[pptp-server] Thorough PPTPD Setup

Andrew W. Davis awdavis at waretec.com
Thu Jul 26 18:46:31 CDT 2001


ok...this is getting a little crowded but I'll try...

On Thu, Jul 26, 2001 at 08:17:18PM -0600, No Spam! wrote:
> 
> 	That's the point of my question ... I _don't_ have "user/domain" in
> chap-secrets, just "user", but I am successfully getting a PPTP
> connection to my firewall from my Win95 box. Do later versions of
> windows tack the domain on? FWIW, I *do* have "log onto NT domain"
> checked for the Win95 box, but my domain controller is a Samba box
> running behind the firewall ...



> 	Am I correct in assuming this is only useful if I'm running Samba on
> the firewall, or at least copying the smbpasswd file from the machine
> that is?

uhh...well it's usefull if your poptop server is running samba and has samba
users mapped out with passwords on it.  they don't need to users in the
actual passwd file, but you may want to be careful doing this.  I don't
think I've ever mentioned this to the list, but when I first implemented
this on my poptop box, if someone tried to log on with a blank username and
password, it worked.  although access to resources was restricted, I
considered it a huge security hole!  so the quick fix to that was to do a
smbadduser "" and then set some long password that you really don't even
have to remember.

> 	So if I want an encrypted connection from a windows box, I need to
> apply first the ppp-2.3.11-openssl-etc patch, then the fix, in that
> order ...

well that's just about everything, but if you want 128-bit encryption, you
have to add the dial-up networking upgrade for win9x...

> Thanks for the answers!

no problem.

Andrew

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
LAN/WAN Administrative Engineer
Weather Metrics, Inc.
www.weathermetrics.com
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-



More information about the pptp-server mailing list