On Wed, 2004-02-04 at 04:04, xyzzy@xxxxxxxxxx wrote: > On Wednesday 04 February 2004 4:10 am, Christoph Wickert wrote: > > PPTP is very insecure. Only use it if really needed, e. g. you want a > > simple dial in with your win98 client. Otherwise I recommend FreeS/WAN > > or OpenVPN. > Why, exactly, is PPTP insecure? Do you have any references for this? A simple google of "PPTP weaknesses" or "PPTP vs IPsec" would've yielded you a flood of useful information. > If my ISP is running a PPTP server will FreeS/WAN or OpenVPN even work at all? All of which are designed completely different. Believe it or not, you can actually run multiple layers of VPN traffic within one another. For example, my laptop uses FreeSWAN IPsec for all home traffic to my OpenBSD gateway. Yet, when I login to my work account, I'm using a PPTP tunnel, _inside_ of the IPsec ESP packets, to connect. And on top of _that_, I routinely use VNC inside SSH tunnels to further encrypt the session (inside the untrusted LAN on the corporate end). Now, that's not to say you're _definitely_ going to be able to do what you're trying. You should, but I'm also unfamiliar wtih your ISP's policies. Assuming they're not blocking VPN-style traffic (unlikely), you'll be fine. -- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net
