On 23/3/20 10:26 pm, Marko Cupać wrote:
> Anything I can do to avoid future hangs?

Whilst probably not the answer you're looking for: moving away from PPTP
would be a good start.

The MSCHAPv2 authentication used in PPTP is vulnerable to dictionary
attacks and the RC4 cipher used in MPPE (the security layer of PPTP) is
laughably weak in today's security context.  Whilst MSCHAPv2 can be
replaced with EAP-TLS, there's no fix for MPPE.

IPSec (which is built into OpenBSD) or OpenVPN (in ports) would be
vastly superior options.
-- 
Stuart Longland (aka Redhatter, VK4MSL)

I haven't lost my mind...
  ...it's backed up on a tape somewhere.

Reply via email to