PPTP (remote access)
Using the Point-to-Point Tunneling Protocol (PPTP), you can provide connections to your network through private tunnels over the internet. The protocol itself does not describe encryption or authentication features. However, the firewall supports several authentication options including Password Authentication Protocol (PAP), Challenge Handshake Authentication Protocol (CHAP), and Microsoft Challenge Handshake Authentication Protocol (MS-CHAPv2). The firewall supports PPTP as described in RFC 2637.
- To allow users to access your network through PPTP, specify settings and click Apply. Then, click Add members and select users.
- To view users who are allowed access using PPTP, click Show members.
Enable PPTP: Allow access to your network by specified users through PPTP.
Assign IP from: Range from which an IP address is leased to the client. The client uses the assigned address for the duration of the connection. This must be a private IP address range with at least a 24-bit netmask.
IP address ranges for L2TP and PPTP must not overlap with the SSL VPN range.
Allow leasing IP address from RADIUS server for L2TP, PPTP, and Sophos Connect client: When users are authenticated using a RADIUS server, use the IP address provided by the RADIUS server. If the RADIUS server provides no addresses, Sophos Firewall assigns the static address configured for the user or leases an address from the specified range.
Client information: Primary DNS server to use for connections. Optionally, you can specify a secondary DNS server and WINS servers.