[pfSense-discussion] VPN woes

[DarkFoon]

My client wants VPN for his company, so his franchisees can VPN connect to the domain in his office and share files or something (he's rather vague about this). Right now, I've got his PfSense box at my house so I can test it. I'd like to test the VPN from his office, but they're behind a router/firewall (a SpeedStream consumer POS).   From what I can tell (and Google) PPTP is the easiest to use and I could probably use it from behind their firewall/router, but it has some serious flaws: Microsoft patched it and it randomly drops connections and is more insecure.   I'd use IPSec, but IPSec requires router/firewall to router/firewall connection (to connect subnets to subnets), or so it seems, and I doubt that little crappy SpeedStream even knows what VPN means. Besides, we're both on DHCP ISPs, and it sounds like that makes things different. Once I switch his office over to the PfSense box, I could test it using my m0n0wall box at my house, but I'd rather test that it works before I do that.   OpenVPN, being experimental, is at the bottom of my list. I don't really want to deal with that at this moment in time, but it sounds like it might make it easier for my client's sometimes-computer illiterate franchisees to log in (I tried it with the windows GUI on an XP box) ... eventually.   After all this complaining, I should explain completely what my client wants in the hopes that it will help you to help me. Basically, he wants to: a) be able to log into the in-office domain from his home and work there without actually having to copy the files and such. and b) have his franchisees log into the in-office domain and put their earnings and other business related information in a central place.   His access from home would be from a laptop with a wireless internet (not wifi, but cingular 3G) The franchisees would be accessing from personal computers, and possibly from their own offices that I could put behind PfSense boxes (but I don't know about the offices part; my client has been a little vague in this area)   ask any questions to help further clarify. Thanks