Re: VPN server security

From: morten skrubbeltrang (mskrubbeltrang@hotmail.com)
Date: 03/25/03


From: mskrubbeltrang@hotmail.com (morten skrubbeltrang)
Date: 25 Mar 2003 13:09:46 -0800


Hi Alex.

You have to protocols to choose between, PPTP or L2TP/IpSec. The last
is the most secure as it does 2 way computer validation as well as
user validation and it is certificate based, which means your client
need a certificate stored locally.
Unfortunately it does not support NAT server side so unless your
clients and you VPN server will be directly attached to the Internet
(non-private IP addresses) this is not an option.
But don't worry, PPTP combined with port filtering on the VPN server
is quite secure also. You're also able to create custom lock-out
policies that will not affect normal LAN based domain logon. This is
controlled through the registry.
You'll find step-by-step guides to both PPTP and L2TP based VPN
solutions at this resource:

http://www.skrubbeltrang.com/Search.aspx?search=remote+access+service+provider

Hope this helps,

Morten Skrubbeltrang

"Alex" <alex_acetozibr@yahoo.com> wrote in message news:<392901c2f2c2$3508c6a0$2f01280a@phx.gbl>...
> Hi all,
>
> I need to build a VPN server so people users will make a
> VPN connection to connect to our company network from
> their home. These are confidential information and the
> connection should be very secure. What is the best way to
> get this done ? What protocols and authentication methods
> should i use ? Any documentation about it ?
>
> Thanks in Advance,
> Alex



Relevant Pages

  • Re: PPTP on W2K and W2K3
    ... Pptp is easier to implement but technically not as ... secure though it is still very secure if users use complex passwords and ... when either the client or VPN server is behind a NAT device. ... NAT-T client upgrade that can be used if the VPN server is Windows 2003. ...
    (microsoft.public.win2000.security)
  • Tried other newsgroups but no-one could help my VPN problem
    ... Desktop givees an ACk at step6 and does not connect to VPN server. ... Laptop gives the proper "outgoing call request" and does connect to VPN ... revealer which revealed nothing. ... "PPTP" ...
    (microsoft.public.win2000.networking)
  • Re: wireless router and VPN server
    ... What kind of VPN server? ... PPTP, IPSec, L2TP, or proprietary. ... I've been using DD-WRT firmware on various supported routers: ...
    (alt.internet.wireless)
  • Re: PPTP/MPPE + Smartcards/EAP-TLS: Security?
    ... PPTP with MS-CHAPv2 seems to be allright, and you actually don't need to ... > then sent in a secure way from the ... > of MPPE is solved by not using MS-CHAP but Smartcards. ...
    (microsoft.public.win2000.security)
  • cisco 877 pptp passthrough
    ... I have a problem where a client machine behind the cisco 877W adsl router ... could not log on to an external Microsoft VPN server using pptp. ... This problem didn't happen with a cisco 837 with simiilar config. ...
    (comp.dcom.sys.cisco)