---- Original message ---- >Date: Tue, 07 Nov 2006 19:26:19 +0000 >From: [EMAIL PROTECTED] (Paul Civati) >Subject: Re: ipsec vpn >To: [email protected] >Cc: [EMAIL PROTECTED] > >> starting with windows 2000, it is possible to use the built-in ipsec >> support. it is a bit hidden and the configuration is painful, but it >> actually works... you can configure it from the system management >> console or by executing "system32\secpol.msc". > >Exactly, this is not simple, the "stupid wizard" you refer to is >what average joe without in depth IP stack knowledge will want >to use, and what some people who have to support client VPN >connections may want to use, because it will greatly reduce >their support headache - providing server side works smoothly >of course. >
well, i've setup and gotten the "stupid wizard" version working and it is indeed just that, stupid. AFAICR, there is no good L2TP daemon available. i spent a substantial amount of time getting this to work and the config i ended up with was not at all stable. in addition to having wasted a large amount of time and energy on this, i ended up with a crazed german guy (nobody on list ;) ) yelling at me, claiming that openbsd was a "hobby show" OS and that i was idiot. M$ is notoriously crappy when it comes to VPN software, IMO. openvpn is probably your best shot if you're going cross-platform and the native ipsec client is ok, but can be irritating to work with. oh yeah, and search the archives, there quite a few posts on this topic. >-Paul-
