On Fri, Nov 03, 2006 at 12:35:55AM +0000, Paul Civati wrote: > My understanding is, if you want to support the simple connection > of Windows clients, using the built-in VPN connector (eg. control > panel -> network -> make new connection -> VPN -> L2TP), the > server side needs: > > > 1. IPSec VPN transport mode, most likely with dynamic IP endpoint > 2. L2TP tunneling daemon > 3. PPP daemon >
no. you don't need l2tp + ppp. you're not talking about the built-in ipsec support, you're talking about a stupid wizard... starting with windows 2000, it is possible to use the built-in ipsec support. it is a bit hidden and the configuration is painful, but it actually works... you can configure it from the system management console or by executing "system32\secpol.msc". you can find some details on the openbsd-support.com website about mtu's approach to connect windows clients to openbsd ipsec gateways: http://www.openbsd-support.com/jp/en/htm/mgp/pacsec05/index.html reyk
