VPN Capability Overview

From pfSense Documentation
Jump to: navigation, search
This article is part of the How-To series.


pfSense contains multiple VPN technologies, all of which work well.

Important30.png WARNING Important30.png
PPTP is no longer considered a secure VPN technology because it relies upon MS-CHAPv2 which has been compromised. If you continue to use PPTP be aware that intercepted traffic can be decrypted by a third party, so it should be considered unencrypted. We advise migrating to another VPN type such as OpenVPN or IPsec.

More information on this can be found at https://isc.sans.edu/diary/End+of+Days+for+MS-CHAPv2/13807 and https://www.cloudcracker.com/blog/2012/07/29/cracking-ms-chap-v2/

The best choice for a given network depends on a number of factors. These are discussed in the VPN chapter of the pfSense book.