Best VPN option for AD/RRAS?
-
I'm going to be implementing a VPN setup at a site that I've got PFSense deployed at. I'm very familiar with how to setup PPTP for Windows computers, but since that's been broken…. >:(
Anyways, what VPN implementation would you recommend for my situation considering:
-We have about 10 users that would be online at any given time
-We have a pair of PowerEdge R200s online for PFSense
-We are a 100% Windows/AD environment with an RRAS and NPS server
-Username and password based auth is required. Secure though they may be, certs installed on both ends are out of the question.
=EDIT- Also, the use of Windows' integrated VPN client is necessaryThanks!
-
Given your strict requirements list, I believe your only option is L2TP/IPSec Windows clients against the RRAS server.
Anyhow the extra cost (in hardware, software and maintenance) for a dedicated RRAS server seems to exceed the effort of setting up a non Microsoft VPN client (ie Shrewsoft or OpenVPN).
Regards,
Corrado -
Aye, that may be. We've got a heavily virtual environment so for us its zero marginal cost to spin up another VM for that purpose. Though I am intrigued by OpenVPN. That it can export a setup executable is really cool. I might just go with that instead.
Other thoughts?