In message <200206080112.g581CXh02324@marajade.sandelman.ottawa.on.ca>,
Michael Richardson writes:

[...]

>  MS didn't implement tunnel mode. The only way they can build a tunnel is
>by creating a PPTP interface and using transport mode. 

> This may not be true, but it is hard for me to imagine Dixon got
> this wrong.

Sorry if I was too polite the first time, but I just dont buy this.
See http://support.microsoft.com/default.aspx?scid=kb;EN-US;q252735 or
one of a myraid of other pages showing how to set up IPsec tunnels
with win2k.  There is a restriction on having static IP addresses at
each end, but that is reasonably is reasonably well-known.

Cisco even has a Warp page *showing* how to set up an IPsec tunnel
between a win2k box and various Ciscos, complete with screen shots of
win2k  tunnel endpoint settings: http://www.cisco.com/warp/public/707/2000.html.

Someone is seriousy out of touch.  I'm having enough problems working
around real MS limitations; we don't want NetBSD lists to spread false
romours about imaginary problems. (Suppose I contact the I-D authors,
then Microsoft employees review this thread, and see bilge like this?)