Jump to content
Not connected, Your IP: 216.73.216.116
AirVPN
Sign in to follow this  
Followers 0
stojanon

Any plans for future support PPTP connections?

By stojanon, ... in General & Suggestions

Recommended Posts

stojanon    0

stojanon
Posted ...

I wonder if you plan to add support for PPTP / L2TP in the future.

Thank you very much and Merry Christmas!

Share this post

Link to post

michigan82    4

michigan82
Posted ...

i just wonder why you need pptp-support...? I can't see any advantage of pptp in comparison to openvpn... on the contrary, there is a big disadvantage of pptp as it was already hacked in conjunction with MSCHAPv2. It lacks security due to its layering. This issue is already known for many years. So you can be quite sure that pptp won't be introduced here on air.org.

@admin: An idea that I had: It could be interesting to offer proxies for all vpn-server. This could help to quickly change an IP without having to disconnect a vpn-server. This would be a nice additional layer. You could secure these proxies with usernames and passwords so that only members of air.org can use them... or allow to enter these proxies only from certain IPs so that you have to be connected to a vpn-server in order to use a proxy... or whatever. I think that this could be a nice feature for the future...

cheers,

Mich

Share this post

Link to post

skxBMrYsxlli    9

skxBMrYsxlli
Posted ...

i just wonder why you need pptp-support...? I can't see any advantage of pptp in comparison to openvpn... on the contrary, there is a big disadvantage of pptp as it was already hacked in conjunction with MSCHAPv2.

PPTP in itself is not insecure; however, at least in Microsoft implementations, using it securely mandates EAP-TLS. I'm not sure that this buys you anything compared to OpenVPN. Better client support on Windows, I suppose.

On the other hand, the only allowed carrier protocol appears to be TCP. This is likely to kill speed.

L2TP is also not insecure as such, because it does not have any authentication or encryption on its own; it's merely an encapsulation / tunneling protocol. (Same as PPTP.) This buys you encapsulation of Layer 2 (hence the name), but it's probably not useful here, either. (L2TPv3 adds some trivial security, but it appears to have considerable weaknesses.)

Implementation of either would probably introduce notable overhead compared to OpenVPN. Even running L2TPv3 directly on IP, which is possible, still requires the extra overhead of an actual session security layer. (L2TP + IPSec is common.)

If there's really some call for a protocol besides OpenVPN, it seems to make more sense to consider IPSec; either as an IP alternative, or running on top of UDP. Or both.

Share this post

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  
Followers 0
Go To Topic Listing
×
×
  • Create New...