Subject: Re: racoon, gss-api auth, and win2k IPSec IKE ...
To: Michael Richardson <email@example.com>
From: Jonathan Stone <jonathan@DSG.Stanford.EDU>
Date: 06/08/2002 15:39:22
In message <200206080112.g581CXh02324@marajade.sandelman.ottawa.on.ca>,
Michael Richardson writes
> While trying to get a Win2K client (belonging to William Dixon) to talk
>FreeSWAN at the last IETF for the wavesec stuff (see www.wavesec.org), we
>learnt something really strange.
> MS didn't implement tunnel mode. The only way they can build a tunnel is
>by creating a PPTP interface and using transport mode.
> This may not be true, but it is hard for me to imagine Dixon got this
Quite possibly, but I'm okay with transport mode. I'd already gotten
racoon to work with pre-sharedkeys. Problem is, managing pre-shared
keys... sucks^H^H^H^H^H^H does not scale.