On 3/5/10, Randal L. Schwartz <mer...@stonehenge.com> wrote: >>>>>> "Tim" == Tim Judd <taj...@gmail.com> writes: > > Tim> I've been in that same boat. I eventually came to the decision to: > Tim> Install PPTP server software, accepting connections from any IP. > > Whoa. Here we are, talking about making it *more* secure, and > you go the other direction.... > > > http://en.wikipedia.org/wiki/Point-to-Point_Tunneling_Protocol#Security_of_the_PPTP_protocol > > > In short, you can't take anyone seriously who suggests PPTP when > talking about security. >
Randal, It's not meant as the solution for remote access. It's only a stopgap so you can ssh into your router and add the remote IP. Then disconnect from the VPN you've configured, PPTP or not, and use SSH. And the fact that I haven't (yet) seen random bots try vpn will keep my logs clean. I'm sorry, I respect Randal very much, but.. A) ..wikipedia? that's informative and useful, but not authoritative in any way. B) It's connected for maybe 5 minutes at most. While connected, your ssh session is still encrypted while you add the current remote IP. I stand by my statements. The other way (which requires a cron job) is to setup your roaming laptop with a dyndns address (or similar service) and have your router re-load it's firewall config periodically for any possible IPv4/IPv6 address changes to be picked up. I haven't done this to finish yet. _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"