Ive been using the Apple xServe that runs my network as a PPTP VPN server for a long time but I am sick, I AM SICK! of the unreliability and the service randomly unconfiguring itself without warning… I’ve been an apple fan boy since I got my first macbook, but that won’t stop me SMASHING THIS XSERVE TO BITS!!
Anyway, I’m looking for some PPTP VPN server software. My hardware is pretty limited I will probably be running a vm on ESXI 3.5 32 bit. Anything that runs on Ubuntu or Cent OS would be preferable. I do have a 2k3 and a 2k8 (not r2) VM that could be used too. I haven’t looked at dedicated hardware appliances due to my budget. My budget is two sticks of gum, some blue smarties and a can of coke. I’m happy to negotiate with any software manufactures for monster munch or space invaders too. Maybe an all bran bar for L2TP support.
What have you used or what can you recommend?
Many Thanks, Peter.
Edit:
After everyones advice I will be trying to move away from PPTP rather than re deploying it. I am downloading the OpenVPN ESXI VM now and will also look into L2TP. I know L2TP is blocked on my remote network but I don’t know about OpenVPN so I will test that.
Bear in mind that PPTP security is irredeemably broken. It’s also TCP over TCP, so it will not handle itself very well if the network connection is flaky (compared to, say, OpenVPN over UDP). Having said that, I’m with IbeeX on MikroTik. You can either grab RouterOS and run it in a VM, or you can go the hardware route - for short of $70 you can get a 750GL puck. You can even set it up to host multiple VPN types.
I’ve been dealing with this lately as well. Client has Macs and shit don’t always work except PPTP. Currently I’m doing some testing with pfSense as they also need a new firewall and so far seems to be working great. My boss hadn’t heard of Mikrotik but that was the original route I wanted to go, he thinks they’re too cheap to be good.
PFsense has a built in PPTP server that can authenticate to a local or Radius database. Pfsense also supports OpenVPN that will give you a nice upgrade path. Best of all…$0.
This may will come across as a stupid question but if a PPTP connection is first established then after that an L2TP connection would that be more secure than PPTP alone?
I don’t really know much about PPTP accept I’ve been advised agains’t used it by a few people now. The reason I use it is because on my remote network only PPTP connections are permitted. I don’t know the reason for this, I just comply. Could they be monitoring my traffic? gulp I Force 128 bit encryption always. All certs used are self signed.
Unfortunately it depends on what clients you have to support. Particularly with the rise of BYOD, we’re faced with clients who want to use Windows, OSX, Linux, iOS, Android and more.
Find a free VPN solution that works out of the box with all of the above, and PPTP will finally die.
PPTP is the only VPN protocol allowed by the ISP on my remote network.
You can run OpenVPN on any UDP port you like. If that won’t work, you can also run it on any TCP port you like, but this is discouraged due to the TCP-over-TCP problem.
I… really? Man. I imagine you could setup RD Gateway on your network and access your machines that way. It would be much more secure in any case, and you don’t have to have anyone one machine online really, just the gateway and the target machine. Also Direct Access in Server 2012 o/
