From owner-freebsd-net Thu Feb 8 10: 0:17 2001 Delivered-To: freebsd-net@freebsd.org Received: from InterJet.dellroad.org (adsl-63-194-81-26.dsl.snfc21.pacbell.net [63.194.81.26]) by hub.freebsd.org (Postfix) with ESMTP id 7AD4837B699 for ; Thu, 8 Feb 2001 09:59:59 -0800 (PST) Received: from curve.dellroad.org (curve.dellroad.org [10.1.1.30]) by InterJet.dellroad.org (8.9.1a/8.9.1) with ESMTP id JAA61322; Thu, 8 Feb 2001 09:59:42 -0800 (PST) Received: (from archie@localhost) by curve.dellroad.org (8.9.3/8.9.3) id JAA56499; Thu, 8 Feb 2001 09:59:41 -0800 (PST) (envelope-from archie) From: Archie Cobbs Message-Id: <200102081759.JAA56499@curve.dellroad.org> Subject: Re: pptp server In-Reply-To: <3A825E21.911852D2@elischer.org> "from Julian Elischer at Feb 8, 2001 00:51:45 am" To: Julian Elischer Date: Thu, 8 Feb 2001 09:59:41 -0800 (PST) Cc: Archie Cobbs , Olivier Cherrier , "'freebsd-net'" X-Mailer: ELM [version 2.4ME+ PL77 (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Julian Elischer writes: > > Olivier Cherrier writes: > > > Ho, I think that I found my problem ... maybe > > > In fact, the "mppe encryption" is included in the MS-Chap protocol, isn't it > > > > MPPE encryption piggybacks on MPPC compression. You can have > > either or both of 'E' and/or 'C'. Mpd only supports 'E' because > > 'C' requires proprietary files. > > > > MS-CHAP is required *for* MPPE encryption, in order to generate the keys. > > > > > 22:14:37.384949 mirador.cediti.be > 193.190.156.147: gre-proto-0x880B (gre > > > encap) > > > > > > Is this the proof that the communication is encrypted ? (sorry for this > > > newbie question but I am't a guru .... not yet -:) > > > > No, the encryption is only of the inner payload. > > > > > It is surprising because on the windows client side, I set in the security > > > option: > > > _ Optional encryption (If I want "require encryption", the error > > > "encryption not supported by server" occurs) > > > _ Allow these protocols: MS-CHAP > > > > > > So, if I am right, MS-CHAP includes MPPE encryption even if encryption is > > > not explicitely set; don't it ? > > > > No. > > so, does he have a chance of it working or not? It should work with all Windows clients as long as they don't require MS-CHAP version 2 authentication. -Archie __________________________________________________________________________ Archie Cobbs * Packet Design * http://www.packetdesign.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message