Hey Francesco,
Thanks a lot for this how to. We will probably include a small module ebox-pptp to automatize this as it's pretty simple.
Thanks!!!1
I'm assuming this was never made, but it still seems like a good idea to include since it would probably be pretty simple to setup. I mean, it's even more simplistic than OpenVPN, it gives people more choice and a lot more flexibility, and it's a fantastic way to compete with the big name small- and medium-sized business servers which rely on the simplistic Microsoft and Apple VPN services. It's also easy enough to setup in a Linux Live; especially on Ubuntu Desktop and variants like Linux Mint.
Just a thought, but
ntlm_auth-helper "/usr/bin/ntlm_auth --helper-protocol=ntlm-server-1"
Could easily be changed to
ntlm_auth-helper "/usr/bin/ntlm_auth --helper-protocol=ntlm-server-1 --require-membership-of=pptp"
To restrict PPTP VPN usage to certain people easily.
This looks extremely useful. How would the session get hijacked anyway? Dictionary attacks? Isn't EAP-TLS supposed to be really secure for PPTP? If you guys leave way to better security options and permissions for a PPTP connection, I think you'll hit the jackpot. It would be nice to say "let this computer into the network, but all it gets access to is RDP" so port 3389. That's all some people use VPN for anyway.