Date: Thu, 08 Feb 2001 00:51:45 -0800 From: Julian Elischer <julian@elischer.org> To: Archie Cobbs <archie@dellroad.org> Cc: Olivier Cherrier <Olivier.Cherrier@cediti.be>, 'freebsd-net' <freebsd-net@FreeBSD.ORG> Subject: Re: pptp server Message-ID: <3A825E21.911852D2@elischer.org> References: <200102080542.VAA54671@curve.dellroad.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Archie Cobbs wrote:
>
> Olivier Cherrier writes:
> > Ho, I think that I found my problem ... maybe
> > In fact, the "mppe encryption" is included in the MS-Chap protocol, isn't it
>
> MPPE encryption piggybacks on MPPC compression. You can have
> either or both of 'E' and/or 'C'. Mpd only supports 'E' because
> 'C' requires proprietary files.
>
> MS-CHAP is required *for* MPPE encryption, in order to generate the keys.
>
> > 22:14:37.384949 mirador.cediti.be > 193.190.156.147: gre-proto-0x880B (gre
> > encap)
> >
> > Is this the proof that the communication is encrypted ? (sorry for this
> > newbie question but I am't a guru .... not yet -:)
>
> No, the encryption is only of the inner payload.
>
> > It is surprising because on the windows client side, I set in the security
> > option:
> > _ Optional encryption (If I want "require encryption", the error
> > "encryption not supported by server" occurs)
> > _ Allow these protocols: MS-CHAP
> >
> > So, if I am right, MS-CHAP includes MPPE encryption even if encryption is
> > not explicitely set; don't it ?
>
> No.
so, does he have a chance of it working or not?
>
> -Archie
--
__--_|\ Julian Elischer
/ \ julian@elischer.org
( OZ ) World tour 2000-2001
---> X_.---._/
v
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A825E21.911852D2>