[CentOS] Pptp vpn server

m.roth at 5-cent.us m.roth at 5-cent.us
Wed Nov 3 10:15:29 EDT 2010


Ross Walker wrote:
> On Nov 3, 2010, at 9:07 AM, Les Mikesell <lesmikesell at gmail.com> wrote:
>> On 11/3/10 7:48 AM, Adam Tauno Williams wrote:
>>> On Wed, 2010-11-03 at 12:49 +0000, John Hodrien wrote:
>>>> On Wed, 3 Nov 2010, Adam Tauno Williams wrote:
>>>>
>>>>> On Wed, 2010-11-03 at 13:04 +0200, Eero Volotinen wrote:
>>>>>> 2010/11/3 mattias<mj at mjw.se>:
>>>>>>> How to setup a vpn server on centos?
>>>>>>> I can't find the pptpd in any repo
>>>>>> PopTop is possibly solution that you are looking for:
>>>>>> http://poptop.sourceforge.net/ , but ssl-vpn like openvpn is much
>>>>>> better solution (works correctly with any firewalls)
>>>>> PoPTP works very well. Also known as pptpd.
>>>> Although as has already pointed out, GRE and NAT issues make PPTP a
>>>> somewhat
>>>> odd choice given the alternatives.
>>>
>>> I agree;  but its issues verses the issues of the other
>>> alternatives....
>>> seems almost a wash to me.
>>
>> Errr, what issues does openvpn have?
>
> I'm no fan of any type of VPN as I think it's a way of extending your
> trusted LAN to an untrusted endpoint compromising internal trust levels,
> but if you are going to implement a VPN the type is of very little
> consequence (account/password is more likely to be compromised then
<snip>
> I would suggest only providing VPN access to administrators and for users
> providing a combination of SSL gateway to web-mail and some type of
> terminal service that either authenticates with a separate domain or is
> only accessible after successfully authenticating to the SSL gateway.
<snip>
Um, no. This might work for folks who *only* need access to their M$
Exchange via Outlook and Office, but for other work, including *anything*
that isn't being done in their browser, they're SOL about working, say,
from home.

It's even more secure it you just unplug it from the Internet....

       mark



More information about the CentOS mailing list