[pptp-server] pptpd vs. free swan

[Cowles, Steve]

> -----Original Message-----
> From: Gene Moreau [mailto:gmoreau at arrista.com]
> Sent: Monday, March 12, 2001 10:00 AM
> To: pptp-server at lists.schulte.org
> Subject: [pptp-server] pptpd vs. free swan
> 
> 
> 
> I know this isn't exactly the SWAN list, but has any one 
> tried out both of these and have any recomendataions?  my
> particular application is allowing our road warriors to
> connect back into the our LAN.
> 
> Gene Moreau
> IT Specialist 

I currently use both PPTP and IPSEC based tunnels. As far as
recommendations, thats a tuff question to answer without understanding your
requirements. At a 30,000 foot level, I have found IPSEC seems better suited
for LAN-to-LAN tunnels. i.e. linking one or more office LAN's together into
a corporate LAN (star topology), while PPTP is better suited for (dialup)
Windows 9x based clients. i.e. HOST-to-LAN.

FWIW: I have also been successful in implementing W2K -> FreeS/WAN road
warriors using IPSEC (instead of PPTP). Microsoft actually did a pretty good
job at implementing the IPSEC protocol. As usual though, Microsoft failed in
how you configure IPSEC. There are just way way way way way to many dialog
boxes. If you have home users that are wanting to establish a tunnel into
your LAN *AND* are also using DSL (no dialup), then I would recommend using
IPSEC over PPTP. Mainly because IPSEC is brought up directly after the
TCP/IP stack. i.e. Before the W2K login prompt. If the W2K client is
configured to login to a MS Domain controller, they will not get the initial
"Unable to find Domain Controller" message that is typical with PPTP
connections because you have to login to your desktop *first* before you can
establish a PPTP tunnel so that the Domain Controller can be located. 

Steve Cowles