I think that was with pptp2 and that was patched 6 months ago. I am pretty sure of that because with 2k is using pptp3
> My concern with the PPTP path is the reported security issues: > > # Flawed encryption mechanism -- non-random keys, session keys weak hash > of user password, key lengths too short (non-configurable) > # Bad password management in mixed Win95/NT environment; static > passwords easily compromised > # Vulnerable to server spoofing attacks because packet authentication > not implemented, easy denial-of-service attacks even inside firewalls > # MS claims cryptographic weaknesses not yet exploited > > Fil > > Kevin Saenz wrote: > > When I was playing with windows and Linux VPN I was using PPTP > > the connectivity is seamless. I think if you are using Windows > > standard VPN software then I would be inclined to point you to > > use PPTP kernel patch. You don't need to add any third party > > software to Windows. > > > > PPTP has pretty good docs on how to install PPTP on to Linux and > > get the server up and running. Also making Linux a PPTP/VPN server > > is a piece of cake. > > > > > > > >>Hi all > >> > >>Sorry to interrupt all this talk about nominations.... > >> > >>Anyone know a good howto or pointers on setting up a VPN from Win32 > >>clients to Linux server? I'm currently looking at setting up an > >>IPSEC/L2TP tunnel but am having trouble getting IPSec to work. I tried > >>to follow instructions at both > >> > >>http://www.strongsec.com/freeswan/install.htm > >> > >>and > >> > >>http://www.jacco2.dds.nl/networking/freeswan-l2tp.html > >> > >>to no avail as yet. I get packets arriving at the eth interface but not > >>ipsec0 interface (tcpdump). No packets are being dropped or rejected but > >>the logs say the following: > >> > >>Mar 13 16:25:39 neo pluto[28331]: "L2TP-CERT-WIN2KXP"[2] 192.168.1.201 > >>#3: unable to locate my private key for RSA Signature > >>Mar 13 16:25:55 neo pluto[28331]: "L2TP-CERT-WIN2KXP"[2] 192.168.1.201 > >>#3: Peer ID is ID_DER_ASN1_DN: 'C=AU, ST=NSW, O=Draxsen, CN=rivendell' > >> > >>The error looks like an obvious oversight somewhere but I can't find it? > >> > >>Is there a better way? (apart from not using M$ OS at all that is). > >> > >>Thanks for any tips or info. > >> > >>Fil > >>-- > >>Phil Scarratt > > > > -- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
