Nah, Jason... that's the main point here... :-( I know that PPTP/GRE scheme has serious flaws and security problems.
I think it's better to use OpenVPN or even IPSec here. I tried to convince my boss to change this actual structure here (a RRAS M$ W2K3 server on LAN, behind the router, using PPTP/GRE), but he stated that we have external users who eventually need to connect on our network, just like in a "roadwarrior way". And, in his opinion (he's the boss, indeed), I have to maintain this structure, without any impact to the network structure. I also have tried Frickin PPTP proxy, but it's a very outdated project, and even on the pfSense FAQ, they inform that it's not a good idea, simply because it doesn't work. =) Well, i got another question related to my pfSense box... my pfSense has version 1.0.1. In the boot, a weird message appeared: Stopping /usr/local/etc/rc.d/proxy_monitor.sh... and then the system freezes indefinitely here. Do they have any fix for this issue on version 1.2-RC3? Cheers, Luciano >> quick question... could this situation be made into a site to site vpn? >> im assuming that you are using pptp because of a rras box correct? and you want to auth off of AD? >> you could use open vpn ive never set it up on pf. >> Check the fourms i believe i saw a post about someone working with frickin, but i dont remember. _____ avast! Antivirus <http://www.avast.com> : Outbound message clean. Virus Database (VPS): 071205-1, 05/12/2007 Tested on: 5/12/2007 15:52:18 avast! - copyright (c) 1988-2007 ALWIL Software.
