Deployment methods for VPN users?
-
I'm curious to know - what have people done for deploying client software/setups for users to connect by VPN?
We have a Microsoft SSTP VPN set up here that I'd like to replace. It's very easy to deploy by policy, and I'm curious to see what others have done so I can figure out installing/setting up new clients in perhaps the same way.
-
I use OpenVPN with local user authentication (not AD) here, but you have to create and distribute a unique client package for every user. You can authenticate against an AD domain, but I've never done it.
https://doc.pfsense.org/index.php/OpenVPN_with_RADIUS_via_Active_Directory
-
I am curious why do you want to replace SSTP? Are you having some technical problems. Or do you want to replace it just because it's Microsoft we run SSTP and L2TP and have zero problems.
-
I am curious why do you want to replace SSTP? Are you having some technical problems. Or do you want to replace it just because it's Microsoft we run SSTP and L2TP and have zero problems.
The machine that supports the SSTP links right now is a virtual machine, and I want to get that traffic/dependency off the network for those VMs. So, it's either set people up to connect to the pfsense system, or put in real hardware for people to reach.
A software solution doesn't add (significant) heat to my datacenter - which is why I was hoping for an easy install/deployment.