Easy, but worth viewing the screenshots: IPredator – Setting up a PPTP connection on Mac OS X Lion.
Although: I should follow Don’t use PPTP, and don’t use IPSEC-PSK either (via: CloudCracker blog)
–jeroen
Archive for the ‘VPN’ Category
Setting up a PPTP connection on Mac OS X Lion
Posted by jpluimers on 2013/07/05
Posted in Apple, IPSec, Mac, Mac OS X / OS X / MacOS, Mac OS X 10.7 Lion, MacBook, MacBook Retina, MacBook-Air, MacBook-Pro, Network-and-equipment, OS X 10.8 Mountain Lion, Power User, PPTP, VPN | Leave a Comment »
Don’t use PPTP, and don’t use IPSEC-PSK either (via: CloudCracker blog)
Posted by jpluimers on 2013/06/24
A while ago, I had to connect to secure data over PPTP.
It reminded me of this post from about a year ago: via Divide and Conquer: Cracking MS-CHAPv2 with a 100% success rate (now archived at the wayback machine).
Their main point:
MS-CHAPv2 can be cracked within less than a day (and that time will only get less).
Their short conclusion “basically PPTP is dead, and IPSEC-PSK is worse” leads to the recommendation:
This leaves either an OpenVPN configuration, or IPSEC in certificate rather than PSK mode.
Longer quote: Read the rest of this entry »
Share this:
Posted in IPSec, Network-and-equipment, Power User, PPTP, Security, VPN | 3 Comments »
OpenVPN connect to the same LAN (bridged mode) (via: The VPN Menu — Endian UTM Appliance v2.4 documentation)
Posted by jpluimers on 2012/08/03
Another research item:
Need to provide access through OpenVPN to the same LAN as where the OpenVPN server runs on.
This is unusual, and requires a bridged OpenVPN solution.
Jürgen Schmidt wrote a nice article on this in 2008.
Endian community edition seems to support this out of the box:
Server configuration
In this panel you can enable the OpenVPN server and define in which zone it should run.
OpenVPN server enabled
Click this to make sure the OpenVPN server is started.
Bridged
If you want to run the OpenVPN server in one of the existing zones check this box. ..
note:
If the OpenVPN server is not bridged you must set the
firewall rules in the VPN firewall to make sure clients
can access any zone - unless you do not want them to.VPN subnet
This option is only available if you disable bridged mode, which allows you to run the OpenVPN server in its own subnet that can be specified here.
Bridge to
If bridged mode has been selected here you can choose to which zone the OpenVPN server should be bridged.
Dynamic IP pool start address
The first possible IP address in the network of the selected zone that should be used for the OpenVPN clients.
Dynamic IP pool end address
The last possible IP address in the network of the selected zone that should be used for the OpenVPN clients.
–jeroen
via: The VPN Menu — Endian UTM Appliance v2.4 documentation.
Share this:
Posted in *nix, Endian, Linux, OpenVPN, Power User | Leave a Comment »
ENDIAN Firewall – Connected client can access EFW but no other hosts: enable promiscuous mode on VMware ESXi
Posted by jpluimers on 2010/10/12
While solving a problem with Windows 7 machines not being able to ping the machines on the GREEN LAN of an Endian when connecting through OpenVPN, but XP machines could, I did a few upgrades, then went on to solve the problem.
- Upgraded from ESX 3.5 to ESXi 4.1 (I needed this anyway because of Pass Through USB support)
- Upgraded the community edition appliance from Endian 2.2 to Endian 2.4 (which has more configuration options, and better ways for reporting and logging)
Then I went on solving the issue, which I suspected was a kind of routing problem. Read the rest of this entry »
Share this:
Posted in Endian, ESXi4, ESXi5, ESXi5.1, Firewall, Infrastructure, OpenVPN, Power User, VMware, VMware ESXi | 8 Comments »
The Wiert Corner - irregular stream of stuff 