SnapGear 1.7.8 User Manual

The following table describes the fields in the VPN Setup screen and the options
available when enabling and configuring VPN access.

Field Description
Enable PPTP
Server

Check this box to enable PPTP connections to be established to
your SnapGear appliance.

IP Addresses for
the Tunnel End
Points

Enter the IP addresses for the tunnel end-points. You need to
specify a free IP address on your local network that each VPN
client will use when connecting to the SnapGear appliance.
Please ensure that the IP addresses listed here are not in the
range the DHCP server can assign. Ranges are accepted; for
example 192.168.160.250-254.

Authentication
scheme

PPTP provides an authenticated communication tunnel between
a client and a gateway by using a user ID and password. The
authentication scheme is the method the SnapGear appliance
uses to challenge users wanting to establish a PPTP connection
to the network. The remote client must be set up to use the
selected authentication scheme.

• MSCHAPv2 is the most secure. It uses encrypted

passwords. SnapGear recommends the use of
MSCHAPv2 plus data encryption as this keeps your data
private as well as providing secure authentication.

• CHAP is less secure, and similarly PAP is even less

secure, but more common.

• RADIUS and TACACS+ make use of a remote

authentication server on the local network. You must
enter the IP address of a server setup to use this
scheme.

Virtual Private Networking

74