Date: Sat, 14 Nov 1998 22:37:22 GMT From: freebsd-isp@masterplan.org (Jason George) To: freebsd-isp@FreeBSD.ORG Subject: Re: VPN, an off topic question Message-ID: <199811142236.PAA05573@gongshow.masterplan.org>
next in thread | raw e-mail | index | archive | help
I purchased the SKIP 3 Windows software for US$100 from Sun. It does indeed interoperate with the FreeBSD code. As far as I'm concerned, the free Windows software available from www.skip.org is a waste of time. It doesn't support tunnels, and contains only the global encryption. There are caveats for the SKIP 3 software, though. The first is that the "electronically downloadable" version from Sun is the "global" (512-bit key) version. To get the "export-controlled" (1024-bit key) or "US/Canada" (2048-bit key) versions, you must order the CD directly from SunExpress. This is not necessarily obvious until _after_ Sun has electronically debited the license fee to your credit card. (Getting a refund so that I can buy the 2048-bit version is proving to be a major pain. I've talked to too many Sun employees and have over the last 3 weeks and have yet to have a suitable remedy.) The second is that when I talked to my local Sun rep, he indicated that the 2048-bit version I desired was probably going to cost me ~CDN$250 (~US$165). So be forewarned that the strong encryption will cost a little more. The third is that the "global" version only supports DES-CBC and RC2-40 for key encryption, and RC2-40 and RC4-40 for traffic encryption. This made the integration of the global Windows software into my current SKIP VPN setup for testing a little more of a pain in the ass. The fourth and final caveat is that the documentation provided with the SKIP 3 software assumes the installing user will have some already significant background in broad SKIP/encryption/VPN technology. I had little problem installing and configuring the Windows software only because I've fought a bunch of battles integrating the FreeBSD implementation. Unless you're well-grounded in the underlying premises of encryption and secure networking, you're probably going to have a frustrating time getting things to work the first time. Hope this helps. --Jason j.b.george<at>ieee.org jbg<at>precident.com > >the commerical version will interoperate with the free SKIP code (at least >it did a while ago according to the info on www.skip.org, i don't know >what's new with the product right now). i looked into it but never got the >commercial version. the free version for win95 that was/is on the skip >site had different encryption algorithms and won't work with the freebsd >version. i gave that info to somebody on this list about a year ago (or >when ever it was that i got skip going on a few machines) and i think that >he did indeed get the commercial CD and has stuff interoperating. if i >remember correctly his name was jim flowers. you can probably find >something in the list archives.... > >On 13 Nov 1998, Chris Shenton wrote: > >> Archie Cobbs <archie@whistle.com> writes: >> >> > Yes, PPTP is about what you'd expect from Microsoft security-wise. >> > However, it's the only instance of what the original poster asked >> > for that runs on *Win95* that I know of.. >> >> I believe Sun's SKIP runs on w95, as well as NT, Solaris. Not sure if >> that version interoperates with the free SKIP code which has been >> ported to FreeBSD et al. >> >> To Unsubscribe: send mail to majordomo@FreeBSD.org >> with "unsubscribe freebsd-isp" in the body of the message >> > > >--------------------------------------------- >The devil finds work for idle circuits to do. >--------------------------------------------- >zoonie at myhouse dot com > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199811142236.PAA05573>