Date: Wed, 7 Feb 2001 21:42:11 -0800 (PST) From: Archie Cobbs <archie@dellroad.org> To: Olivier Cherrier <Olivier.Cherrier@cediti.be> Cc: "'freebsd-net'" <freebsd-net@FreeBSD.ORG> Subject: Re: pptp server Message-ID: <200102080542.VAA54671@curve.dellroad.org> In-Reply-To: <BB863FBA3E3CAE4DAC430686AD28EA56038669@brisefer.cediti.be> "from Olivier Cherrier at Feb 7, 2001 10:06:53 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
Olivier Cherrier writes: > Ho, I think that I found my problem ... maybe > In fact, the "mppe encryption" is included in the MS-Chap protocol, isn't it MPPE encryption piggybacks on MPPC compression. You can have either or both of 'E' and/or 'C'. Mpd only supports 'E' because 'C' requires proprietary files. MS-CHAP is required *for* MPPE encryption, in order to generate the keys. > 22:14:37.384949 mirador.cediti.be > 193.190.156.147: gre-proto-0x880B (gre > encap) > > Is this the proof that the communication is encrypted ? (sorry for this > newbie question but I am't a guru .... not yet -:) No, the encryption is only of the inner payload. > It is surprising because on the windows client side, I set in the security > option: > _ Optional encryption (If I want "require encryption", the error > "encryption not supported by server" occurs) > _ Allow these protocols: MS-CHAP > > So, if I am right, MS-CHAP includes MPPE encryption even if encryption is > not explicitely set; don't it ? No. -Archie __________________________________________________________________________ Archie Cobbs * Packet Design * http://www.packetdesign.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200102080542.VAA54671>