The following table describes the fields in the VPN Setup screen and the options available when enabling and configuring VPN access.

Field

Description

Enable PPTP

Check this box to enable PPTP connections to be established to

Server

your SnapGear appliance.

IP Addresses for

Enter the IP addresses for the tunnel end-points. You need to

the Tunnel End

specify a free IP address on your local network that each VPN

Points

client will use when connecting to the SnapGear appliance.

 

Please ensure that the IP addresses listed here are not in the

 

range the DHCP server can assign. Ranges are accepted; for

 

example 192.168.160.250-254.

Authentication

PPTP provides an authenticated communication tunnel between

scheme

a client and a gateway by using a user ID and password. The

 

authentication scheme is the method the SnapGear appliance

 

uses to challenge users wanting to establish a PPTP connection

 

to the network. The remote client must be set up to use the

 

selected authentication scheme.

 

MSCHAPv2 is the most secure. It uses encrypted

 

passwords. SnapGear recommends the use of

 

MSCHAPv2 plus data encryption as this keeps your data

 

private as well as providing secure authentication.

 

CHAP is less secure, and similarly PAP is even less

 

secure, but more common.

 

RADIUS and TACACS+ make use of a remote

 

authentication server on the local network. You must

 

enter the IP address of a server setup to use this

 

scheme.

74

Virtual Private Networking

Page 77
Image 77
SnapGear 1.7.8 manual Field Description