jordi laforge wrote: > I'm trying to provide a roadwarrior situation. Here is what I'm looking at: > Small 8-12 user lan. > 4-5 of these users have home pc's(Windows) that they'd like to use to > connect to the > office and user the file server\ email\ databases. > The windows file server has PPTP capabilities. > > I could either use the Windows PPTP or setup another server running > Linux with openvpn. Or something else I haven't thought of....but you > guys suggest. > Whaddya think? Okay, it sounds like you're not all that familiar with VPNs in general, based on your comments here and in later messages. I *strongly* suggest doing some quick reading on that topic first before getting into specifics. The 'howstuffworks' entry on VPNs is not half-bad and the wikipedia page is excellent. Here's the very very short summary: A VPN would allow your 'road warriors' to connect to the home office while they are at home or on the road. The user's remote laptop or desktop would get a special IP that is specific to the VPN through which all traffic to work is 'tunneled' in an encrypted manner. Done properly, the remote worker would be able to access ALL of the services that she could normally access while in the office... but in a safe and secure manner over the public Internet. Now PPTP has the advantage here of being very easy to setup and if you have one of the Windows Servers, then you have half of it already nearly setup. You would need to get clients for any Linux users, but that's not a problem as I'm fairly certain that there is now "native" support in the kernel. HOWEVER, PPTP is considered to be fundamentally broken by some respected cryptographers. A quote from Bruce Schneier: "Microsoft PPTP is very broken, and there's no real way to fix it without taking the whole thing down and starting over." http://www.schneier.com/pptp-faq.html OpenVPN is a free solution that has so far been proven to be rock-solid. It is, however, not as easy to setup as PPTP. In fact, if you want to do anything more than a peer-to-peer setup, you will likely have to do a considerable bit of reading and some configuration file editing. Mind you, while the reading is verbose, it's not hard to understand and it shouldn't take more than a few hours to get everything setup. I'm told, too, that some of the GUIs available make it a lot easier (haven't used any of them) and some of the specialized distros like Smoothwall and IPCop should make it even easier yet. Now this is a Linux group so we'll tend to lean towards using Linux based solution for the "server" side. I'm honor bound to tell you, though, that you don't have to. OpenVPN is fundamentally a peer-to-peer VPN (with some variances) and works just dandy on Windows. So you *could* run it as a service on your Windows Server and it would likely chug away just fine. There is even a handy GUI for it. I recommend starting with some reading: http://openvpn.net/howto.html http://openvpn.net/INSTALL-win32.html http://openvpn.se/ --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change you mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss