I'll throw in my 2 cents... I've used PPTP and OpenVPN. I like the ease of use of OpenVPN to the end user (via the openvpn GUI) The manuals on pfSense.com walk you through it step by step... so setup is easy for you as well. Just click and go! is all the user has to do, and if their connection drops for whatever reason, it will automatically reconnect for them. I also like the way it adds the interface rather that tunneling all traffic. This saves our precious bandwidth on site and lets all the downloading at home go out their own gateway.
PPTP is nice for the devices that can't support openvpn (such as pocketpc's), so I use both protocols -Tim -----Original Message----- From: Steven Hodgen [mailto:[EMAIL PROTECTED] Sent: Monday, June 25, 2007 4:45 PM To: support@pfsense.com Subject: [pfSense Support] VPN question Ok, so I hope you will all forgive my inexcusable use of this list for questions that aren't 100% specific to pfSense. Nevertheless, I want to use pfSense to let me create a road-warrior for our internal Windows domain. So, at some level there are questions specific to pfSense. Actually, what this message is really about is my ignorance, and lack of ability to ferret out cogent answers on Google and searching this list. Information: * We have a server running Windows 2003 Standard Edition. * Another machine running pfSense 1.2 Beta-1 * A Comcast Business WAN with a static IP. * An internal LAN subnet 192.168.1.0/24 * Another subnet on a different different ethernet port 192.168.2.0/24 used for isolating our internal wireless traffic (we're a school and kids all use wireless and are not on domain). * So, we're using three of four available ethernet ports on the firewall machine. * I have roaming profiles configured and lots of Group Policy rules. Questions: 1. What is the best way to configure pfSense so that a road-warrior can access our LAN domain as if he/she was here (except for speed, of course). 2. Related to 1: what is the best (balance easy with secure) of the four choices: IPsec, OpenVPN, PPPoE, PPTP, way to achieve this. Pros/Cons. Ok, so now I'm going to thank you in advance for putting up with my questions. Truthfully, I know just about enough about networking and TCP/IP, etc. to be dangerous. But I learn quickly, and really appreciate your help. I hope I gave you all enough information. If there's a specific log or config file that would help you, please let me know. --Steven --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
