From owner-freebsd-isp Sat Nov 14 14:39:20 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id OAA21959 for freebsd-isp-outgoing; Sat, 14 Nov 1998 14:39:20 -0800 (PST) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from skunkworks.specialty.ab.ca (skunkworks.specialty.ab.ca [207.167.8.66]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id OAA21954 for ; Sat, 14 Nov 1998 14:39:17 -0800 (PST) (envelope-from freebsd-isp@masterplan.org) Received: (from uucp@localhost) by skunkworks.specialty.ab.ca (8.8.8/8.8.8) with UUCP id PAA10193 for freebsd-isp@freebsd.org; Sat, 14 Nov 1998 15:38:56 -0700 (MST) (envelope-from freebsd-isp@masterplan.org) Received: from infomat.precident.com (infomat [192.168.4.2]) by gongshow.masterplan.org (8.8.8/8.8.8) with SMTP id PAA05573 for ; Sat, 14 Nov 1998 15:36:54 -0700 (MST) (envelope-from freebsd-isp@masterplan.org) Message-Id: <199811142236.PAA05573@gongshow.masterplan.org> From: freebsd-isp@masterplan.org (Jason George) To: freebsd-isp@FreeBSD.ORG Subject: Re: VPN, an off topic question Organization: The Master Plan Always Fails... Date: Sat, 14 Nov 1998 22:37:22 GMT Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I purchased the SKIP 3 Windows software for US$100 from Sun. It does indeed interoperate with the FreeBSD code. As far as I'm concerned, the free Windows software available from www.skip.org is a waste of time. It doesn't support tunnels, and contains only the global encryption. There are caveats for the SKIP 3 software, though. The first is that the "electronically downloadable" version from Sun is the "global" (512-bit key) version. To get the "export-controlled" (1024-bit key) or "US/Canada" (2048-bit key) versions, you must order the CD directly from SunExpress. This is not necessarily obvious until _after_ Sun has electronically debited the license fee to your credit card. (Getting a refund so that I can buy the 2048-bit version is proving to be a major pain. I've talked to too many Sun employees and have over the last 3 weeks and have yet to have a suitable remedy.) The second is that when I talked to my local Sun rep, he indicated that the 2048-bit version I desired was probably going to cost me ~CDN$250 (~US$165). So be forewarned that the strong encryption will cost a little more. The third is that the "global" version only supports DES-CBC and RC2-40 for key encryption, and RC2-40 and RC4-40 for traffic encryption. This made the integration of the global Windows software into my current SKIP VPN setup for testing a little more of a pain in the ass. The fourth and final caveat is that the documentation provided with the SKIP 3 software assumes the installing user will have some already significant background in broad SKIP/encryption/VPN technology. I had little problem installing and configuring the Windows software only because I've fought a bunch of battles integrating the FreeBSD implementation. Unless you're well-grounded in the underlying premises of encryption and secure networking, you're probably going to have a frustrating time getting things to work the first time. Hope this helps. --Jason j.b.georgeieee.org jbgprecident.com > >the commerical version will interoperate with the free SKIP code (at least >it did a while ago according to the info on www.skip.org, i don't know >what's new with the product right now). i looked into it but never got the >commercial version. the free version for win95 that was/is on the skip >site had different encryption algorithms and won't work with the freebsd >version. i gave that info to somebody on this list about a year ago (or >when ever it was that i got skip going on a few machines) and i think that >he did indeed get the commercial CD and has stuff interoperating. if i >remember correctly his name was jim flowers. you can probably find >something in the list archives.... > >On 13 Nov 1998, Chris Shenton wrote: > >> Archie Cobbs writes: >> >> > Yes, PPTP is about what you'd expect from Microsoft security-wise. >> > However, it's the only instance of what the original poster asked >> > for that runs on *Win95* that I know of.. >> >> I believe Sun's SKIP runs on w95, as well as NT, Solaris. Not sure if >> that version interoperates with the free SKIP code which has been >> ported to FreeBSD et al. >> >> To Unsubscribe: send mail to majordomo@FreeBSD.org >> with "unsubscribe freebsd-isp" in the body of the message >> > > >--------------------------------------------- >The devil finds work for idle circuits to do. >--------------------------------------------- >zoonie at myhouse dot com > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message