Linux Server for WinXP VPN clients with AD integ
Hello all,
Currently we have pptpd installed on a Linux server and winXP clients can connect through VPN to it from home so they can keep working. The clients get authenticated by Active Directory on a Windows server.
The thing is that I know pptp is not the most secure thing out there, and even though AD authenticates users that try to connect via vpn, it allows anybody with a domain account to log in, and I have no way of setting restrictions on that.
Can you guys please suggest something that will install on a Debian server and:
-Allow XP clients to use their native VPN tool to connect to our network from home.
-Authenticate domain users against a Domain controller.
-Sets restrictions as to who can actually connect via VPN regardless of having a domain account.
Thanks in advance for your help and tips on this matter.
Northenio.
Comments
-
northenio ,
have you tried the openvpn software? I think it has some AD integration on it. Thanks.0 -
anyone in your domain could then login in your head office...
What's the method you'd like to use to authenticate legitimate users to login ? everyone allowed ?
Are you willing to control their access with Active Directory properties (dialin tab, remote access permission, allow) ?
In my case I've a lot of users inside the domain, someone from the IT department, someone from logistics, warehouses, manufacturing, ... . I just want to allow guys from the IT staff, in that case I'm not using Active Directory but Certificates issued to specified users and I control/revoke them from the firewall (IPSEC, PPTP, OpenVPN access, whatever you want)0 -
What Andrea Benini suggested is a good idea. You can certs, some MAC filtering, and, and if possible, use special passwords or security questions that only the actual user will know. I would think setting up a domain account would give these options.0
Categories
- All Categories
- 176 LFX Mentorship
- 176 LFX Mentorship: Linux Kernel
- 750 Linux Foundation IT Professional Programs
- 373 Cloud Engineer IT Professional Program
- 169 Advanced Cloud Engineer IT Professional Program
- 74 DevOps IT Professional Program - Discontinued
- 4 DevOps & GitOps IT Professional Program
- 99 Cloud Native Developer IT Professional Program
- 7.6K Training Courses & Learning Paths
- 1 AI & ML Training
- 1 Blockchain & Decentralized Identity Training
- 3 Cloud & Containers Training
- 1 Cybersecurity Training
- 1 DevOps & Site-Reliability Training
- 1 Linux Kernel Development Training
- 1 Networking Training
- 1 Open Source Best Practice Training
- 1 System Administration Training
- 1 System Engineering Training
- 1 Web & Application Development Training
- 792 Hardware
- 202 Drivers
- 68 I/O Devices
- 37 Monitors
- 95 Multimedia
- 173 Networking
- 91 Printers & Scanners
- 87 Storage
- 768 Linux Distributions
- 81 Debian
- 67 Fedora
- 22 Linux Mint
- 13 Mageia
- 24 openSUSE
- 150 Red Hat Enterprise
- 31 Slackware
- 13 SUSE Enterprise
- 356 Ubuntu
- 465 Linux System Administration
- 31 Cloud Computing
- 73 Command Line/Scripting
- Github systems admin projects
- 98 Linux Security
- 78 Network Management
- 101 System Management
- 46 Web Management
- 106 Mobile Computing
- 18 Android
- 73 Development
- 1.2K New to Linux
- 1K Getting Started with Linux
- 392 Off Topic
- 121 Introductions
- 181 Small Talk
- 29 Study Material
- 946 Programming and Development
- 310 Kernel Development
- 618 Software Development
- 981 Software
- 373 Applications
- 182 Command Line
- 5 Compiling/Installing
- 68 Games
- 317 Installation
- Archived
- 2 LFD140 Class Forum
Upcoming Training
-
August 20, 2018
Kubernetes Administration (LFS458)
-
August 20, 2018
Linux System Administration (LFS301)
-
August 27, 2018
Open Source Virtualization (LFS462)
-
August 27, 2018
Linux Kernel Debugging and Security (LFD440)