From owner-freebsd-net  Thu Feb  8  0:52:11 2001
Delivered-To: freebsd-net@freebsd.org
Received: from syncopation-01.iinet.net.au (syncopation-01.iinet.net.au [203.59.24.37])
	by hub.freebsd.org (Postfix) with SMTP id 8150637B491
	for <freebsd-net@FreeBSD.ORG>; Thu,  8 Feb 2001 00:51:51 -0800 (PST)
Received: (qmail 18542 invoked by uid 666); 8 Feb 2001 08:58:38 -0000
Received: from reggae-14-250.nv.iinet.net.au (HELO elischer.org) (203.59.77.250)
  by mail.m.iinet.net.au with SMTP; 8 Feb 2001 08:58:38 -0000
Message-ID: <3A825E21.911852D2@elischer.org>
Date: Thu, 08 Feb 2001 00:51:45 -0800
From: Julian Elischer <julian@elischer.org>
X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 5.0-CURRENT i386)
X-Accept-Language: en, hu
MIME-Version: 1.0
To: Archie Cobbs <archie@dellroad.org>
Cc: Olivier Cherrier <Olivier.Cherrier@cediti.be>,
	'freebsd-net' <freebsd-net@FreeBSD.ORG>
Subject: Re: pptp server
References: <200102080542.VAA54671@curve.dellroad.org>
Content-Type: text/plain; charset=iso-8859-15
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Archie Cobbs wrote:
> 
> Olivier Cherrier writes:
> > Ho, I think that I found my problem ... maybe
> > In fact, the "mppe encryption" is included in the MS-Chap protocol, isn't it
> 
> MPPE encryption piggybacks on MPPC compression. You can have
> either or both of 'E' and/or 'C'. Mpd only supports 'E' because
> 'C' requires proprietary files.
> 
> MS-CHAP is required *for* MPPE encryption, in order to generate the keys.
> 
> > 22:14:37.384949 mirador.cediti.be > 193.190.156.147: gre-proto-0x880B (gre
> > encap)
> >
> > Is this the proof that the communication is encrypted ? (sorry for this
> > newbie question but I am't a guru .... not yet -:)
> 
> No, the encryption is only of the inner payload.
> 
> > It is surprising because on the windows client side, I set in the security
> > option:
> >       _ Optional encryption  (If I want "require encryption", the error
> > "encryption not supported by server" occurs)
> >       _ Allow these protocols: MS-CHAP
> >
> > So, if I am right, MS-CHAP includes MPPE encryption even if encryption is
> > not explicitely set; don't it ?
> 
> No.

so, does he have a chance of it working or not?

> 
> -Archie

-- 
      __--_|\  Julian Elischer
     /       \ julian@elischer.org
    (   OZ    ) World tour 2000-2001
---> X_.---._/  
            v


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message