From: "Goboxe PH" <goboxe at gmail dot com>
> I have the following requirements for my company.
> 1. To connect our 3 offices using VPN. Now, all offices have broadband
The primary MUST have a static IP address. For ipsec to work, one endpoint
must be static IP.
> 2. Staff will connect to one VPN server (may be at HQ), but should be
> able to access network resources in the HQ and branches offices.
This should be able to be done with the correct firewall rules, and a bit of
static routing. It would be easiest with PPtP for your users, and ipsec for
the network lines.
> 3. To be able to log all user transactions e.g. which servers they are
> accessing, what services they are using, etc.
> My questions:
> a) RE. 2 above: What is the VPN configuration recommendation for the
> Is using IPSec for inter-office VPN & using PPTP for users authentication
> to VPN is a good choice?
So far, so good.
> b) RE. 3 above: How detail is the m0n0wall log file for VPN both IPSec and
> Can I trace what users are doing once connected to VPN?
> If possible, I would like to see the followings:
> - which servers they are accessing
> - what services they are using, may be by port number
> - how long they have login
> - from which IP they are connecting
The logs in monowall only tell you what user connected to pptp. To get
everything you want, you need some type of sniffer on each segment, and tie
that back to the pptp logs.