From owner-freebsd-net Wed Feb 7 13: 6:59 2001 Delivered-To: freebsd-net@freebsd.org Received: from brisefer.cediti.be (brisefer.cediti.be [193.190.156.67]) by hub.freebsd.org (Postfix) with ESMTP id 263D437B699 for ; Wed, 7 Feb 2001 13:06:40 -0800 (PST) Received: by brisefer.cediti.be with Internet Mail Service (5.5.2650.21) id <1LDHYCM9>; Wed, 7 Feb 2001 22:06:59 +0100 Message-ID: From: Olivier Cherrier To: Olivier Cherrier Cc: 'freebsd-net' Subject: RE: pptp server Date: Wed, 7 Feb 2001 22:06:53 +0100 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-15" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > >Yes, I've already asked him .... I am a little bit confused >that I don't >succeed ... :( >Maybe it is my fuc... windows 2k which is the problem .... > Ho, I think that I found my problem ... maybe In fact, the "mppe encryption" is included in the MS-Chap protocol, isn't it ? The encryption, as mpd 3.2 calls it, isn't supported by windows clients. I tcpdumped a session between my pptp server and a windows client : I got : << ... 22:14:37.382601 193.190.156.147 > mirador.cediti.be: gre-proto-0x880B (gre encap) 22:14:37.383061 mirador.cediti.be > 193.190.156.147: gre-proto-0x880B (gre encap) 22:14:37.383187 193.190.156.147 > mirador.cediti.be: gre-proto-0x880B (gre encap) 22:14:37.383325 193.190.156.147 > mirador.cediti.be: gre-proto-0x880B (gre encap) 22:14:37.383667 193.190.156.147 > mirador.cediti.be: gre-proto-0x880B (gre encap) 22:14:37.383773 193.190.156.147 > mirador.cediti.be: gre-proto-0x880B (gre encap) 22:14:37.384508 mirador.cediti.be > 193.190.156.147: gre-proto-0x880B (gre encap) 22:14:37.384949 mirador.cediti.be > 193.190.156.147: gre-proto-0x880B (gre encap) ... >> Is this the proof that the communication is encrypted ? (sorry for this newbie question but I am't a guru .... not yet -:) It is surprising because on the windows client side, I set in the security option : _ Optional encryption (If I want "require encryption", the error "encryption not supported by server" occurs) _ Allow these protocols: MS-CHAP So, if I am right, MS-CHAP includes MPPE encryption even if encryption is not explicitely set; don't it ? Thanks a lot for your help. Olivier. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message