto:haguru at gmail dot com]
Sent: Thursday, May 18, 2006 2:47 PM
To: m0n0wall at lists dot m0n0 dot ch  <mailto:m0n0wall at lists dot m0n0 dot ch> 
Subject: [m0n0wall] PPTP questions

Hello,

1) I am strongly considering switching from an external SonicWall SOHO vpn
appliance (ipsec) to the internal pptp server m0n0wall offers.  I have been
testing the PPTP server, and it seems to be pretty stable, but I am a little
concerned about the security aspect.  Most whitepapers discussing PPTP
security mention that it is fairly easy to compromise this protocol.  I do 
enforce 128 bit security, but would like more details on how secure this
protocol really is.  Also, are there any other reasons why I shouldn't
migrate to PPTP?

2) I configured the PPTP server to use our radius server (IAS on a win2k AD 
box), and it looks like I can't assign static ip addresses when using
radius.  Is this assumption correct, or did I miss something obvious?

Thanks!