I'm trying to understand how a PPTP tunnel is actually built, incl. security.
Background info:
- VPN Client: Win XP (so no additional VPN client)
- PPTP Tunnel
- VPN Server: SnapGear
- RADIUS or Local DB
- Ms-CHAPv2
I can't find any documents that explain from which moment on the traffic is encrypted.
Are passwords sent in clear text or is the tunnel already up when the user authentication is done? Is this affected by the authentication method used (RADIUS or Local DB)?
Basically: Is there any difference (qua security) in using RADIUS or a local DB? Since IpSEC is NO option (no VPN Client software and no fixed IP), what is the recommended way of creating a VPN tunnel (PPTP)?
Many thanks in advance.
Background info:
- VPN Client: Win XP (so no additional VPN client)
- PPTP Tunnel
- VPN Server: SnapGear
- RADIUS or Local DB
- Ms-CHAPv2
I can't find any documents that explain from which moment on the traffic is encrypted.
Are passwords sent in clear text or is the tunnel already up when the user authentication is done? Is this affected by the authentication method used (RADIUS or Local DB)?
Basically: Is there any difference (qua security) in using RADIUS or a local DB? Since IpSEC is NO option (no VPN Client software and no fixed IP), what is the recommended way of creating a VPN tunnel (PPTP)?
Many thanks in advance.