In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (Reyk Floeter) writes:
>> My understanding is, if you want to support the simple connection
>> of Windows clients, using the built-in VPN connector (eg. control
>> panel -> network -> make new connection -> VPN -> L2TP), the
>> server side needs:
>>
>> 1. IPSec VPN transport mode, most likely with dynamic IP endpoint
>> 2. L2TP tunneling daemon
>> 3. PPP daemon
>
> no. you don't need l2tp + ppp. you're not talking about the built-in
> ipsec support, you're talking about a stupid wizard...
Correct, I wasn't talking about plain IPSec, I was talking about
"the simple connection of Windows clients, using the built-in VPN
connector" exactly as I wrote.
Can we drop the condescending "everyone without an openbsd.org mail
address is an idiot" attitude please.
I didn't say there was no other possible way to use IPSec on Windows,
and my post was quite clear about the method I was talking about.
> starting with windows 2000, it is possible to use the built-in ipsec
> support. it is a bit hidden and the configuration is painful, but it
> actually works... you can configure it from the system management
> console or by executing "system32\secpol.msc".
Exactly, this is not simple, the "stupid wizard" you refer to is
what average joe without in depth IP stack knowledge will want
to use, and what some people who have to support client VPN
connections may want to use, because it will greatly reduce
their support headache - providing server side works smoothly
of course.
-Paul-
