Date: Sun, 19 Nov 2017 22:19:05 +0700 From: Eugene Grosbein <eugen@grosbein.net> To: Victor Sudakov <vas@mpeks.tomsk.su> Cc: freebsd-net@freebsd.org, "Muenz, Michael" <m.muenz@spam-fetish.org> Subject: Re: OpenVPN vs IPSec Message-ID: <5A11A0E9.7030503@grosbein.net> In-Reply-To: <20171119145939.GG82727@admin.sibptus.transneft.ru> References: <20171118165842.GA73810@admin.sibptus.transneft.ru> <b96b449e-3dc1-6e75-e803-e6d6abefe88e@spam-fetish.org> <20171119120832.GA82727@admin.sibptus.transneft.ru> <d92dff62-3baf-a22d-bfac-5a668b276259@spam-fetish.org> <20171119143054.GC82727@admin.sibptus.transneft.ru> <5A119716.5020307@grosbein.net> <20171119145939.GG82727@admin.sibptus.transneft.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
19.11.2017 21:59, Victor Sudakov wrote: >> No interaction between mpd5 and racoon is required to make IPSec+L2TP working. >> In fact, mpd5 starts its part only when IKE/IPSEC part is already completed >> and runs its unencrypted L2TP protocol over existing IPSec tunnel without knowning it. > > That's great but then you need 1) authentication in IKE/racoon I use IPSec shared secret. > and 2) authentication in mpd5? Standard CHAP authentication with login/password. > How do you handle that (and how do you configure the Windows client for it)? No special configuration of Windows client required. Just "old good" VPN-connection with L2TP/IPSec type, shared secret and login/password pair.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5A11A0E9.7030503>