DarkFoon wrote:
Hello all,
my client wants himself and his franchisees to be able to securely
access a fileserver (actually it's his workgroup-soon to be
domain-server) behind the pfSense box and upload important data files
to it. These clients are using laptops with wireless connections(3G
access, not wi-fi, but possibly wi-fi too), or desktops at home behind
little home firewall/routers with broadband internet. All are running
windows XP Pro.
pfSense offers me three kinds of VPN, as you all know: PPTP (about
which I've read numerous articles citing security flaws in its
authentications using MS-CHAP), IPSec is for site-to-site (and
impossibly to set up under windows, because all methods I've
reasearched require a static IP on the windows computer, and 3G
doesn't offer static IPs), and finally OpenVPN which is experimental
and messes up the OPTx interfaces (of which this pfSense box has 4).
I would like to give Stunnel a try, but the package doesn't install on
pfSense (despite saying that it's stable).
So as you can see, I've got a bit of a problem. If there is an easier
way to set up IPSec on a mobile windows client, I'd love to hear it.
If there's a way to secure PPTP (other than upgrading the PPTP server
in pfSense which, I have been told, will not be done) I'm all ears. If
OpenVPN is more stable than the warning on its config pages makes it
sound, let me know. I'm out of ideas.
Thank you all
A Rossi
you may want to consider sslexplorer with Davenport as a module (or use
the sslexplorer built in filebrowser) installed on the server...
just choose a https port to forward...
http://sourceforge.net/projects/sslexplorer/
http://davenport.sourceforge.net/
Both are on sourceforge and are decent projects...
Cheers
Alex
