If your users use mainly windows, I think you should use VPN Passtrough, since it is simpler to configure on clients. And authentication is simpler to manage too. Cheers, Anderson
-----Mensagem original----- De: Steven Hodgen [mailto:[EMAIL PROTECTED] Enviada em: segunda-feira, 25 de junho de 2007 20:45 Para: support@pfsense.com Assunto: [pfSense Support] VPN question Ok, so I hope you will all forgive my inexcusable use of this list for questions that aren't 100% specific to pfSense. Nevertheless, I want to use pfSense to let me create a road-warrior for our internal Windows domain. So, at some level there are questions specific to pfSense. Actually, what this message is really about is my ignorance, and lack of ability to ferret out cogent answers on Google and searching this list. Information: * We have a server running Windows 2003 Standard Edition. * Another machine running pfSense 1.2 Beta-1 * A Comcast Business WAN with a static IP. * An internal LAN subnet 192.168.1.0/24 * Another subnet on a different different ethernet port 192.168.2.0/24 used for isolating our internal wireless traffic (we're a school and kids all use wireless and are not on domain). * So, we're using three of four available ethernet ports on the firewall machine. * I have roaming profiles configured and lots of Group Policy rules. Questions: 1. What is the best way to configure pfSense so that a road-warrior can access our LAN domain as if he/she was here (except for speed, of course). 2. Related to 1: what is the best (balance easy with secure) of the four choices: IPsec, OpenVPN, PPPoE, PPTP, way to achieve this. Pros/Cons. Ok, so now I'm going to thank you in advance for putting up with my questions. Truthfully, I know just about enough about networking and TCP/IP, etc. to be dangerous. But I learn quickly, and really appreciate your help. I hope I gave you all enough information. If there's a specific log or config file that would help you, please let me know. --Steven --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
