Hi All,
This is a general VPN question; PPTP VPNs seem to be very easy to set up with CentOS as the VPN server and the built-in windose client, but how do list members feel about the security vunerabilities reported with the MS implementation? Specifically the 6 problems reported here : http://www.schneier.com/pptp-faq.html or maybe im being paranoid?
Would any of you roll this solution out using the MS client for business use? I generally dont trust anything MS does, especially when security is concerned
I feel i should be leaning towards an IPSec VPN, would anyone agree? (exchanging keys is not a problem for us)
Thanks to all of you - this mailing list is fantastic :)
Regards,
MrKiwi
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Tue, Nov 07, 2006 at 12:27:59PM +1300, MrKiwi wrote:
This is a general VPN question; PPTP VPNs seem to be very easy to set up with CentOS as the VPN server and the built-in windose client, but how do list members feel about the security vunerabilities reported with the MS implementation? Specifically the 6 problems reported here : http://www.schneier.com/pptp-faq.html or maybe im being paranoid?
Would any of you roll this solution out using the MS client for business use? I generally dont trust anything MS does, especially when security is concerned
I feel i should be leaning towards an IPSec VPN, would anyone agree? (exchanging keys is not a problem for us)
If possible, my suggestion is always to use OpenVPN.
Having used PPTP and IPSec on many places in the past, OpenVPN proved to be the most simple and easy to have working (no NAT issues, among other things) of the bunch.
- -- Rodrigo Barbosa "Quid quid Latine dictum sit, altum viditur" "Be excellent to each other ..." - Bill & Ted (Wyld Stallyns)
Rodrigo Barbosa wrote:
On Tue, Nov 07, 2006 at 12:27:59PM +1300, MrKiwi wrote:
I feel i should be leaning towards an IPSec VPN, would anyone agree? (exchanging keys is not a problem for us)
If possible, my suggestion is always to use OpenVPN.
Having used PPTP and IPSec on many places in the past, OpenVPN proved to be the most simple and easy to have working (no NAT issues, among other things) of the bunch.
I only can second that. Fewer hassles than any of the other solutions and relatively painless.
Ralph
-
MrKiwi -
Ralph Angenendt -
Rodrigo Barbosa