I tried to configure a PPTP vpn but had to find out it does not do anything at all. On the vpn server I see not a single packet from the mobiles’ IP. Sometimes even the settings app seems to crash…
Has anybody ever tried that at all?
No problem, All I wanted to do is to configure a PPTP vpn via settings. Since the vpn server is already actively serving 2 other vpn connections (from routers) there is little chance that it is the problem. I tried to trace the ongoing traffic with tcpdump but had to find out that there is none. So I am a bit astonished and wonder what this vpn really does, if it does anything at all …
At least it does not connect to a given server IP.
It’s probably due to the fact PPTP is considered an obsolete and insecure method of doing vpn. I’d be surprised if there are any clients that have been maintained over the last 10 years.
PPTP on linux does work without any problems, be it client or server side.
Really, quite a lot people are talking about “vpn” not knowing what is the exact purpose in the discussed case. All of them are using internet and none of them ever thought about the simple fact that most of the traffic there is not encrypted anyway. Still everyone can tell that PPTP is not safe. Guess what, internet is not safe.
On the other hand most of the people hype wireguard, ignoring some simple facts about this “very safe vpn”.
you have no control whatsoever about the IPs connecting to your wireguard server in case of a dynamic client. Every PPP has scripts that are called during auth and ip config where you can make sure that the client is who you think he should be. Not wireguard.
you have no control about when a client is online. you (meaning some admin) are in no way informed about a client coming online.
Hot reload of the config doesnotwork. Contrary to people on the net answering the questions regarding this topic by repeating what they read somewhere I really tried it, and it is completely instable. Meaning it works sometimes, but most times it does not.
The maintainers blame fdroid for slowness in making updates available and therefore include a binary update option in the app - passing by fdroid (control) completely. On the other hand the wg-tools latest release is threeyearsold now (from September 2021).
The maintainers claim this to be an open source project, but the mailinglist is moderated and I have not been able to join it since october 2020.
Mails to security@ are ignored as well so far.
To sum up: wireguard seems to me one of the most suspicious projects going on around vpn. It has clear design problems, the project has communication problems, the tools have fixed but not released problems, the thing is a mess.
Safe vpn? Really?
PS: I know e/os contains no wireguard from scratch. But the options it does contain are complex in setup and handling and key management, even if you dont need the security coming with that on the transport path.
I don’t care what you think about wireguard. But if you think anyone is going to waste time maintaining a pptp client for android you’re on a hiding to nothing.
Also PPTP still working on Linux is a meaningless measure. Telnet still works on Linux.
I think you completely failed the point. PPTP is a valid option in e/os. So they should make sure it works. And I don’t really care what you care about. We are talking of a product option here, neither you nor me decided to put it in, still it is there. If it is available it should work. And that’s what my feedback is all about.
It is probably time to go back to the basics, what is a VPN? According to this (german) wikipedia entry https://de.wikipedia.org/wiki/Virtual_Private_Network it is simply a Virtual Private Network which can be extended in features by encryption but this is no defining part of it. One can see that the english wiki is much more marketing related because it does very much argue with encryption. Still the name “VPN” does not say Encryption, does it?
It is about the same as your “argument” that linux still has telnet, completely ignoring the fact that telnet is often used for debugging unencrypted tcp streams. So only because you cannot imagine a use-case does not mean there is none. Please rethink this ignorance.
There is no danger in using a protocol widely known to have no or no good encryption. Still there is are use cases, and if it only is some ancient equipment.
Contrary to that there is high danger in protocols that are marketed to be “completely safe”, only to find out afterwards that they have never been safe, and if it only is because of implementation related backdoors. Read and understand US export regulations to get a glimpse of what is really going on.
The the fact is, PPTP isn’t working on /e/. It is unlikely to ever work on /e/ for the reasons I have given.
If you want to be able to connect to your home network you need to find an alternative. What that alternative is and the level of security it offers is entirely up to you.